Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It's definitely the driver itself if it blue screens the kernel. Quite possibility data-sensitive of course.


https://x.com/brody_n77/status/1814185935476863321 [0]

The driver can't gracefully handle invalid content - so you're kinda both right.

[0] brody_n77 is:

   Director of OverWatch,
   CrowdStrike Inc.


I came to HN hoping to find more technical info on the issue, and with hundreds of comments yours is the first I found with something of interest, so thanks! Too bad there's no way to upvote it to the top.


Looks like a great way to bypass crowd strike if I'm an adversary nation state


Anyone copy the original text? Now getting: > Hmm...this page doesn’t exist. Try searching for something else


I don’t have the exact copy, but it said it was a ‘channel file’ which was broken.


It might have been a long-present bug in the driver, yes, but today's failure was apparently caused by content/data update.


In most appreciations of risk around upgrades in environments with which i am familiar, changing config/static data etc counts as a systemic update and is controlled in the same way


You would lose a lot of the benefits of a system like crowdstrike if you waited to slowly roll out malware definitions and rules.


Survived this long without such convenience. anything worth protecting lives behind a firewall anyway




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: