• 1 Post
  • 5 Comments
Joined 8 months ago
cake
Cake day: March 22nd, 2024

help-circle


  • cqst@lemmy.blahaj.zonetolinuxmemes@lemmy.worldIT Department's Plan
    link
    fedilink
    arrow-up
    15
    arrow-down
    1
    ·
    edit-2
    4 months ago

    Also: don’t trust your employees to boot into safe mode. Trust a 3rd party to freely install system level files at any time.

    Exactly. This is exactly the problem, and unless people wisen up the software security problem is only going to get worse. Companies and Governments need to rethink how they approach security entirely. This is a preview of what is to come, its only going to get worse and more damaging from here, and none of the vendors care.


  • cqst@lemmy.blahaj.zonetolinuxmemes@lemmy.worldIT Department's Plan
    link
    fedilink
    arrow-up
    17
    arrow-down
    5
    ·
    edit-2
    4 months ago

    I’m pretty sure Windows is plenty secure.

    Haha sure. Windows NT MIGHT be considered ‘secure’ from an architectural standpoint but literally of this falls apart when you tape all the Microsoft Dark Patterns on it that ruin the security. Its a joke, and that’s the entire problem.

    Think: Microsoft Accounts, now the “secure” Windows NT Local User Authentication is effectively backdoored by MS and makes you vulnerable to phishing attacks. Windows Update: Constantly pushing dark patterns and ‘features’ that it discourages people from updating so then guess what, people don’t update! The fact that Windows so easily allows Crowdstrike to make system level changes like this without trying a whiny fit is also apart of it. Think about the fact how easily Microsoft allows stuff like Valorant anti-cheat and Crowdstrike, which are effectively rootkits, to be installed with one UAC prompt. In reality this issue is not really Microsoft’s fault directly, but in a bunch of indirect ways they encourage this and allow it to happen, and we have seen time and time again, Microsoft DOES NOT CARE ABOUT SECURITY.

    If anything this “Crowdstrike” software showcases the endemic problem in software security and how our system is failing and continuing to fail us. Its an anti-virus, but we already HAVE Windows Defender. These corporations should not be using some random 3rd party Antivirus, I doubt it even does much good, its just cargo-culting “oh, this is industry standard, so we have to use it.” This is the kind of thinking/approach that Microsoft encourages.