Up to 8.5 million Windows devices were affected by Friday's IT outage after Crowdstrike's antivirus update went awry.
Kind of sharing this because the headline is a little sensationalist and makes it sound like MS is hard right (they are, but not like this) and anti-EU.
I mean, they probably are! Especially if it means MS is barred from monopolies and vertical integration.
There was a System component called Microsoft Defender that made all other AV obsolete.
Obviously, this caused a lot of European AntiVirus vendors and Intrusion Tool vendors to get upset so there was a court case to prevent Microsoft from bundling Defender with Windows for corporate customers.
Microsoft is arguing that if it wasn’t for the Court Case artificially opening the market to incompetent vendors, the problem wouldn’t have occurred.
Windows has had some major security flaws over the years but ever since Vista, (and before that XPSP2), they have made a concerted effort to fix them. This has caused quite a few compatibility issues for programs that (ab)used these security flaws due to lazy or malicious programming.
Windows has had some major security flaws over the years but ever since Vista, (and before that XPSP2), they have made a concerted effort to fix them.
I don’t think we need to characterise famously monopolistic/anticompetitive Microsoft as an UwU “trying my best!~” anime character (it’s been done) that needs to be left alone to do their thing while we cheer it on, dawg. There are many issues with how this all went down, and Microsoft is just opportunistically taking shots at their arch-nemesis, legislation specifically targeted at their core business strategy of anti-competition.
Even if that's all true and not missing any context it's a pretty bold argument to blame the EU instead of the incompetent vendors themselves or the companies with sufficiently poor practices that this update was pushed to all users without proper testing and validation. Microsoft themselves isn't above pushing a bad update, and it's obviously not like crowdstrike are an unknown bunch of yahoos that everyone should have known not to trust. Instead, largely because of the anticompetitive practices of every company in the IT industry we find ourselves once again facing massive systemic disruptions from a small error in one component of the wider infrastructure.
Microsoft has Windows Defender, its in-house alternative to CrowdStrike, but because of the 2009 agreement made to avoid a European competition investigation, had allowed multiple security providers to install software at the kernel level.
I’ve always insisted that Defender is the best AntiVirus and Intrusion prevention solution for any Windows Machine.
MS has a vested interest in making sure nothing bad gets publicised about their OS. As long as the threat exists, (and barring regulatory restrictions) MS will maintain the best intrusion prevention and detection features.
The AntiVirus industry has a vested interest in scaring people into continuing to pay their subscriptions.
There are even some conspiracy theories going around that some AV vendors actually pushed viruses into the wild that they could intercept but their competitors couldn’t.
Apple Computers have a reputation of not having viruses (even through they do) partially due to the Security/Obscurity myth and partially because they lock down macOS and have tightly integrated in-house virus detection. The other reason is that their user base is almost exclusively End-User Retail, which is not currently a profitable target.
i find the level of ms apologia unsettling. remember, we're only a few news cycles away from the time ms almost shipped windows with spyware and keylogger built-in
macOS has some level of application sandboxing, Windows apps, in practice, have none. They tried it a bit years ago but immediately gave up. Antivirus has always been the dumbest solution.
As vehemently anti-Microsoft as I am (and seeing this with Apple tinted glasses), I have to agree. I believe Apple having full control over their kernel is best for users because of the same arguments you’ve made — I can’t argue that Apple should while saying Microsoft should not.
I don’t really know anything about Defender but I do believe the software vendor itself should be and is responsible. I’m very liberal and I love what the EU is doing in some areas but I think some of it (like this) is a bit over the top.
I can't get over how absolutely awful everything and everyone involved is here.
The terrible Windows kernel, the awful MSFT practices, the horrible engineering decisions, and the propretiary AntiVirus market that shouldn't exist as it is an afront to everything good and beautiful in this world. People who shouldn't be trusted with a soft cushion out of concern that they'd wreck havoc, but vested with so much real power they can bring down airports, hospitals, half of the global infrastructure to a screeching halt.
We should be suing Bill Gates' parents for damages their frivolous decision to bear children caused.
But do they have a scheduled weekly email with a list of tests that are known to be broken and allowed to fail in CI that then has to be manually checked against the test run report before merging? LIKE MICROSOFT DOES FOR AT LEAST ONE MISSION CRITICAL SERVICE I WORKED ON?