XPost: talk.politics.misc, alt.security

"26yh.0712" <26yh.0713@e6t5y.net> writes:

Ah ... wunnerful Winders :-)

It should be banned as a socioeconomic WMD ...

Imagine systemd swallowing package management, doing automagic
security updates and such a "MSLinux" monoculture.

Wouldn't that be similarly vulnerable?

IMO "MSLinux" everywhere would have the same problem.

I think redundancy, diversity and reducing complexity is the right
answer.

--
I do not bite, I just want to play.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On 7/19/24 10:47 AM, 26yh.0712 wrote:

https://www.france24.com/en/technology/20240719-global-cyber-outage-linked-to-microsoft-slams-travel-media-financial-telecom-sectors

Global computer outage linked to security firm CrowdStrike
grounds flights, hits banks, media

. . .

  Ah ... wunnerful Winders  :-)

  It should be banned as a socioeconomic WMD ...

  This was supposed to be an "update" from a
  FRIENDLY entity. What about all the UN-friendly
  actors in the world these days ?

Yeah I know several people who were told to just not come into work this morning. Can't imagine the chaos an actual happening would bring.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

In comp.os.linux.misc 26yh.0712 <26yh.0713@e6t5y.net> wrote:

https://www.france24.com/en/technology/20240719-global-cyber-outage-linked-to-microsoft-slams-travel-media-financial-telecom-sectors

Global computer outage linked to security firm CrowdStrike
grounds flights, hits banks, media

<snip>

You heard it here first :)

I guess here in the US, there will be Congressional
Inquiries into this and how to stop it from happening
again.

For people not in the US, "Congressional Inquiries"
in most cases is a fund raiser, or as non-US people
refer to them "Bribe Requests" :(

Nothing ever comes from these Inquiries.

--
csh(1) - "An elegant shell, for a more... civilized age."
- Paraphrasing Star Wars

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On 7/19/24 12:03 PM, yeti wrote:

"26yh.0712" <26yh.0713@e6t5y.net> writes:

Ah ... wunnerful Winders :-)

It should be banned as a socioeconomic WMD ...

Imagine systemd swallowing package management, doing automagic
security updates and such a "MSLinux" monoculture.

Wouldn't that be similarly vulnerable?

IMO "MSLinux" everywhere would have the same problem.

I think redundancy, diversity and reducing complexity is the right
answer.

But it's an answer apparently very difficult
to arrive at. Corps/managers don't WANT to
pay for "diversity" or "redundancy" and,
as with almost any kind of system "complexity"
(and thus 'opacity') always increases.

Big-Money Biz should stick to some kind of Unix
or Linux (pref WITHOUT systemd). Winders looks
pretty and seems friendly - but then so does
a tiger until ......

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On 2024-07-19, 26yh.0712 <26yh.0713@e6t5y.net> wrote:

On 7/19/24 12:03 PM, yeti wrote:

I think redundancy, diversity and reducing complexity is the right
answer.

But it's an answer apparently very difficult
to arrive at. Corps/managers don't WANT to
pay for "diversity" or "redundancy" and,
as with almost any kind of system "complexity"
(and thus 'opacity') always increases.

This is often by design. Complexity is a weapon -
it ties your victims - and competitors - in knots,
and makes it easy to hide all sorts of nasty stuff.
This has been known by politicians and bureaucrats
for centuries.

Big-Money Biz should stick to some kind of Unix
or Linux (pref WITHOUT systemd). Winders looks
pretty and seems friendly - but then so does
a tiger until ......

Hmmm, reminds me of the ending of the movie "Don't Look Up"...

--
/~\ Charlie Gibbs | We'll go down in history as the
\ / <cgibbs@kltpzyxm.invalid> | first society that wouldn't save
X I'm really at ac.dekanfrus | itself because it wasn't cost-
/ \ if you read it the right way. | effective. -- Kurt Vonnegut

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On Fri, 19 Jul 2024 16:45:34 +0042, yeti wrote:

Imagine systemd swallowing package management, doing automagic security updates and such a "MSLinux" monoculture.

Wouldn't that be similarly vulnerable?

Obviously not.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On Fri, 19 Jul 2024 21:53:05 -0400, 26yh.0712 wrote:

Linux/Unix is, or can be, "better" ... but even most Linux distros
now are quite large and complex and way too heavy on GUI bells and
whistles.

Old engineering adage: in any system, the complexity arises not so much
from the number of components, as from the number of potential
interactions between them.

This is why Linux is more robust than Windows.

Don’t like those “GUI bells and whistles”? Don’t install them. That’s not
a choice Windows gives you.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On 7/19/24 7:18 PM, Charlie Gibbs wrote:

On 2024-07-19, 26yh.0712 <26yh.0713@e6t5y.net> wrote:

On 7/19/24 12:03 PM, yeti wrote:

I think redundancy, diversity and reducing complexity is the right
answer.

But it's an answer apparently very difficult
to arrive at. Corps/managers don't WANT to
pay for "diversity" or "redundancy" and,
as with almost any kind of system "complexity"
(and thus 'opacity') always increases.

This is often by design. Complexity is a weapon -
it ties your victims - and competitors - in knots,
and makes it easy to hide all sorts of nasty stuff.
This has been known by politicians and bureaucrats
for centuries.

'Complexity' CAN be a sort of weapon ... but in the
whole computer universe - and I got in pre-PCs -
we're mostly looking at 'feature creep' ... with
every developer thinking they're doing good. I've
writ enough complicated software - and then you
get back to it and it's "Oh ... wouldn't it be
great if it could do *this* and *that* and look
nicer ?". Pretty soon you have spaghetti code even
you yourself can't follow nor find all the possible
flaws within.

Winders is a good example. It is said that the last
old guy who could hold the whole system in his head,
anticipate actions/reactions, retired right after
Win2K. Since then ......

Linux/Unix is, or can be, "better" ... but even
most Linux distros now are quite large and complex
and way too heavy on GUI bells and whistles. Now
idiots have messed up even Debian, probably hired
some rejects from Canonical, much more complication
and absolutely pointless deviations from the old
norms. We need a genuine FORK, built starting from
maybe BullsEye, maybe even Buster, but now there
are just SO many distros .........

Big-Money Biz should stick to some kind of Unix
or Linux (pref WITHOUT systemd). Winders looks
pretty and seems friendly - but then so does
a tiger until ......

Hmmm, reminds me of the ending of the movie "Don't Look Up"...

NOT sure I've ever seen that one ....

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On 7/19/24 12:24 PM, John McCue wrote:

In comp.os.linux.misc 26yh.0712 <26yh.0713@e6t5y.net> wrote:

https://www.france24.com/en/technology/20240719-global-cyber-outage-linked-to-microsoft-slams-travel-media-financial-telecom-sectors

Global computer outage linked to security firm CrowdStrike
grounds flights, hits banks, media

<snip>

You heard it here first :)

I guess here in the US, there will be Congressional
Inquiries into this and how to stop it from happening
again.

Oh yea ... "Congressional inquiries" always fix stuff ! :-)

For people not in the US, "Congressional Inquiries"
in most cases is a fund raiser, or as non-US people
refer to them "Bribe Requests" :(

Nothing ever comes from these Inquiries.

CrowdStrike and some others will now be obligated
to increase their "donations" to the Pols.

Bill Gates learned early on to keep his pols WELL
greased.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On 7/19/24 12:09 PM, Anna wrote:

On 7/19/24 10:47 AM, 26yh.0712 wrote:

https://www.france24.com/en/technology/20240719-global-cyber-outage-linked-to-microsoft-slams-travel-media-financial-telecom-sectors


Global computer outage linked to security firm CrowdStrike
grounds flights, hits banks, media

. . .

   Ah ... wunnerful Winders  :-)

   It should be banned as a socioeconomic WMD ...

   This was supposed to be an "update" from a
   FRIENDLY entity. What about all the UN-friendly
   actors in the world these days ?

Yeah I know several people who were told to just not come into work this morning. Can't imagine the chaos an actual happening would bring.

Hell, Homeland actually woke-up Biden at 4am to
inform him that a global cyber-attack might be
underway .......

Not sure Joe understands "cyber-attack" very well,
but it WAS their duty to inform him :-)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On 7/19/24 10:12 PM, Lawrence D'Oliveiro wrote:

On Fri, 19 Jul 2024 21:53:05 -0400, 26yh.0712 wrote:

Linux/Unix is, or can be, "better" ... but even most Linux distros
now are quite large and complex and way too heavy on GUI bells and
whistles.

Old engineering adage: in any system, the complexity arises not so much
from the number of components, as from the number of potential
interactions between them.

Quite correct - and everything in Winders these days
is tied to pretty much everything else. No WAY to
pin down all the possible interactions.

This is why Linux is more robust than Windows.

For NOW ... but Linux does seem to be drifting in
the Winders direction and for many of the same
reasons. Seems like every little install or update
the list of dependencies, and dependencies of the
dependencies and so forth, gets longer and longer.

I can no longer trace a fault or weirdness through
all that mess.

I've been using Manjaro on a couple of boxes of
late since I went off Deb. Try to install or
update most ANYTHING and it totally re-loads
about 1.5gb worth of system. That's their
sledgehammer "fix" for the dependencies issue ...

Don’t like those “GUI bells and whistles”? Don’t install them. That’s not
a choice Windows gives you.

Well ... there IS a 'terminal', of sorts :-)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On Fri, 19 Jul 2024 21:53:05 -0400, 26yh.0712 wrote:

'Complexity' CAN be a sort of weapon ... but in the
whole computer universe - and I got in pre-PCs - we're mostly looking
at 'feature creep' ... with every developer thinking they're doing
good. I've writ enough complicated software - and then you get back
to it and it's "Oh ... wouldn't it be great if it could do *this* and
*that* and look nicer ?". Pretty soon you have spaghetti code even
you yourself can't follow nor find all the possible flaws within.

Feature creep cna happen up front. We've has a couple of programmers that
wrote very flexible, complicated code to cover every future possibility
they could think of. 20 years later the future stuff never happened and
you're left with a maintenance nightmare.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On Fri, 19 Jul 2024 22:57:49 -0400, 26yh.0712 wrote:

I've been using Manjaro on a couple of boxes of late since I went off
Deb. Try to install or update most ANYTHING and it totally re-loads
about 1.5gb worth of system. That's their sledgehammer "fix" for the
dependencies issue ...

I knew what I was getting into but today's upgrades want to upgrade 246 packages and replace the kernel for a little under 1 GB of downloads. It's
the KDE spin so a lot of it seems to be getting plasma, Qt, and kwhatever
to play nice. Almost every day is a new batch of upgrades.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On Fri, 19 Jul 2024 22:57:49 -0400, 26yh.0712 wrote:

On 7/19/24 10:12 PM, Lawrence D'Oliveiro wrote:

This is why Linux is more robust than Windows.

For NOW ... but Linux does seem to be drifting in the Winders
direction ...

No, it’s not.

I've been using Manjaro on a couple of boxes of late since I went off
Deb. Try to install or update most ANYTHING and it totally re-loads
about 1.5gb worth of system. That's their sledgehammer "fix" for the dependencies issue ...

That’s just one distro.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On 7/20/24 12:35 AM, rbowman wrote:

On Fri, 19 Jul 2024 22:57:49 -0400, 26yh.0712 wrote:

I've been using Manjaro on a couple of boxes of late since I went off
Deb. Try to install or update most ANYTHING and it totally re-loads
about 1.5gb worth of system. That's their sledgehammer "fix" for the
dependencies issue ...

I knew what I was getting into but today's upgrades want to upgrade 246 packages and replace the kernel for a little under 1 GB of downloads. It's the KDE spin so a lot of it seems to be getting plasma, Qt, and kwhatever
to play nice. Almost every day is a new batch of upgrades.

Hell, I used the XFCE spin ... a lot smaller ... but STILL !

As I've said before - SOMETHING needs to be done about
the Dependencies Issue in Linux. Every lib needs to be
guarenteed to be 100% backwards compatible over LONG
time spans - and apps need to be happy with ANY libs of
the right names ... screw version/sub/sub-sub numbers ...
that still contain the code/function-names they need. It'd
require a slightly different style of programming and
packaging info.

Without that, I don't see how Linux can go much
further forward. Compared to a decade ago it's
a MESS - and there's nothing new on the horizon
that might replace it. Do we, the world, WANT
to be stuck with naught but M$ and the wormy
apple ??? If so, the cyber-villains have
already won and we'll be back to exchanging
pigs for chickens again.

As for Biz ... I'd still say to go with some kind
of Unix at this time. Some of the apps might have
that 80s terminal/curses look but they'd be SOLID.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On Sat, 20 Jul 2024 02:00:19 -0400, 26yh.0712 wrote:

As I've said before - SOMETHING needs to be done about the
Dependencies Issue in Linux.

Create a new, smaller distro! That contains only the functionality you
care about!

The code doesn’t write itself, you know.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On 20/07/2024 05:30, rbowman wrote:

On Fri, 19 Jul 2024 21:53:05 -0400, 26yh.0712 wrote:

'Complexity' CAN be a sort of weapon ... but in the
whole computer universe - and I got in pre-PCs - we're mostly looking
at 'feature creep' ... with every developer thinking they're doing
good. I've writ enough complicated software - and then you get back
to it and it's "Oh ... wouldn't it be great if it could do *this* and
*that* and look nicer ?". Pretty soon you have spaghetti code even
you yourself can't follow nor find all the possible flaws within.

Feature creep cna happen up front. We've has a couple of programmers that wrote very flexible, complicated code to cover every future possibility
they could think of. 20 years later the future stuff never happened and you're left with a maintenance nightmare.

I remember US robotics sold future proof modems that could be upgraded.
No one ever did.

They threw them and bought the newer modems instead

--
"When one man dies it's a tragedy. When thousands die it's statistics."

Josef Stalin

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

(Newsgroups limited to comp.os.linux.misc. talk.politics.misc, really!?)

On 2024-07-20, Lawrence D'Oliveiro wrote:

On Fri, 19 Jul 2024 16:45:34 +0042, yeti wrote:

Imagine systemd swallowing package management, doing automagic security
updates and such a "MSLinux" monoculture.

Wouldn't that be similarly vulnerable?

Obviously not.

As far as both are Turing-complete, there's probably not much difference
in capabilities for this discussion. Windows does not hold a monopoly in
the capability to run code with errors.

(In fact, given that Broadcom has their own wireless linux drivers,
possibly with the same quality level as their firmware...)

I'd say what happened here was probably a bad decision or mistake in how
data gets processed in a driver. Linux and FLOSS in general would be
similarly vulnerable if some mechanism like that is in use. A
significant difference would be that (at least with the source
available) one could try to see what code is running in the driver and
spot coding issues that could lead to this sort of situation.

But immediately ruling out this scenario for Linux systems sounds quite unrealistic to me. (And, from what I've read yesterday, I got the
impression that there had been a similar incident with Linux systems,
but I didn't study that further.)

--
Nuno Silva
(Who might like to point out Broadcom's WLAN quality way too often)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In Message-ID: <-7CcndX6lpSstAb7nZ2dnZfqnPudnZ2d@earthlink.com> 26yh.0712:

[Snip...]

Bill Gates learned early on to keep his pols WELL greased.

Quoting ProPublica:

A full, public accounting of what happened in the Solar Winds case would
have been devastating to Microsoft. ProPublica recently revealed that
Microsoft had long known about — but refused to address — a flaw used
in the hack. The tech company’s failure to act reflected a corporate
culture that prioritized profit over security and left the U.S. government vulnerable, a whistleblower said.

Please excuse any snits slrn had about this reference URL:

https://www.propublica.org/article/cyber-safety-board-never-investigated- solarwinds-breach-microsoft

--
Regards, Weird (Harold Stevens) * IMPORTANT EMAIL INFO FOLLOWS *
Pardon any bogus email addresses (wookie) in place for spambots.
Really, it's (wyrd) at att, dotted with net. * DO NOT SPAM IT. *
I toss GoogleGroup (http://twovoyagers.com/improve-usenet.org/).

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In <lg0t4gFpjftU4@mid.individual.net> rbowman:

[Snip...]

today's upgrades want to upgrade 246 packages and replace the
kernel for a little under 1 GB of downloads. It's the KDE spin
so a lot of it seems to be getting plasma, Qt, and kwhatever
to play nice. Almost every day is a new batch of upgrades.

I used to love KDE, starting (I think) with very old SUSE.

I reluctantly dropped KDE and Gnome for similar reasons noted.

I dropped Ubuntu for Debian over their 5-system (or WTF) limits
(etc) on non-commercial free support, a year or so ago.

Now, it's Debian and Xfce/Openbox everywhere, for my part.

BTW: I tolerate systemd only because Torvalds seems to, too.

Clearly, I'm a Greybeard from Sun SPARCstation and Dilbert days
and creeping Macroslop-like featurism in coding and support bug
the living hell outta me.

--
Dropped Ubuntu for Debian over their 5-system (or WTF) limit on
Pardon any bogus email addresses (wookie) in place for spambots.
Really, it's (wyrd) at att, dotted with net. * DO NOT SPAM IT. *
I toss GoogleGroup (http://twovoyagers.com/improve-usenet.org/).

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

followups trimmed to comp.os.linux.misc

In comp.os.linux.misc yeti <yeti@tilde.institute> wrote:

"26yh.0712" <26yh.0713@e6t5y.net> writes:

Ah ... wunnerful Winders :-)

It should be banned as a socioeconomic WMD ...

Imagine systemd swallowing package management, doing automagic
security updates and such a "MSLinux" monoculture.

I can see this happening, I think they just swallowed sudo.

Wouldn't that be similarly vulnerable?

Maybe, any complex solution is open to vulnerabilities. I
think (hope) these changes would be tested better than
crowdstrike was. But as things get more complex, the harder
to test :(

I still think these changes Red Hat is pushing is their way
to make things easier for admins, but to me, eventually you
end up with a Windows clone. Now I wonder if they will "AI"
systemd, I think it is possible since IBM seems to be
getting into AI.

IMO "MSLinux" everywhere would have the same problem.

I think redundancy, diversity and reducing complexity is the right
answer.

--
csh(1) - "An elegant shell, for a more... civilized age."
- Paraphrasing Star Wars

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

The Natural Philosopher wrote:

I remember US robotics sold future proof modems that could be upgraded.

Only the "Courier" model had DSP upgrades, other models like "Sportster"
only had firmware upgrades.

No one ever did.

When I bought mine, Demon supported 14.4kbps, that modem was upgraded
all the way to 56kbps.

They threw them and bought the newer modems instead

Still have a couple here.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

Lawrence D'Oliveiro wrote:

Don’t like those “GUI bells and whistles”? Don’t install them. That’s not
a choice Windows gives you.

Oh? Windows Server Core.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On 2024-07-20, 26yh.0712 <26yh.0713@e6t5y.net> wrote:

Do we, the world, WANT
to be stuck with naught but M$ and the wormy
apple ???

"Ooooh, shiny!"

(In other words, for suitable values of "the world",
the answer is a resounding yes.)

If so, the cyber-villains have
already won and we'll be back to exchanging
pigs for chickens again.

I'll raise you two hens and a rooster.

As for Biz ... I'd still say to go with some kind
of Unix at this time. Some of the apps might have
that 80s terminal/curses look but they'd be SOLID.

I still see curses-style screens in some commercial
venues. They're not only solid but lightning-fast.
But all they give you is what you need, so I don't
see them getting far in the mass market...

--
/~\ Charlie Gibbs | We'll go down in history as the
\ / <cgibbs@kltpzyxm.invalid> | first society that wouldn't save
X I'm really at ac.dekanfrus | itself because it wasn't cost-
/ \ if you read it the right way. | effective. -- Kurt Vonnegut

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 7/20/24 6:08 AM, Nuno Silva wrote:

As far as both are Turing-complete, there's probably not much difference
in capabilities for this discussion. Windows does not hold a monopoly in
the capability to run code with errors.

(In fact, given that Broadcom has their own wireless linux drivers,
possibly with the same quality level as their firmware...)

For thirty years people have been saying stupid and meaningless stuff
like this. It is garbage.

The Windows situation... OBVIOUSLY... would never happen in a Linux
evironment although systemd makes a huge step forward to make it possible.

It has nothing to do with turing machines and advanced theoretical calculations. It has to do with the more secure Unix level design for
Linux based systems and the way decisions are made in Linux development
and how updates are run and generated.

Does this make Linux perfect.. No. But it gives it a shot. MS makes
insecure decisions from the ground up for business decisions. We have
spent a lift time watch MS systems doing things they just should be able
to do making them rich targets for visues big and small, and malware...
things like runnng fucking email as an executable binary and autoruning
DVD software etc etc. I can't even begin to discuss what it does to the browser.


So please... put your bullshit away.

THis was inevitable and it is inevitable to happen again.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 20 Jul 2024 06:08:50 -0400, Nuno Silva <nunojsilva@invalid.invalid> wrote:
<snip>

But immediately ruling out this scenario for Linux systems sounds quite unrealistic to me. (And, from what I've read yesterday, I got the
impression that there had been a similar incident with Linux systems,
but I didn't study that further.)

The failure was caused by one company that provides security software that
runs with the windows equivalent of root privileges, that failed to properly test an update.

Pushing an update for privileged software to tens of thousands of systems
all at once is never a good idea. It should have been done in stages starting with a small number of systems, with verification that it was working properly at each stage of the roll out.

The are very few cases where an update can not be done in stages, and in those cases the testing in a simulated environment must be extra careful.

In this case it came back to destroy the reputation of the security software provider. A company that is supposed to be security oriented should is expected to do better. I'll be surprised if the lawsuits from this don't put them into bankruptcy.

The os doesn't matter. Anyone can make a mistake. It's the lack of testing and the bad deployment strategy combined with the large number of mission critical systems that were impacted that made the problem more severe.

Microsoft is also at fault for allowing updates to be pushed to their cloud customer's systems without staged roll out and testing. That's why the update was able to impact so many systems, with so many of them being mission critical.
Many companies migrated to using cloud systems specifically to avoid situations like this.

From what little has been disclosed, my guess is that the problem was a false positive in malware detection, likely from what was thought to be a minor signature update. While stuff like that happens easily, it should be expected to possibly happen. Proper testing and update roll out procedures would have mitigated the damage instead of causing the impact it did cause.

This will remind everyone that no update is minor when the systems being updated
are mission critical, and to always stage roll outs when a large number of systems are impacted.

Regards, Dave Hodgins

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On 7/20/24 1:43 PM, Charlie Gibbs wrote:

On 2024-07-20, 26yh.0712 <26yh.0713@e6t5y.net> wrote:

Do we, the world, WANT
to be stuck with naught but M$ and the wormy
apple ???

"Ooooh, shiny!"

I do get that reference :-)

(In other words, for suitable values of "the world",
the answer is a resounding yes.)

I have less care for MOST of the world in this
respect ... if they want "shiny", well, fine -
but they can't bitch when it all goes to hell.

But for Big Biz, banks, hospitals, industry, NONE
should be using M$.

Not 100% sure about Mac ... it's a Unix under the
hood, but they've added SO much to it ... is it
really any more secure/stable than M$ anymore ?

If so, the cyber-villains have
already won and we'll be back to exchanging
pigs for chickens again.

I'll raise you two hens and a rooster.

I'll see that with a basket of turnips.

As for Biz ... I'd still say to go with some kind
of Unix at this time. Some of the apps might have
that 80s terminal/curses look but they'd be SOLID.

I still see curses-style screens in some commercial
venues. They're not only solid but lightning-fast.
But all they give you is what you need, so I don't
see them getting far in the mass market...

I never curse curses screens. It is possible to make
them very nice and STILL use like one percent the
processor/code of a GUI equiv. Even GWBASIC that
came with the old IBM-PCs had x-y cursor placement
and text color (you could do the same with the BIOS
routines). That made it possible to create nice
displays.

Didja notice how much of a pain it is these days to get
at those line/corner/bracket/etc ASCII chars these days -
UNICODE !

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On 7/20/24 12:25 PM, Andy Burns wrote:

The Natural Philosopher wrote:

I remember US robotics sold future proof modems that could be upgraded.

Only the "Courier" model had DSP upgrades, other models like "Sportster"
only had firmware upgrades.

No one ever did.

When I bought mine, Demon supported 14.4kbps, that modem was upgraded
all the way to 56kbps.

They threw them and bought the newer modems instead

Still have a couple here.

I remember doing Compuserve Forums with a USR plugged
into a dumb terminal - 9600 baud - and the BBS's even
earlier - 300 baud. At 300 you can read the text real
time as it comes in :-)

ATTD ...

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 20 Jul 2024 16:05:05 -0400, David W. Hodgins wrote:

Pushing an update for privileged software to tens of thousands of
systems all at once is never a good idea. It should have been done in
stages starting with a small number of systems, with verification that
it was working properly at each stage of the roll out.

Canary testing is definitely beneficial. Even worse, our support people
are indoctrinated from Day One that unless the system is completely broken
and can't get any worse never push out updates on Friday when everyone is headed to the beach.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On 7/20/24 12:18 PM, Andy Burns wrote:

Lawrence D'Oliveiro wrote:

Don’t like those “GUI bells and whistles”? Don’t install them. That’s not
a choice Windows gives you.

Oh?  Windows Server Core.

True.

But it's still full of M$ code.

I note that even today's news is still dwelling
on the CrowdStrike debacle and beyond. This hit
SUCH a broad range and volume of vital biz interests
that nobody's been able to sweep it under the rug.

An actual Russian/Chinese cyber-hit would be likely
ten times as bad - and hit industrial/utility systems
as well. Hard to download yer patches when the lights
are out ....

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Harold Stevens <wookie@aspen.localdomain> wrote:

In Message-ID: <-7CcndX6lpSstAb7nZ2dnZfqnPudnZ2d@earthlink.com> 26yh.0712:

[Snip...]

Bill Gates learned early on to keep his pols WELL greased.

Quoting ProPublica:

A full, public accounting of what happened in the Solar Winds case would
have been devastating to Microsoft. ProPublica recently revealed that Microsoft had long known about -- but refused to address -- a flaw used
in the hack. The tech company's failure to act reflected a corporate
culture that prioritized profit over security and left the U.S. government vulnerable, a whistleblower said.

Please excuse any snits slrn had about this reference URL:

https://www.propublica.org/article/cyber-safety-board-never-investigated-solarwinds-breach-microsoft

That was very interesting. Although following the link to the
article about the whistleblower who quit Microsoft, guess who hired
them next?

""The decisions are not based on what's best for Microsoft's
customers but on what's best for Microsoft," said Harris, who now
works for CrowdStrike, a cybersecurity company that competes with
Microsoft." ...
https://www.propublica.org/article/microsoft-solarwinds-golden-saml-data-breach-russian-hackers

So it indeed seems like you can't really rely on any company in
this market.

--
__ __
#_ < |\| |< _#

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On Sat, 20 Jul 2024 17:18:11 +0100, Andy Burns wrote:

Lawrence D'Oliveiro wrote:

Don’t like those “GUI bells and whistles”? Don’t install them. That’s not
a choice Windows gives you.

Oh? Windows Server Core.

Lots of things don’t work under that. Call it “Windows Server Crippled Core”.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:

But immediately ruling out this scenario for Linux systems sounds quite unrealistic to me. (And, from what I've read yesterday, I got the
impression that there had been a similar incident with Linux systems,
but I didn't study that further.)

Sure. But remember, the various pieces of a Linux system are just
inherently put together in a more modular, flexible fashion, and that
includes systemd. That does reduce the chance for trouble quite
significantly.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 20 Jul 2024 16:05:05 -0400, David W. Hodgins wrote:

Pushing an update for privileged software to tens of thousands of
systems all at once is never a good idea. It should have been done in
stages starting with a small number of systems, with verification that
it was working properly at each stage of the roll out.

They probably did exactly that. They almost certainly followed exactly the
same testing and rollout procedure they had followed a hundred or a
thousand times before. But with Windows, that is no longer a guarantee of success.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On 20 Jul 2024 23:23:08 GMT, rbowman wrote:

Even worse, our support people
are indoctrinated from Day One that unless the system is completely
broken and can't get any worse never push out updates on Friday when
everyone is headed to the beach.

What happens when the malware folks start releasing their zero-days on a Friday?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 21 Jul 2024 10:17:55 +1000, Computer Nerd Kev wrote:

That was very interesting. Although following the link to the article
about the whistleblower who quit Microsoft, guess who hired them next?

What is that supposed to be suggesting, exactly? Is it saying something
about the ethics of the whistleblower, or of the company who hired them?
If so, what?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 20 Jul 2024 14:21:03 -0400, Popping Mad wrote:

The Windows situation... OBVIOUSLY... would never happen in a Linux evironment although systemd makes a huge step forward to make it
possible.

systemd myth number 1: “systemd is monolithic”

<http://0pointer.de/blog/projects/the-biggest-myths.html>

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 7/20/24 8:55 PM, Lawrence D'Oliveiro wrote:

On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:

But immediately ruling out this scenario for Linux systems sounds quite
unrealistic to me. (And, from what I've read yesterday, I got the
impression that there had been a similar incident with Linux systems,
but I didn't study that further.)

Sure. But remember, the various pieces of a Linux system are just
inherently put together in a more modular, flexible fashion, and that includes systemd. That does reduce the chance for trouble quite significantly.

BTW - you are now in my kill fly, so you can troll the back of the hand
now...

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 7/20/24 8:55 PM, Lawrence D'Oliveiro wrote:

and that
includes systemd.

Umm no it doesn't And don't cross post you trolling prick.

Pottering systematricaly folded numerous parts into a single whole. It
still has parts, but it is still monolithic and designed to be that way.
It is not designed to be flexible or pluggin friendly, and it is not.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 7/20/24 8:55 PM, Lawrence D'Oliveiro wrote:

systemd myth number 1: “systemd is monolithic”

<http://0pointer.de/blog/projects/the-biggest-myths.html>

yeah that is bullshit.

You can **SEE** it is monolithic .... it is not a guess. You are a
fucking idiot.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 21 Jul 2024 00:41:53 -0400, Popping Mad wrote:

On 7/20/24 8:55 PM, Lawrence D'Oliveiro wrote:

systemd myth number 1: “systemd is monolithic”

<http://0pointer.de/blog/projects/the-biggest-myths.html>

You are a fucking idiot.

systemd-haters are like the anti-fluoridationists of the Open-Source world.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

On 21 Jul 2024 10:17:55 +1000, Computer Nerd Kev wrote:

That was very interesting. Although following the link to the article
about the whistleblower who quit Microsoft, guess who hired them next?

What is that supposed to be suggesting, exactly? Is it saying something
about the ethics of the whistleblower, or of the company who hired them?
If so, what?

As is so often the case replying to you, I meant what I said in the
bit of my text that you snipped. The fact the whistleblower took up
a job at CrowdStrike after quitting M$ due to their management
culture suggested that CrowdStrike would be more responsible. But
the way this bug slipped out on such a wide scale contradicts that
now. I'm meerly commenting that the business of trying to protect
Windows systems from attack seems to be dodgy wherever you turn.

--
__ __
#_ < |\| |< _#

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: talk.politics.misc, alt.security

On Sun, 21 Jul 2024 00:44:47 -0400, Popping Mad wrote:

On 7/20/24 8:55 PM, Lawrence D'Oliveiro wrote:

and that includes systemd.

Umm no it doesn't

systemd myth 1: “systemd is monolithic”

<http://0pointer.de/blog/projects/the-biggest-myths.html>

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-07-20, Popping Mad wrote:

On 7/20/24 6:08 AM, Nuno Silva wrote:

As far as both are Turing-complete, there's probably not much difference
in capabilities for this discussion. Windows does not hold a monopoly in
the capability to run code with errors.

(In fact, given that Broadcom has their own wireless linux drivers,
possibly with the same quality level as their firmware...)

For thirty years people have been saying stupid and meaningless stuff
like this. It is garbage.

(Are you dismissing computer science as garbage?)

The Windows situation... OBVIOUSLY... would never happen in a Linux evironment although systemd makes a huge step forward to make it
possible.

Not only it has reportedly happened already *on Linux systems*, it has
happened also with CrowdStrike, which highlights the obvious: the
problem isn't necessarily the system, but the bad code and the lack of
testing:

https://www.neowin.net/news/crowdstrike-broke-debian-and-rocky-linux-months-ago-but-no-one-noticed/

However, it is true that some systems, including Linux, may offer
something that avoids this risk altogether, see https://nondeterministic.computer/@mjg59/112816011370924959

But the problem is still CrowdStrike, and they could always have choosen
to ignore this mechanism and continue with the same approach.

It has nothing to do with turing machines and advanced theoretical calculations.

If you choose to ignore computer science, your loss. Turing completeness
does allow an abstraction here: bad code that runs on one Turing machine
can run on another Turing machine. It doesn't matter much if it's
Microsoft or not.

This is certainly one of the tools in the toolbox computer science
provides, and might even help avoiding some heated debates of "my
tool/language is better than yours", which sometimes are much less
rooted in actual technical differences and more in emotion. (There are differences in features and interfaces that do matter, differences in
kernel design too, of course, but when it comes to the ability of
running GIGO code, that tends to be quite omnipresent.)

It has to do with the more secure Unix level design for
Linux based systems and the way decisions are made in Linux development
and how updates are run and generated.

No, CrowdStrike seems to have intentionally made their own update
handling system. The fact that many Linux distros have decent package management wouldn't have mattered here.

Does this make Linux perfect.. No. But it gives it a shot. MS makes insecure decisions from the ground up for business decisions. We have
spent a lift time watch MS systems doing things they just should be able
to do making them rich targets for visues big and small, and malware... things like runnng fucking email as an executable binary and autoruning
DVD software etc etc. I can't even begin to discuss what it does to the browser.

So please... put your bullshit away.

THis was inevitable and it is inevitable to happen again.

Yeah, but the Microsoft you blame has had for some years the ability to
save restore points and roll back if needed in Windows NT. And, from
what I've observed, this seems to be invoked with software installation
and possibly Windows updates too.

It might be painful to watch a Windows machine spending quite long to
install an update and then fail and roll back (they *do* need to improve dependency management in this, because quite often they just don't pull
an update that is a dependency), but, at least as of NT 6.1, it *does*
do that.

I might not like Windows nor Microsoft, but... calling reality
"bullshit"...

--
Nuno Silva

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-07-21, Lawrence D'Oliveiro wrote:

On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:

But immediately ruling out this scenario for Linux systems sounds quite
unrealistic to me. (And, from what I've read yesterday, I got the
impression that there had been a similar incident with Linux systems,
but I didn't study that further.)

Sure. But remember, the various pieces of a Linux system are just
inherently put together in a more modular, flexible fashion, and that includes systemd. That does reduce the chance for trouble quite significantly.

Well, there is one notable piece of software in Linux systems that's
quite monolithic, unless something has changed and I didn't get the
memo: the kernel itself.

If you write a bad quality module that crashes the kernel, what
mechanisms are there to recover from that?

--
Nuno Silva

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 21 Jul 2024, Popping Mad wrote:

On 7/20/24 8:55 PM, Lawrence D'Oliveiro wrote:

On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:

But immediately ruling out this scenario for Linux systems sounds quite
unrealistic to me. (And, from what I've read yesterday, I got the
impression that there had been a similar incident with Linux systems,
but I didn't study that further.)

Sure. But remember, the various pieces of a Linux system are just
inherently put together in a more modular, flexible fashion, and that
includes systemd. That does reduce the chance for trouble quite
significantly.

BTW - you are now in my kill fly, so you can troll the back of the hand now...

Wise choice! I also discovered that Lawrence was just a troll and choose
the same action. He really has nothing of value to say in my opinion.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In <669c53b2@news.ausics.net> Computer Nerd Kev wrote:

[Snip...]

That was very interesting. Although following the link to the
article about the whistleblower who quit Microsoft, guess who
hired them next?

""The decisions are not based on what's best for Microsoft's
customers but on what's best for Microsoft," said Harris, who now
works for CrowdStrike, a cybersecurity company that competes with
Microsoft." ...

[Snip...]

So it indeed seems like you can't really rely on any company in
this market.

... and IMO that's why creeping featurism is more than simply an
inconvenient complication in FOSS.

It's a slippery slope into a semi-proprietary environment, where
cutting corners inevitably takes priority over reliability.

For example Red Hat, getting all pissy with Alma about access to
source code and libraries:

Impact of RHEL changes to AlmaLinux
...
Jun 22, 2023
https://almalinux.org/blog/impact-of-rhel-changes/

A related example in smart TV reliabilty (note slrn line-wrap):

Will the new judicial ruling in the Vizio lawsuit strengthen the GPL?
...
January 16, 2024 https://blog.tidelift.com/will-the-new-judicial-ruling-in-the-vizio-lawsuit -strengthen-the-gpl

--
Regards, Weird (Harold Stevens) * IMPORTANT EMAIL INFO FOLLOWS *
Pardon any bogus email addresses (wookie) in place for spambots.
Really, it's (wyrd) at att, dotted with net. * DO NOT SPAM IT. *
I toss GoogleGroup (http://twovoyagers.com/improve-usenet.org/).

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Popping Mad <rainbow@colition.gov> wrote:

The Windows situation... OBVIOUSLY... would never happen in a Linux evironment although systemd makes a huge step forward to make it possible.

Ah, but, not so "obviously", given that a a few months back,
CrowdStrike's Linux kernel module caused crashes and non-booting.

CrowdStrike broke Debian and Rocky Linux months ago, but no one noticed https://www.neowin.net/news/crowdstrike-broke-debian-and-rocky-linux-months-ago-but-no-one-noticed/

The above article includes this quote, which just might be on the path
to the true problem:

"Crowdstrike's model seems to be 'we push software to your machines
any time we want, whether or not it's urgent, without testing it',"
lamented the team member.


This quote comes after these two bits:

The update proved incompatible with the latest stable version of
Debian, despite the specific Linux configuration being supposedly
supported.

...

It took them weeks to provide a root cause analysis after
acknowledging the issue a day later. The analysis revealed that the
Debian Linux configuration was not included in their test matrix.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Nuno Silva <nunojsilva@invalid.invalid> wrote:

Well, there is one notable piece of software in Linux systems that's
quite monolithic, unless something has changed and I didn't get the
memo: the kernel itself.

If you write a bad quality module that crashes the kernel, what
mechanisms are there to recover from that?

Boot into single user mode (hopefully the module is not autoloaded by
the kernel itself) and remove/rename the module file.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-07-20, rbowman <bowman@montana.com> wrote:

On Sat, 20 Jul 2024 16:05:05 -0400, David W. Hodgins wrote:

Pushing an update for privileged software to tens of thousands of
systems all at once is never a good idea. It should have been done in
stages starting with a small number of systems, with verification that
it was working properly at each stage of the roll out.

Canary testing is definitely beneficial. Even worse, our support people
are indoctrinated from Day One that unless the system is completely broken and can't get any worse never push out updates on Friday when everyone is headed to the beach.

What is it you find so bad about not updating on a Friday?

--
/~\ Charlie Gibbs | We'll go down in history as the
\ / <cgibbs@kltpzyxm.invalid> | first society that wouldn't save
X I'm really at ac.dekanfrus | itself because it wasn't cost-
/ \ if you read it the right way. | effective. -- Kurt Vonnegut

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 21 Jul 2024 11:23:08 +0200, D <nospam@example.net> wrote in <09a33276-1f22-a9af-6c0b-990cef30f9ad@example.net>:

On Sun, 21 Jul 2024, Popping Mad wrote:

On 7/20/24 8:55 PM, Lawrence D'Oliveiro wrote:

On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:

But immediately ruling out this scenario for Linux systems sounds
quite unrealistic to me. (And, from what I've read yesterday, I got
the impression that there had been a similar incident with Linux
systems, but I didn't study that further.)

Sure. But remember, the various pieces of a Linux system are just
inherently put together in a more modular, flexible fashion, and that
includes systemd. That does reduce the chance for trouble quite
significantly.

BTW - you are now in my kill fly, so you can troll the back of the hand
now...

Wise choice! I also discovered that Lawrence was just a troll and choose
the same action. He really has nothing of value to say in my opinion.

There's a far cry from "I disagree" to "nothing of value".

I don't agree with everything Lawrence posts, and I've called
him out on his "snip and snark" style, but not everything he
posts is without merit.

Regarding the crowdstrike matter: It seems that Linux
systems would be much less vulnerable to such SNAFUs -- and
there are Linux distributions that don't use systemd, if
that is a concern.

--
-v System76 Thelio Mega v1.1 x86_64 NVIDIA RTX 3090 Ti
OS: Linux 6.9.10 Release: Mint 21.3 Mem: 258G
"He's dead Jim. Grab his tricorder. I'll get his wallet."

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 21 Jul 2024 16:37:13 GMT, Charlie Gibbs wrote:

On 2024-07-20, rbowman <bowman@montana.com> wrote:

On Sat, 20 Jul 2024 16:05:05 -0400, David W. Hodgins wrote:

Pushing an update for privileged software to tens of thousands of
systems all at once is never a good idea. It should have been done in
stages starting with a small number of systems, with verification that
it was working properly at each stage of the roll out.

Canary testing is definitely beneficial. Even worse, our support people
are indoctrinated from Day One that unless the system is completely
broken and can't get any worse never push out updates on Friday when
everyone is headed to the beach.

What is it you find so bad about not updating on a Friday?

I don't think you what you wrote is what you intended. Anyway for most organizations Friday is the end of the week and people are more focused on planning their weekend. If there is IT support on the weekend it is an
oncall situation and they are not actually at their desks. In the
CrowdStrike scenario that really hurts since a remote reboot doesn't work.

Too put it colloquially, people really don't want to deal with shit on
Friday and that goes for more than software updates. Sure, in this case
where the system is completely FUBAR they have to but the response time is slower.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 7/20/24 22:47, Lawrence D'Oliveiro wrote:

On Sun, 21 Jul 2024 00:41:53 -0400, Popping Mad wrote:

On 7/20/24 8:55 PM, Lawrence D'Oliveiro wrote:

systemd myth number 1: “systemd is monolithic”

<http://0pointer.de/blog/projects/the-biggest-myths.html>

You are a fucking idiot.

systemd-haters are like the anti-fluoridationists of the Open-Source world.

in your opinion but unlike floridation systemd has a large attack surface. That makes it more like the MS program launcher.and
promotes disruption of services.

--
b l i s s - S F 4 e v e r at D S L E x t r e m e dot com

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 21 Jul 2024, vallor wrote:

On Sun, 21 Jul 2024 11:23:08 +0200, D <nospam@example.net> wrote in <09a33276-1f22-a9af-6c0b-990cef30f9ad@example.net>:

On Sun, 21 Jul 2024, Popping Mad wrote:

On 7/20/24 8:55 PM, Lawrence D'Oliveiro wrote:

On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:

But immediately ruling out this scenario for Linux systems sounds
quite unrealistic to me. (And, from what I've read yesterday, I got
the impression that there had been a similar incident with Linux
systems, but I didn't study that further.)

Sure. But remember, the various pieces of a Linux system are just
inherently put together in a more modular, flexible fashion, and that
includes systemd. That does reduce the chance for trouble quite
significantly.

BTW - you are now in my kill fly, so you can troll the back of the hand
now...

Wise choice! I also discovered that Lawrence was just a troll and choose
the same action. He really has nothing of value to say in my opinion.

There's a far cry from "I disagree" to "nothing of value".

I don't agree with everything Lawrence posts, and I've called
him out on his "snip and snark" style, but not everything he
posts is without merit.

Regarding the crowdstrike matter: It seems that Linux
systems would be much less vulnerable to such SNAFUs -- and
there are Linux distributions that don't use systemd, if
that is a concern.

I agree completely with you linux point of view. It has benefitted me
greatly in the past. In the distant past I think I even ran a web server
on OpenBSD and had the pleasure of tail -f:inf the web server logs
watching some windows worm trying again and again without anything
happening.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-07-21, rbowman <bowman@montana.com> wrote:

On Sun, 21 Jul 2024 16:37:13 GMT, Charlie Gibbs wrote:

What is it you find so bad about not updating on a Friday?

I don't think you what you wrote is what you intended.

I suspected that there was possibly some terminological confusion.

Anyway for most organizations Friday is the end of the week and people are more focused
on planning their weekend. If there is IT support on the weekend it is
an oncall situation and they are not actually at their desks. In the CrowdStrike scenario that really hurts since a remote reboot doesn't work.

Too put it colloquially, people really don't want to deal with shit on
Friday and that goes for more than software updates. Sure, in this case
where the system is completely FUBAR they have to but the response time is slower.

Many of our customers are hotels, for whom the output of our system is
a revenue stream. We're a small outfit, and can't provide 24/7 support.
If an update knocks out our data stream on Friday afternoon, there's
nobody around until Monday to fix things - and many of our hotels'
peak time is on the weekend. It saves a lot of headaches to refrain
from Friday updates; if the excrement does hit the rotating ventilation
device as the result of a bad update, we can get them back up within
24 hours.

Note: not all outages are due to software bugs on our part. Configuration changes on the customer site can kill things just as effectively, and in
fact are the more likely cause of a failure. Or maybe someone unplugged something they shouldn't. But if data stops flowing, the finger is
pointed at us first, rightly or wrongly. So not only do we not do
updates on Friday, we recommend the philosophy on genreral principles.

--
/~\ Charlie Gibbs | We'll go down in history as the
\ / <cgibbs@kltpzyxm.invalid> | first society that wouldn't save
X I'm really at ac.dekanfrus | itself because it wasn't cost-
/ \ if you read it the right way. | effective. -- Kurt Vonnegut

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 21 Jul 2024 13:58:59 -0700, Bobbie Sellers wrote:

systemd has a large attack surface.

Mmm ... myth 11, “systemd is complex”, and/or myth 12, “systemd is bloated”, maybe even myth 18, “systemd is a feature creep”? And of course myth 24, “systemd is unstable and buggy”, plus myth 25, “systemd is not debuggable”?

<http://0pointer.de/blog/projects/the-biggest-myths.html>

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 21 Jul 2024 09:36:06 +0100, Nuno Silva wrote:

On 2024-07-21, Lawrence D'Oliveiro wrote:

On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:

But immediately ruling out this scenario for Linux systems sounds
quite unrealistic to me. (And, from what I've read yesterday, I got
the impression that there had been a similar incident with Linux
systems, but I didn't study that further.)

Sure. But remember, the various pieces of a Linux system are just
inherently put together in a more modular, flexible fashion, and that
includes systemd. That does reduce the chance for trouble quite
significantly.

Well, there is one notable piece of software in Linux systems that's
quite monolithic, unless something has changed and I didn't get the
memo: the kernel itself.

It’s always been modular. Look up “Linux kernel modules”:

ldo@theon:~> find /lib/modules/$(uname -r) -name \*.ko\* | wc -l
4142

See that number? That’s how many loadable modules I have on my system--and that’s just for the currently-running kernel.

If you write a bad quality module that crashes the kernel, what
mechanisms are there to recover from that?

First you said it was “monolithic”, now you realize that “modules” are involved.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

On Sun, 21 Jul 2024 09:36:06 +0100, Nuno Silva wrote:

On 2024-07-21, Lawrence D'Oliveiro wrote:

On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:

But immediately ruling out this scenario for Linux systems sounds
quite unrealistic to me. (And, from what I've read yesterday, I got
the impression that there had been a similar incident with Linux
systems, but I didn't study that further.)

Sure. But remember, the various pieces of a Linux system are just
inherently put together in a more modular, flexible fashion, and that
includes systemd. That does reduce the chance for trouble quite
significantly.

Well, there is one notable piece of software in Linux systems that's
quite monolithic, unless something has changed and I didn't get the
memo: the kernel itself.

It’s always been modular. Look up “Linux kernel modules”:

Ah, no. Although one does have to time travel back to circa 1994 to
find a Linux kernel that did not have the modules subsystem. But it
has not "always" been modular.

Back in those days we had to recompile the kernel to turn on drivers
that one's distro did not compile in by default. And compiling the
kernel on a 386 was a multi hour proposition.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22 Jul 2024 05:31:36 GMT, rbowman wrote:

Paging suddenly stopped working and it took
a while to figure out a dispatcher got sick of listening to the modem
and turned it off.

“ATM0”, I believe is the command.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 21 Jul 2024 22:04:11 GMT, Charlie Gibbs wrote:

Note: not all outages are due to software bugs on our part.
Configuration changes on the customer site can kill things just as effectively, and in fact are the more likely cause of a failure. Or
maybe someone unplugged something they shouldn't. But if data stops
flowing, the finger is pointed at us first, rightly or wrongly. So not
only do we not do updates on Friday, we recommend the philosophy on
genreral principles.

Yup. Our clients are PSAPs (dispatch software in 911 call centers). They
get really unhappy when the software goes down during a mass casualty
incident.

The typical procedure is to deploy software to a backup/training server
and test it using the site's configuration files before pushing it to the
main servers and workstations.

We're definitely #1 on the 'who do you call?' list. My favorite goes back
to the days of modems. Paging suddenly stopped working and it took a while
to figure out a dispatcher got sick of listening to the modem and turned
it off.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-07-21, Rich wrote:

Nuno Silva <nunojsilva@invalid.invalid> wrote:

Well, there is one notable piece of software in Linux systems that's
quite monolithic, unless something has changed and I didn't get the
memo: the kernel itself.

If you write a bad quality module that crashes the kernel, what
mechanisms are there to recover from that?

Boot into single user mode (hopefully the module is not autoloaded by
the kernel itself) and remove/rename the module file.

I was thinking more along the lines of recovering without a reboot.

But for what you say, it's indeed an approach (unless there is something
in place that prevents such access to remove the file - which, I think,
has been happening with some Windows machines with CrowdStrike, and
could always be implemented on Linux systems too).

--
Nuno Silva

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-07-22, Rich wrote:

Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

On Sun, 21 Jul 2024 09:36:06 +0100, Nuno Silva wrote:

On 2024-07-21, Lawrence D'Oliveiro wrote:

On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:

But immediately ruling out this scenario for Linux systems sounds
quite unrealistic to me. (And, from what I've read yesterday, I got
the impression that there had been a similar incident with Linux
systems, but I didn't study that further.)

Sure. But remember, the various pieces of a Linux system are just
inherently put together in a more modular, flexible fashion, and that
includes systemd. That does reduce the chance for trouble quite
significantly.

Well, there is one notable piece of software in Linux systems that's
quite monolithic, unless something has changed and I didn't get the
memo: the kernel itself.

It’s always been modular. Look up “Linux kernel modules”:

Ah, no. Although one does have to time travel back to circa 1994 to
find a Linux kernel that did not have the modules subsystem. But it
has not "always" been modular.

Back in those days we had to recompile the kernel to turn on drivers
that one's distro did not compile in by default. And compiling the
kernel on a 386 was a multi hour proposition.

The modular part, AFAIK, only applies to having the separate files and
loading and unloading. Isn't it still a monolithic process in-memory?

Or, for what matters for the topic of this thread: if code in a module
crashes, how can the rest of the kernel continue running?

--
Nuno Silva

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Nuno Silva <nunojsilva@invalid.invalid> wrote:

On 2024-07-22, Rich wrote:

Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

On Sun, 21 Jul 2024 09:36:06 +0100, Nuno Silva wrote:

On 2024-07-21, Lawrence D'Oliveiro wrote:

On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:

But immediately ruling out this scenario for Linux systems sounds
quite unrealistic to me. (And, from what I've read yesterday, I got >>>>>> the impression that there had been a similar incident with Linux
systems, but I didn't study that further.)

Sure. But remember, the various pieces of a Linux system are just
inherently put together in a more modular, flexible fashion, and that >>>>> includes systemd. That does reduce the chance for trouble quite
significantly.

Well, there is one notable piece of software in Linux systems that's
quite monolithic, unless something has changed and I didn't get the
memo: the kernel itself.

It’s always been modular. Look up “Linux kernel modules”:

Ah, no. Although one does have to time travel back to circa 1994 to
find a Linux kernel that did not have the modules subsystem. But it
has not "always" been modular.

Back in those days we had to recompile the kernel to turn on drivers
that one's distro did not compile in by default. And compiling the
kernel on a 386 was a multi hour proposition.

The modular part, AFAIK, only applies to having the separate files and loading and unloading. Isn't it still a monolithic process in-memory?

For that, one starts delving into semantics, which I'm trying to avoid.
For those "literal thinking art students" like Lawrence, the mere fact
that the word "module" is used to name the loadable code files means
the kernel must be "not-monolithic".

Or, for what matters for the topic of this thread: if code in a module crashes, how can the rest of the kernel continue running?

It can't, just about any (unexpected) CPU protection fault while
running ring 0 (kernel) mode code (whether in the main kernel or code
from a loaded module) results in a kernel panic and halt of the system.
But that fact does not lend any evidence for, or against, whether the
kernel itself is "modular".

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Nuno Silva <nunojsilva@invalid.invalid> wrote:

On 2024-07-21, Rich wrote:

Nuno Silva <nunojsilva@invalid.invalid> wrote:

Well, there is one notable piece of software in Linux systems that's
quite monolithic, unless something has changed and I didn't get the
memo: the kernel itself.

If you write a bad quality module that crashes the kernel, what
mechanisms are there to recover from that?

Boot into single user mode (hopefully the module is not autoloaded by
the kernel itself) and remove/rename the module file.

I was thinking more along the lines of recovering without a reboot.

A kernel panic is not recoverable without a reboot -- that is the whole point. Something went wrong that the code can't recover from, so the system
stops. And most processor detected faults, when they happen in kernel
code, trigger a kernel panic (to prevent one fault from compounding
into more, and creating more damage in the process).

But for what you say, it's indeed an approach (unless there is
something in place that prevents such access to remove the file -
which, I think, has been happening with some Windows machines with CrowdStrike, and could always be implemented on Linux systems too).

If one had their root partition encrypted, and did not have a source,
other than the non-booting computer, for the encryption key, then a
Linux system owner could be in the same boat as many Window's users
find themselves. Without the encryption key to access the disk, they
can't "get in" to delete the file (and for 'corporate/govt' windows
machines, most all end users do not have the encryption key if the
filesystem is encrypted by MS Bitlocker).

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-07-22, Rich wrote:

Nuno Silva <nunojsilva@invalid.invalid> wrote:

On 2024-07-22, Rich wrote:

Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

On Sun, 21 Jul 2024 09:36:06 +0100, Nuno Silva wrote:

On 2024-07-21, Lawrence D'Oliveiro wrote:

On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:

But immediately ruling out this scenario for Linux systems sounds >>>>>>> quite unrealistic to me. (And, from what I've read yesterday, I got >>>>>>> the impression that there had been a similar incident with Linux >>>>>>> systems, but I didn't study that further.)

Sure. But remember, the various pieces of a Linux system are just
inherently put together in a more modular, flexible fashion, and that >>>>>> includes systemd. That does reduce the chance for trouble quite
significantly.

Well, there is one notable piece of software in Linux systems that's >>>>> quite monolithic, unless something has changed and I didn't get the
memo: the kernel itself.

It’s always been modular. Look up “Linux kernel modules”:

Ah, no. Although one does have to time travel back to circa 1994 to
find a Linux kernel that did not have the modules subsystem. But it
has not "always" been modular.

Back in those days we had to recompile the kernel to turn on drivers
that one's distro did not compile in by default. And compiling the
kernel on a 386 was a multi hour proposition.

The modular part, AFAIK, only applies to having the separate files and
loading and unloading. Isn't it still a monolithic process in-memory?

For that, one starts delving into semantics, which I'm trying to avoid.
For those "literal thinking art students" like Lawrence, the mere fact
that the word "module" is used to name the loadable code files means
the kernel must be "not-monolithic".

(I don't know what to say, the kernel is monolithic, it's a single
process, and wasn't this also a topic of a discussion between Torvalds
and Tanenbaum that's part of the USENET lore?)

Or, for what matters for the topic of this thread: if code in a module
crashes, how can the rest of the kernel continue running?

It can't, just about any (unexpected) CPU protection fault while
running ring 0 (kernel) mode code (whether in the main kernel or code
from a loaded module) results in a kernel panic and halt of the system.
But that fact does not lend any evidence for, or against, whether the
kernel itself is "modular".

It does provide evidence against the claim that something like the
CrowdStrike incident would not be likely on Linux: what you describe
means that, if CrowdStrike were operating with a similar driver on Linux
as they do on Windows (a comment I linked elsewhere in the thread
suggests they might (hopefully?) be doing something else now), it'd just
fail in the same way as it did on Windows: with a hung system that needs
a reboot/restart/....

--
Nuno Silva

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22/07/2024 18:19, Nuno Silva wrote:

if CrowdStrike were operating with a similar driver on Linux
as they do on Windows (a comment I linked elsewhere in the thread
suggests they might (hopefully?) be doing something else now), it'd just
fail in the same way as it did on Windows: with a hung system that needs
a reboot/restart/....

I've had linux updates brick my Pi.

And, back in the day stop wifi working on a laptop.

The point as issue is not where Linux is immune - clearly it isn't - but
that crowdstrike appears to have the quality control standards of a
portaloo, which is why their share price is tanking.

If your business model is predicated on keeping customers kit running,
and you crash the fucking lot, you don't deserve to be in business.

Dont bring carefully crafted bullshit to a reality contest.


--
The lifetime of any political organisation is about three years before
its been subverted by the people it tried to warn you about.

Anon.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Nuno Silva <nunojsilva@invalid.invalid> wrote:

On 2024-07-22, Rich wrote:

Nuno Silva <nunojsilva@invalid.invalid> wrote:

On 2024-07-22, Rich wrote:

Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

On Sun, 21 Jul 2024 09:36:06 +0100, Nuno Silva wrote:

On 2024-07-21, Lawrence D'Oliveiro wrote:

On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:

But immediately ruling out this scenario for Linux systems sounds >>>>>>>> quite unrealistic to me. (And, from what I've read yesterday, I got >>>>>>>> the impression that there had been a similar incident with Linux >>>>>>>> systems, but I didn't study that further.)

Sure. But remember, the various pieces of a Linux system are just >>>>>>> inherently put together in a more modular, flexible fashion, and that >>>>>>> includes systemd. That does reduce the chance for trouble quite
significantly.

Well, there is one notable piece of software in Linux systems that's >>>>>> quite monolithic, unless something has changed and I didn't get the >>>>>> memo: the kernel itself.

It’s always been modular. Look up “Linux kernel modules”:

Ah, no. Although one does have to time travel back to circa 1994 to
find a Linux kernel that did not have the modules subsystem. But it
has not "always" been modular.

Back in those days we had to recompile the kernel to turn on drivers
that one's distro did not compile in by default. And compiling the
kernel on a 386 was a multi hour proposition.

The modular part, AFAIK, only applies to having the separate files and
loading and unloading. Isn't it still a monolithic process in-memory?

For that, one starts delving into semantics, which I'm trying to avoid.
For those "literal thinking art students" like Lawrence, the mere fact
that the word "module" is used to name the loadable code files means
the kernel must be "not-monolithic".

(I don't know what to say, the kernel is monolithic, it's a single
process,

Yes, agreed.

and wasn't this also a topic of a discussion between Torvalds
and Tanenbaum that's part of the USENET lore?)

Also why I'm trying to avoid falling down into that pit. We aren't
likely to add anything that Torvalds and Tanenbaum had not already
hashed out.

Or, for what matters for the topic of this thread: if code in a
module crashes, how can the rest of the kernel continue running?

It can't, just about any (unexpected) CPU protection fault while
running ring 0 (kernel) mode code (whether in the main kernel or
code from a loaded module) results in a kernel panic and halt of the
system. But that fact does not lend any evidence for, or against,
whether the kernel itself is "modular".

It does provide evidence against the claim that something like the CrowdStrike incident would not be likely on Linux: what you describe
means that, if CrowdStrike were operating with a similar driver on
Linux as they do on Windows (a comment I linked elsewhere in the
thread suggests they might (hopefully?) be doing something else now),
it'd just fail in the same way as it did on Windows: with a hung
system that needs a reboot/restart/....

No need for 'providing evidence'. CrowdStrike *did* break Linux a few
months ago in the same way they just broke Windows just this past
Friday:

CrowdStrike broke Debian and Rocky Linux months ago, but no one
noticed

https://www.neowin.net/news/crowdstrike-broke-debian-and-rocky-linux-months-ago-but-no-one-noticed/

But breaking the few foolish ones who installed CrowdStrike on their
Linux machines didn't get the same press coverage as halting air
traffic for much of the world for a day.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-07-22, rbowman <bowman@montana.com> wrote:

On Sun, 21 Jul 2024 22:04:11 GMT, Charlie Gibbs wrote:

Note: not all outages are due to software bugs on our part.
Configuration changes on the customer site can kill things just as
effectively, and in fact are the more likely cause of a failure. Or
maybe someone unplugged something they shouldn't. But if data stops
flowing, the finger is pointed at us first, rightly or wrongly. So not
only do we not do updates on Friday, we recommend the philosophy on
genreral principles.

Yup. Our clients are PSAPs (dispatch software in 911 call centers). They
get really unhappy when the software goes down during a mass casualty incident.

For sure. We have call tracking software in some 911 call centres;
it doesn't do the actual dispatching, but records call metadata generated
by the dispatch software (both for PSAPs and downstream agencies).
The consequences of our software going down are less severe than the
dispatch software going down - still, though, the police would get a
bit miffed if call data was missing when they're trying to get a record
of all calls related to, say, reports of gunshots in an area.

The typical procedure is to deploy software to a backup/training server
and test it using the site's configuration files before pushing it to the main servers and workstations.

At any given time we have a customer or two with whom we're working
closely (usually with remote access these days, thank goodness).
It makes it easy to slip in a new program and watch it for a while.
Then we try it at a few more friendly sites, and wait until several
customers are banging away at it without problems before proceeding
with a general release.

We're definitely #1 on the 'who do you call?' list. My favorite goes back
to the days of modems. Paging suddenly stopped working and it took a while
to figure out a dispatcher got sick of listening to the modem and turned
it off.

At our local 911 call centre, we had a test routine built into our code.
If we received no 911 call data for a certain length of time, we would
dial out on special numbers that went directly to the various dispatchers.
So that they'd know it was just a test, upon connection we'd send an ATDT command to the modem, and the dispatcher would hear "Mary had a little
lamb" in DTMF tones. The dispatching software would generate a record
for the call, and everybody knew all was well. If we didn't receive
a call record at this point, we'd trigger an alarm. One night an entire telephone central office went down; the first warning anyone had was when
our tester alerted the call centre, who called the phone company.

--
/~\ Charlie Gibbs | We'll go down in history as the
\ / <cgibbs@kltpzyxm.invalid> | first society that wouldn't save
X I'm really at ac.dekanfrus | itself because it wasn't cost-
/ \ if you read it the right way. | effective. -- Kurt Vonnegut

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 22 Jul 2024 18:43:01 GMT, Charlie Gibbs wrote:

For sure. We have call tracking software in some 911 call centres;
it doesn't do the actual dispatching, but records call metadata
generated by the dispatch software (both for PSAPs and downstream
agencies).
The consequences of our software going down are less severe than the
dispatch software going down - still, though, the police would get a bit miffed if call data was missing when they're trying to get a record of
all calls related to, say, reports of gunshots in an area.

Previous history certainly is important and we search either by location
or phone number. There is a configurable limit on returns. Mom's Nursing
Home and Joe's Bucket of Blood tend to generate a lit of previous history. There are also database searches for persons or vehicles involved in
previous incidents. I wouldn't want to be a dispatcher. You never know if
the next time the phone rings if it will be somebody complaining about the neighbor's cat, a medical emergency, or a home invasion in progress.

It's also easy for the clients to create alerts that will pop up for a location. They may be informational for businesses with contact
information and Knox Box locations or comments on a resident who doesn't interact well with police.

The historical data has to be retained too. Sometimes it takes years for a
case to come to court where evidence has to be presented. The volume of
data has taken off with the increased use of bodycams and dashcams.
Luckily we just pass incident information to a third party. They're
responsible for activating cameras for the responding units, capturing the video data, and archiving it. That's got to amount to petabytes sooner or later.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-07-22, rbowman <bowman@montana.com> wrote:

On Mon, 22 Jul 2024 18:43:01 GMT, Charlie Gibbs wrote:

For sure. We have call tracking software in some 911 call centres;
it doesn't do the actual dispatching, but records call metadata
generated by the dispatch software (both for PSAPs and downstream
agencies).
The consequences of our software going down are less severe than the
dispatch software going down - still, though, the police would get a bit
miffed if call data was missing when they're trying to get a record of
all calls related to, say, reports of gunshots in an area.

Previous history certainly is important and we search either by location
or phone number. There is a configurable limit on returns. Mom's Nursing
Home and Joe's Bucket of Blood tend to generate a lit of previous history. There are also database searches for persons or vehicles involved in
previous incidents. I wouldn't want to be a dispatcher. You never know if
the next time the phone rings if it will be somebody complaining about the neighbor's cat, a medical emergency, or a home invasion in progress.

Yes, I've been in the call centre and overheard the dispatchers at work. They're pretty amazing, keeping cool in the face of what's going on out
there - even more than air traffic control (and I've heard a few ATC
exchanges that must have created grey hair).

It's also easy for the clients to create alerts that will pop up for a location. They may be informational for businesses with contact
information and Knox Box locations or comments on a resident who doesn't interact well with police.

The historical data has to be retained too. Sometimes it takes years for a case to come to court where evidence has to be presented. The volume of
data has taken off with the increased use of bodycams and dashcams.
Luckily we just pass incident information to a third party. They're responsible for activating cameras for the responding units, capturing the video data, and archiving it. That's got to amount to petabytes sooner or later.

The call metadata isn't too much by today's standards - a couple of hundred megabytes a month. When we first got our stuff working, the cost of disk storage was falling to the point where it was worth keeping it all for more than just a few months. They were storing the actual call transcripts on
audio cassettes in those days - it's probably all digitized now. But video
is a whole other dimension...

--
/~\ Charlie Gibbs | We'll go down in history as the
\ / <cgibbs@kltpzyxm.invalid> | first society that wouldn't save
X I'm really at ac.dekanfrus | itself because it wasn't cost-
/ \ if you read it the right way. | effective. -- Kurt Vonnegut

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 22 Jul 2024 18:19:31 +0100, Nuno Silva wrote:

... if CrowdStrike were operating with a similar driver on Linux
as they do on Windows ...

They don’t. On Linux, they can use EBPF. Matthew Garrett mentioned this in his posting.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 22 Jul 2024 16:49:59 -0000 (UTC), Rich <rich@example.invalid>
wrote in <v7m2jn$nqfd$2@dont-email.me>:

Nuno Silva <nunojsilva@invalid.invalid> wrote:

On 2024-07-22, Rich wrote:

Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

On Sun, 21 Jul 2024 09:36:06 +0100, Nuno Silva wrote:

On 2024-07-21, Lawrence D'Oliveiro wrote:

On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:

But immediately ruling out this scenario for Linux systems sounds >>>>>>> quite unrealistic to me. (And, from what I've read yesterday, I got >>>>>>> the impression that there had been a similar incident with Linux >>>>>>> systems, but I didn't study that further.)

Sure. But remember, the various pieces of a Linux system are just
inherently put together in a more modular, flexible fashion, and that >>>>>> includes systemd. That does reduce the chance for trouble quite
significantly.

Well, there is one notable piece of software in Linux systems that's >>>>> quite monolithic, unless something has changed and I didn't get the
memo: the kernel itself.

It’s always been modular. Look up “Linux kernel modules”:

Ah, no. Although one does have to time travel back to circa 1994 to
find a Linux kernel that did not have the modules subsystem. But it
has not "always" been modular.

Back in those days we had to recompile the kernel to turn on drivers
that one's distro did not compile in by default. And compiling the
kernel on a 386 was a multi hour proposition.

The modular part, AFAIK, only applies to having the separate files and
loading and unloading. Isn't it still a monolithic process in-memory?

For that, one starts delving into semantics, which I'm trying to avoid.
For those "literal thinking art students" like Lawrence, the mere fact
that the word "module" is used to name the loadable code files means
the kernel must be "not-monolithic".

Or, for what matters for the topic of this thread: if code in a module
crashes, how can the rest of the kernel continue running?

It can't, just about any (unexpected) CPU protection fault while
running ring 0 (kernel) mode code (whether in the main kernel or code
from a loaded module) results in a kernel panic and halt of the system.
But that fact does not lend any evidence for, or against, whether the
kernel itself is "modular".

I recently was starting up a game, which triggered rebuild of
DXVK shaders for the game. The nvidia module freaked out, wreaking
havoc on the kernel, and freezing the display.

I was able to ssh in, dump dmesg output to a file, and reboot. For
those interested in what that can look like, the dmesg.txt.gz
can be found in this post on the developer forum:

https://forums.developer.nvidia.com/t/550-78-release-feedback-discussion-thread/291665/12?u=scott-nv

--
-v System76 Thelio Mega v1.1 x86_64 NVIDIA RTX 3090 Ti
OS: Linux 6.9.10 Release: Mint 21.3 Mem: 258G
"One way to better your lot is to do a lot better..."

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 23 Jul 2024 02:00:34 GMT, vallor wrote:

I recently was starting up a game, which triggered rebuild of DXVK
shaders for the game. The nvidia module freaked out, wreaking havoc on
the kernel, and freezing the display.

So you had trouble with a proprietary module. Big surprise.

Remember the open-source dictum: “many eyes make all bugs shallow”.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 7/30/24 22:30, candycanearter07 wrote:

John McCue <jmccue@hairball.jmcunx.com> wrote at 13:49 this Saturday (GMT):

followups trimmed to comp.os.linux.misc

In comp.os.linux.misc yeti <yeti@tilde.institute> wrote:

"26yh.0712" <26yh.0713@e6t5y.net> writes:

Ah ... wunnerful Winders :-)

It should be banned as a socioeconomic WMD ...

Imagine systemd swallowing package management, doing automagic
security updates and such a "MSLinux" monoculture.

I can see this happening, I think they just swallowed sudo.

You mean polkit?

No he means "sudo" is going to be replaced with "run0." <https://www.howtogeek.com/will-linux-run0-command-run-sudo-out-of-town/>
Not right away but sooner or later unless it causes even
more problems. "Sudo" is a bad implementation which replaced "su".
which invoked superuser privileges. You had to use your root
account password but Ubuntu decided that was dangerous so to invoke
the same privileges you can use your user accont passwork.
Canonical thought apparently that it was asking too
much of their projected userbase to remember User account
password and root password.

Wouldn't that be similarly vulnerable?

Maybe, any complex solution is open to vulnerabilities. I
think (hope) these changes would be tested better than
crowdstrike was. But as things get more complex, the harder
to test :(

I still think these changes Red Hat is pushing is their way
to make things easier for admins, but to me, eventually you
end up with a Windows clone. Now I wonder if they will "AI"
systemd, I think it is possible since IBM seems to be
getting into AI.

That sounds like a nightmare. AI Systems...

Nightmare or some one's wet dream.

IMO "MSLinux" everywhere would have the same problem.

I think redundancy, diversity and reducing complexity is the right
answer.

The system on my computer uses SysV.init and "su".

bliss- Dell Precision 7730- PCLOS 2024.07- Linux 6.6.42- 5.27.11

--
b l i s s - S F 4 e v e r at D S L E x t r e m e dot com

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

John McCue <jmccue@hairball.jmcunx.com> wrote at 13:49 this Saturday (GMT):

followups trimmed to comp.os.linux.misc

In comp.os.linux.misc yeti <yeti@tilde.institute> wrote:

"26yh.0712" <26yh.0713@e6t5y.net> writes:

Ah ... wunnerful Winders :-)

It should be banned as a socioeconomic WMD ...

Imagine systemd swallowing package management, doing automagic
security updates and such a "MSLinux" monoculture.

I can see this happening, I think they just swallowed sudo.

You mean polkit?

Wouldn't that be similarly vulnerable?

Maybe, any complex solution is open to vulnerabilities. I
think (hope) these changes would be tested better than
crowdstrike was. But as things get more complex, the harder
to test :(

I still think these changes Red Hat is pushing is their way
to make things easier for admins, but to me, eventually you
end up with a Windows clone. Now I wonder if they will "AI"
systemd, I think it is possible since IBM seems to be
getting into AI.

That sounds like a nightmare. AI Systems...

IMO "MSLinux" everywhere would have the same problem.

I think redundancy, diversity and reducing complexity is the right
answer.

--
user <candycane> is generated from /dev/urandom

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 30 Jul 2024 22:58:28 -0700, Bobbie Sellers wrote:

No he means "sudo" is going to be replaced with "run0." <https://www.howtogeek.com/will-linux-run0-command-run-sudo-out-of-town/

sudo has been a running saga of security vulnerabilities. Poettering is offering a much simpler design with a smaller attack surface. He actually
wants to do away with the whole idea of set-user-ID executables.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 31/07/2024 06:58, Bobbie Sellers wrote:

"Sudo" is a bad implementation which replaced "su".
which invoked superuser privileges.  You had to use  your root
account password but Ubuntu decided that was dangerous so to invoke
the same privileges you can use your user accont passwork.
    Canonical thought apparently that it was asking too
much of their projected userbase to remember User account
password and root password.

Sudo allowed tailored access by certain users to certain root
privileges, that su did not.

It's a reasonable admin tool for a multiuser system.

But who tuns a true multiuser system these days especially one where
users can do simple admin?

--
“The fundamental cause of the trouble in the modern world today is that
the stupid are cocksure while the intelligent are full of doubt."

- Bertrand Russell

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 31/07/2024 10:23, Richard Kettlewell wrote:

The Natural Philosopher <tnp@invalid.invalid> writes:

On 31/07/2024 06:58, Bobbie Sellers wrote:

"Sudo" is a bad implementation which replaced "su".
which invoked superuser privileges.  You had to use  your root
account password but Ubuntu decided that was dangerous so to invoke
the same privileges you can use your user accont passwork.
    Canonical thought apparently that it was asking too
much of their projected userbase to remember User account
password and root password.

Sudo allowed tailored access by certain users to certain root
privileges, that su did not.

It's a reasonable admin tool for a multiuser system.

But who tuns a true multiuser system these days especially one where
users can do simple admin?

Even disregarding hobbyists, more than zero but I expect the number is
indeed rather small.

There’s a few points here:

* You can still set a root password and use ‘su’ on Ubuntu systems if
that’s what you want. Canonical are not enforcing a policy here, just
setting a default.

* The ‘sudo instead of su’ model is common everwhere, not just Ubuntu; I
expect the motivation for the default setup on Ubuntu is
simplification, not any theories about who can remember how many
passwords.

* Trusting sudo to enforce the a tailored access model is somewhat
optimistic given its CVE record, and the general record of the setuid
model that underpins it.

* By escaping the setuid model run0 may improve on this issue, though it
brings other kinds of complexity with it; how it balances out is
probably a question for a few years time.

* In the single-user context, sudo effectively creates the model that
your single user account has privileges equivalent to root, but that
you must explicitly mark any privileged operation. The former is just
acknowledging reality, the latter is a useful guard against accidents.

+1 to all of that.

I use sudo if its just one thing I need to do, but if its messing with
config files and restarting daemons, I use su -

--
Microsoft : the best reason to go to Linux that ever existed.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Bobbie Sellers <blissInSanFrancisco@mouse-potato.com> wrote:

On 7/30/24 22:30, candycanearter07 wrote:

John McCue <jmccue@hairball.jmcunx.com> wrote at 13:49 this Saturday (GMT): >>> followups trimmed to comp.os.linux.misc

In comp.os.linux.misc yeti <yeti@tilde.institute> wrote:

"26yh.0712" <26yh.0713@e6t5y.net> writes:

Ah ... wunnerful Winders :-)

It should be banned as a socioeconomic WMD ...

Imagine systemd swallowing package management, doing automagic
security updates and such a "MSLinux" monoculture.

I can see this happening, I think they just swallowed sudo.

You mean polkit?

No he means "sudo" is going to be replaced with "run0." <https://www.howtogeek.com/will-linux-run0-command-run-sudo-out-of-town/>
Not right away but sooner or later unless it causes even
more problems. "Sudo" is a bad implementation which replaced "su".
which invoked superuser privileges.

su still exists, even on Ubuntu systems. It's just that Ubuntu's 'user
docs' (as they are) only talk about sudo, and you know the old saying:

Learn Ubuntu and you learn Ubuntu, learn Slackware and you learn Unix.

You had to use your root account password but Ubuntu decided that
was dangerous so to invoke the same privileges you can use your user
accont passwork.

sudo long predates Ubuntu <https://en.wikipedia.org/wiki/Sudo> (initial
release "around 1980").

Canonical thought apparently that it was asking too
much of their projected userbase to remember User account
password and root password.

For traditional Unix systems (multiple users all logged on to the same
system at the same time) the /premise/ of sudo provides some value add.
You can grant individual, more trusted, users rights to do things as
root, without having to share the root password with them in order to
do so.

For typical Ubuntu setups (single user who is system owner and the only
user) sudo adds no value add over just becoming root via su (other
than, as you say, not having to remember a 'root' password).

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 7/31/2024 3:17 AM, The Natural Philosopher wrote:

On 31/07/2024 10:23, Richard Kettlewell wrote:

The Natural Philosopher <tnp@invalid.invalid> writes:

But who tuns a true multiuser system these days especially one where
users can do simple admin?

Even disregarding hobbyists, more than zero but I expect the number is
indeed rather small.

Not sure what you mean by "hobbyist". To me, a "linux hobbyist" is
someone like me, who deliberately runs a system at home that is more
complex and "professional" than necessary, to keep alive some skills
acquired decades ago when we managed a Unix system used by our department.
But I also use those skills in the small company that still writes me a paycheck in my semi-retirement.

There’s a few points here:

* You can still set a root password and use ‘su’ on Ubuntu systems if
   that’s what you want. Canonical are not enforcing a policy here, just >>    setting a default.

My Linux systems are Fedora rather than Ubuntu; Fedora also promotes sudo.

* The ‘sudo instead of su’ model is common everwhere, not just Ubuntu; I >>    expect the motivation for the default setup on Ubuntu is
   simplification, not any theories about who can remember how many
   passwords.

* Trusting sudo to enforce the a tailored access model is somewhat
   optimistic given its CVE record, and the general record of the setuid >>    model that underpins it.

* By escaping the setuid model run0 may improve on this issue, though it
   brings other kinds of complexity with it; how it balances out is
   probably a question for a few years time.

* In the single-user context, sudo effectively creates the model that
   your single user account has privileges equivalent to root, but that
   you must explicitly mark any privileged operation. The former is just >>    acknowledging reality, the latter is a useful guard against accidents. >>

+1 to all of that.

I use sudo if its just one thing I need to do, but if its messing with
config files and restarting daemons, I use su -

Is that because you do not know about "sudo -i" ?

Note that run0 - which is built on polkit - still relies on setuid
executables within polkit. I don't see them as all that different.

The grace period in sudo is a convenience. It probably does add a bit of
risk. There is probably a way to turn it off --- yes:
timestamp_timeout=0 in /etc/sudoers (apparently per-user)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In article <wwv1q39valn.fsf@LkoBDZeT.terraraq.uk>,
invalid@invalid.invalid (Richard Kettlewell) wrote:

The relevant point is that there are (at least a few) large
organizations running multi-user Unix systems, and care about
isolation between users.

For example, my workplace. Most of our Linux and macOS machines are not people's personal systems, but dedicated build/test machines with fairly full-time jobs. I am not a skilled sysadmin, but being able to use sudo
for simple tasks gets them done a lot faster than opening a helpdesk
ticket.

John

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 31/07/2024 14:41, Rich wrote:

For typical Ubuntu setups (single user who is system owner and the only
user) sudo adds no value add over just becoming root via su (other
than, as you say, not having to remember a 'root' password).

I say it does. Fat finger proofing.

If I HAVE to type sudo every time I want to do something sysadmin-ish it
forces me to stop and think just a little. And sometimes prevents me
from doing what I really didnt want to do

Anyqay, as with most of these religious arguments, you have the choice.
I choose to use both.

Like I used the command line AND the GUI.


--
Renewable energy: Expensive solutions that don't work to a problem that
doesn't exist instituted by self legalising protection rackets that
don't protect, masquerading as public servants who don't serve the public.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 31/07/2024 16:34, Richard Kettlewell wrote:

The relevant point is that there are (at least a few) large
organizations running multi-user Unix systems, and care about isolation between users.

There are, but they are rare birds.

Most 'multi-user' machines run pure web applications.
I cant offhand think of anything outside say a research super computer
where true multiuser exists

Anyway their sysdamins are free to set them up how they like, as are we
on our single user machines


--
No Apple devices were knowingly used in the preparation of this post.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, 31 Jul 2024 17:45 +0100 (BST), John Dallman wrote:

For example, my workplace. Most of our Linux and macOS machines are not people's personal systems, but dedicated build/test machines with fairly full-time jobs. I am not a skilled sysadmin, but being able to use sudo
for simple tasks gets them done a lot faster than opening a helpdesk
ticket.

At one time (25 years ago) the Linux boxes were our personal machines and
the build/test machines were RS6000/AIX boxes that we shared. The same
code base built on both although some of the data had to be converted
between big and little endian.

IBM priced themselves out of competition and our clients went to Windows.
We use the MKS NutCracker environment on Windows so for the most part the
code builds on Linux or Windows. The Linux boxes are still our personal machines, with shared Windows systems for build/testing.

The shared AIX resources sometimes had problems like a newbie programmer deleting what amounts to /usr/bin to free up disk space. Screw-ups on that level meant you bought the donuts.

We had a homegrown thing called 'gosu' which was essentially sudo without
the training wheels.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

The Natural Philosopher <tnp@invalid.invalid> writes:

On 31/07/2024 16:34, Richard Kettlewell wrote:

The relevant point is that there are (at least a few) large
organizations running multi-user Unix systems, and care about isolation
between users.

There are, but they are rare birds.

Most 'multi-user' machines run pure web applications.
I cant offhand think of anything outside say a research super computer
where true multiuser exists

The example I hear about most is more or less that, specifially a
compute farm used for genomics research. You don’t get to log into the compute nodes, but the ‘head nodes’ used for uploading data sets and submitting jobs have logins for all.

I’m less clear on the details of the other example I’m aware of, we only really got to hear about how it interacts with attributes of our
product.

We have a few in-principle shared Unix machines at work but in practice
they can go months between anyone logging in.

--
https://www.greenend.org.uk/rjk/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 01/08/2024 09:39, Richard Kettlewell wrote:

The Natural Philosopher <tnp@invalid.invalid> writes:

On 31/07/2024 16:34, Richard Kettlewell wrote:

The relevant point is that there are (at least a few) large
organizations running multi-user Unix systems, and care about isolation
between users.

There are, but they are rare birds.

Most 'multi-user' machines run pure web applications.
I cant offhand think of anything outside say a research super computer
where true multiuser exists

The example I hear about most is more or less that, specifially a
compute farm used for genomics research. You don’t get to log into the compute nodes, but the ‘head nodes’ used for uploading data sets and submitting jobs have logins for all.

I’m less clear on the details of the other example I’m aware of, we only really got to hear about how it interacts with attributes of our
product.

We have a few in-principle shared Unix machines at work but in practice
they can go months between anyone logging in.

A friend of mine who does very advanced mathematical matrix research has
a login to a vast array of CPU power somewhere in the States, where he
uploads code and data, compiles the code and then crunches huge amounts
of data. No root level access needed or wanted.

Real old school

--
The higher up the mountainside
The greener grows the grass.
The higher up the monkey climbs
The more he shows his arse.

Traditional

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, 31 Jul 2024 06:23:14 -0000 (UTC), Lawrence D'Oliveiro
<ldo@nz.invalid> wrote in <v8cl8i$1fhag$1@dont-email.me>:

On Tue, 30 Jul 2024 22:58:28 -0700, Bobbie Sellers wrote:

No he means "sudo" is going to be replaced with "run0."
<https://www.howtogeek.com/will-linux-run0-command-run-sudo-out-of-town/

sudo has been a running saga of security vulnerabilities. Poettering is offering a much simpler design with a smaller attack surface. He actually wants to do away with the whole idea of set-user-ID executables.

From the very beginning of our company (1994), we had no setuid
executables on our shell server. (We finally discontinued the service at the end of June -- the end of an era!)

I see now on this system (Mint 21.3) that ping is no longer setuid.
(Nowadays, it uses Linux capabilities.) Back in the day, it was setuid,
but we replaced it with a client that reached out to a "ping server" that
did the job.

--
-v System76 Thelio Mega v1.1 x86_64 NVIDIA RTX 3090 Ti
OS: Linux 6.11.0-rc1 Release: Mint 21.3 Mem: 258G
"Couldn't myself have better it said."

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 4 Aug 2024 12:45:53 GMT, vallor wrote:

I see now on this system (Mint 21.3) that ping is no longer setuid. (Nowadays, it uses Linux capabilities.)

Whaddaya know ...

root@theon:~ # getcap /usr/bin/ping
/usr/bin/ping cap_net_raw=ep

And here I thought capabilities are a process-level thing, there was no equivalent of set-user-id for them.

By the way, the “capabilities” idea comes from an old DEC OS called VMS, where it was just called “privilege masks”.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 7/31/24 1:30 AM, candycanearter07 wrote:

John McCue <jmccue@hairball.jmcunx.com> wrote at 13:49 this Saturday (GMT):

followups trimmed to comp.os.linux.misc

In comp.os.linux.misc yeti <yeti@tilde.institute> wrote:

"26yh.0712" <26yh.0713@e6t5y.net> writes:

Ah ... wunnerful Winders :-)

It should be banned as a socioeconomic WMD ...

Imagine systemd swallowing package management, doing automagic
security updates and such a "MSLinux" monoculture.

I can see this happening, I think they just swallowed sudo.

You mean polkit?

Wouldn't that be similarly vulnerable?

Maybe, any complex solution is open to vulnerabilities. I
think (hope) these changes would be tested better than
crowdstrike was. But as things get more complex, the harder
to test :(

I still think these changes Red Hat is pushing is their way
to make things easier for admins, but to me, eventually you
end up with a Windows clone. Now I wonder if they will "AI"
systemd, I think it is possible since IBM seems to be
getting into AI.

That sounds like a nightmare. AI Systems...

Once you get into it more than a little, "AI" becomes
something like "magic". It finds its patterns and
sense in ways humans can't comprehend and creates
software/rules/structure humans wouldn't - and thus
cannot properly understand.

On present trajectory, we're headed straight to
Hogwarts ....

The "AI" doesn't even have to be evil to be
extraordinarily dangerous.

Now open your spell-books to page 27 and don't
forget to flick your wands !

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)