CrowdStrike effectively bricked windows, Mac and Linux today.

Good thing is the kind of people making decisions based on buzzword-bongo filled PR campaigns like Crowdstrike's are already forcing their IT to use Windows anyway.

I'm sure the three people that use Linux and Crowdstrike together would have been very upset. 🤣

Yes and no. Linux is inherently more diverse. All the different distros doing things in different ways, sometimes with different components. It's not as much of a monoculture as Windows. There isn't a Linux that 90% is.

I didn’t actually think about what all these wild AV systems could do, but that’s incredibly broad access.

Always has been. I've clean Symantec A/V off way too many systems in my time, post BSOD. That crap came pre-loaded on so many systems, and then borked them. The problem is, that in order to actually protect system from malware, the A/V has to have full, kernel level access. So, when it goes sideways, it usually takes the system down. I've seen BSODs caused by just about every vendor's A/V or EDR product. Shit happens. Everyone makes mistakes, but when that mistake is in A/V or EDR, it usually means a BSOD.

Maybe I’m just old, but it always strikes me as odd that you’d spend so much money on that much intrusive power that on a good day slows your machines down and on a bad day this happens.
I get that Users are stupid. But maybe you shouldn’t let users install anything. And maybe your machines shouldn’t have access to things that can give them malware. Some times, you don’t need everything connected to a network.

It's tough. The Internet and access to networks provides some pretty good advantages to users. But, it also means users making mistakes and executing malware. And much of the malware now is targeted at user level access; so, you can't even prevent malware by denying local admin/root. Ransomware and infostealers don't need it. A/V ends up being a bit of a backstop to some of that. Sure, it mostly is a waste of resources and can break stuff when things go bad. But, it can also catch ransomware or alert network defenders to infostealers. And either of those can result in a really, really bad day. A ransomed network is a nightmare. And credentials being stolen and not known about can lead to all kinds of bad stuff. If A/V catches or alerts you to just one or two of those events and lets you take action early, it may pay for itself (even with this sort of FUBAR situation) several times over.

That really depends on the distro, most of them, no.

Companies use the same software on Linux and Mac systems, and it's a kernel module there as well; this could have happened to any OS that companies are using it on, it just happened to happen on Windows.

Giving kernel access to outside software is always a risk; these companies chose to take that risk

The reason Windows gets attacked so much to begin with is because of its market share, not necessarily how vulnerable it is. If you want to cast as wide a net as possible while wasting as little effort as possible, why the fuck would you target the lesser used OSes? In the same vein, why would you invest so much in protecting OSes that aren’t as big of targets as Windows? Your comment sounds as ill informed as those people that think Macs can’t get viruses.