cross-posted from: https://awful.systems/post/1965658

Kind of sharing this because the headline is a little sensationalist and makes it sound like MS is hard right (they are, but not like this) and anti-EU.

I mean, they probably are! Especially if it means MS is barred from monopolies and vertical integration.

  • connaisseur
    link
    fedilink
    English
    arrow-up
    60
    arrow-down
    2
    ·
    4 months ago

    Soooo… EU is responsible to write Crowdstrike code with bugs that gets deployed without any QA? Interesting. And EU is directing rules for the rest of the world as well, where the same issue happened as within EU? This is populist bullshit in full swing.

    • KasimirDD
      link
      fedilink
      English
      arrow-up
      47
      arrow-down
      1
      ·
      edit-2
      4 months ago

      As far as I understand it, the EU is to blame because it forced Microsoft to open up the Windows kernel for software such as Crowdstrike’s. Why the Linux kernel has protection against precisely the flaw that has occurred and the Windows kernel does not, however, remains MS’s secret.

      • connaisseur
        link
        fedilink
        English
        arrow-up
        31
        ·
        edit-2
        4 months ago

        The regulation only states that there must be a level playing field with respect to API access and possibilities in comparison for Microsoft tools and 3rd party tools. The regulation does not state that the APIs have to be inherently insecure and unstable if used in a wrong way, which is what happened. Crowdstrike released a buggy update that crashed their own driver, which is just showing how bad their software as a whole really is.

      • misk@sopuli.xyz
        link
        fedilink
        English
        arrow-up
        7
        ·
        4 months ago

        Linux has the same issue and was also affected by Crowdstrike earlier this year.

        • KasimirDD
          link
          fedilink
          English
          arrow-up
          10
          ·
          4 months ago

          I know, but someone (KP Singh, I think?) already provided a fix for this. In the end, it’s not about any system being error-free, but about how these errors are dealt with. Crowdstrike screwed up and Microsoft could have fixed this vulnerability after the Linux kernel incident. Maybe. But now pointing the finger at an uninvolved third party is just PR.