When an operating system allows a single misbehaving program to take down the whole computer and leave it unbootable. I thought we left that behind with Windows 95.
This isn’t a driver. It’s anti-malware. Nobody on Linux puts such software in kernel space (as far as I’m aware). Root service? maybe, but that’s still a user-space process.
It is a driver though, it runs at kernel level and intercepts system calls for logging, analysis, and potential blocking if malware type patterns are detected in the system calls.
When an operating system allows a single misbehaving program to take down the whole computer and leave it unbootable. I thought we left that behind with Windows 95.
Drivers usually run in kernel space, where a crash can bring the whole system down. This is not exclusive to Windows
Yes but only in Windows land do you see jillions of (proprietary) drivers made by 3rd parties. Many of which self-update.
This isn’t a driver. It’s anti-malware. Nobody on Linux puts such software in kernel space (as far as I’m aware). Root service? maybe, but that’s still a user-space process.
It is a driver though, it runs at kernel level and intercepts system calls for logging, analysis, and potential blocking if malware type patterns are detected in the system calls.
Falcon Sensor is also being distributed for RHEL and Debian, and it caused issues there too.
https://www.neowin.net/news/crowdstrike-broke-debian-and-rocky-linux-months-ago-but-no-one-noticed/
deleted by creator
Apple is introducing a lot of user space frameworks to replace much of the kext level functionality though.
deleted by creator
That has been a thing forever. I doubt it will ever go away.
deleted by creator