Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Can someone explain this to me more please? Direct correlation to the "Kernal access". How does the mishap relate to such a outage. Thanks community

Basically, Windows allows kernel extensions because Windows Defender uses a kernel extension. They leave this capability open to other developers because Microsoft has an effective monopoly on desktop and does not want the appearance of pushing out antivirus developers.

CrowdStrike made a silly error and broke their kernel extension, breaking Windows in the process. This didn't effect MacOS or Linux because those systems don't allow kernel extensions to begin with.
 
Are you going to hold me responsible too? ..Because I think the (current) tech industry is a plague on the economy and society and I'm actively hostile to it.

The only thing Microsoft (and Crowdstrike) should be doing its accepting responsibility for the mistake, and apologizing for it. Trying to scapegoat the EU is just lazy.

I have the ear of some people with political power, and I absolutely let them know what I think whenever it comes up.

..and I will be sure to let them know that this is scapegoating and a company trying to blame it's mistake on anything but themselves when it's absolutely no one fault except themselves.

The EU had zero part in this. They should be praised for holding tech companies feet to the fire.
 
Back in 2009, Microsoft agreed to interoperability rules that provide third-party security apps with the same level of access to Windows that Microsoft gets. Microsoft agreed to provide kernel access in order to resolve multiple longstanding competition law issues in Europe.
Interoperability with the same level of access that Microsoft's products get:

"Windows Client PC Operating System and the Windows Server Operating System that are called on by Microsoft Security Software Products are documented and available for use by third-party security software products that run on the Windows Client PC Operating System and/or the Windows Server Operating System. These APIs will be documented on the Microsoft Developer Network, unless open publication would create security risks. In such circumstances, Microsoft will provide third-party security vendors with access to such APIs pursuant to a royalty-free license and on fair, reasonable and non-discriminatory terms."

https://news.microsoft.com/download...osoftInteroperabilityUndertaking16Dec2009.doc

There's nothing saying they need to provide kernel-level driver access. Can't see why they wouldn't have been able to do the same as Apple on macOS.

👉 But they chose to commercialise security software as products - paid enterprise security products.
 
Last edited:
TAKE AWAY KERNEL ACCESSS IN WINDOWS JUST LIKE MAC.

I WANT A BETTER MORE RELIABLE WINDOWS.

UNLIKE MOST MAC USERS I ACTUALLY FIND THE WINDOWS INTERFACE MUCH BETTER TO USE. ESPECIALLY MULTIPLE WINDOWS OPEN ON THE DESKTOP.

ONLY THING I HATE ABOUT WINDOWS IS THE EXISTENCE OF THE REGISTRY.
 
Does the EU write security software? The blame is on CrowdStrike for not testing their updates and on Microsoft for allowing kernel level extensions.

The EU is just a scapegoat in this instance. MS allows kernel level extensions worldwide so their excuse doesn't work.
As always probably no money for testers, testers blamed for too slow product deployment but damn smokes on several versions of Windows it's not that hard... like 10 virtual machines or physical (not sure how it's done on such low level, had only experience with Windows RTX apps and normal ones), Jenkins and little time. The more the machines shorter tests of installing windows, updates for app, and updates for windows scenarios.

Then doing 2 more stupid things - deploying by Friday (ok if this was serious issue to be fixed with this antivirus update it can be missed) + deploying everywhere at once FFS... then as we know sys admins also should have possibilities to get patches always on test machines at first (so on "animals" to sacrifice) but who cares... maybe this almighty product does not have such line.... so let's allow auto updates on everything they have in the middle of night what could go wrong :p

Edit - this issue was on system boot so... extremely hard to test and notice on sysadmin side. Literally a clocking bomb.
If it was during system run - system crash would trigger guys.

Also I am surprised why kernel-level app has not done any more verification another than check for CRC and sign as it was said that faulty file had many nulls inside - so lack of data required I guess (not expert on such low level but somehow embedded stuff has that).

Shame on their testers indeed, hopefully they still had some humans on this role... but McAffee guys knows this f up very well. The more I think the more I see that the whole line of responsibilities was broken...
/tester
 
Last edited:
No it's not. People are going to be completely convinced in their pov and get on their soapbox, throwing the usual arguments the other way without really listening. In the end, nobody will be convinced to change position.

🥱🥱🥱
You have reached the macrumors “enlightenment” stage. I feel like we should get some sort of prize for getting this far.
 
Does the EU write security software? The blame is on CrowdStrike for not testing their updates...
Exactly this. This is a Crowdstrike problem.

79% of PC's run Windows in China vs 62.5% in the U.S. and yet China was minimally impacted by the outage.

Why? Because China doesn't use Crowdstrike


While most of the world was grappling with the blue screen of death on Friday, one country that managed to escape largely unscathed was China.

The reason is actually quite simple: CrowdStrike is hardly used there.

Additionally, China is not as reliant on Microsoft as the rest of the world. Domestic companies such as Alibaba, Tencent and Huawei are the dominant cloud providers.

So reports of outages in China, when they did come, were mainly at foreign firms or organisations. On Chinese social media sites, for example, some users complained they were not able to check into international chain hotels such as Sheraton, Marriott and Hyatt in Chinese cities.
 
Or, you know, Microsoft could blame the actual company, CloudStrike, responsible for the outage.
...and focus on making their operating system secure. For everyone.

Instead of business users having to rely on third parties to do it - and Microsoft competing against security software vendors with their own (payable) enterprise security products.
 
Sideloading on iOS shouldn't be any different than sideloading on macOS

And since macOS doesn't have the same kernel access vulnerability as Windows because...

"The Falcon software was not able to wreak similar havoc on Macs because Apple does not give software makers kernel access."

iOS wouldn't have the same kernel access vulnerability either.

iOS has a mechanism for installing kernel extensions? Color me surprised!
apply that same logic from "Apple does not allow side loading" yet here we are today.
 
and they couldn't develop an proper API that would give them and other developers similar funcionality without requiring them to run kernel drivers? because thats what Apple did when they removed kernel extensions.

this is blaming EU for the sake of blaming EU.
 
The EU's solution to anti-competitive behavior is to LOWER SECURITY.

Interropability, and allowing third party access at the kernel level, in the very way that the EU deems,
LOWERS SECURITY
The EU doesn’t mandate third-party kernel drivers. What they do mandate is for third-party apps to have the same access as first-party apps. Microsoft could achieve this by providing a safe interface, like Linux does with eBPF.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.