They may not have a large market share, but they are consequential. If you have a telemedicine visit with one of my company's physicians, you are being seen by a doctor using a super-duper Mac on wheels.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Microsoft Blames European Commission for Major Worldwide Outage
- Thread starter MacRumors
- Start date
- Sort by reaction score
It could top 1 billion in damage.
And I wouldn't be surprised if Microsoft makes more than that on security software alone.
👉 The choice to not protect the kernel was made by Microsoft, not the European Union.
or to put it another way the focus has been on what happened to windows pcs
but how about what didn't happen to apple computers? Crowdstrike didn't take down apple systems because apple don't allow kernel access - and the EU don't require apple to grant that access either.
So it's a big stretch to blame the EU when microsoft know full well that they can prevent such issues just like apple did.
Microsoft and crowdstrike have fallen into a hole and microsoft's argument just made that hole deeper
And that’s an excellent reason why macOS should be running on things of consequence instead of Windows.
It's the governments fault that they don't know how to do staggered deploys? LOL? Are you kidding me?
It's amateur hour to be rolling out ANYTHING fleetwide like this. Absolutely insane misdirection here.
i.e. should have been 1% for a few days, then 10%, 25%, 50%, 100%. Etc. Even Tesla does this and they're as willy-nilly as it gets.
It's amateur hour to be rolling out ANYTHING fleetwide like this. Absolutely insane misdirection here.
i.e. should have been 1% for a few days, then 10%, 25%, 50%, 100%. Etc. Even Tesla does this and they're as willy-nilly as it gets.
Because Windows was a paragon of security and stability prior to 2009. Riiiiiight….
Using eBPF as Linux does.
No More Blue Fridays
No More Blue Fridays: How eBPF is already being adopted to prevent kernel crashes.
www.brendangregg.com
I say "F" the European Commission and their idiotic ideologies!!!
Last Friday, a major CrowdStrike outage impacted PCs running Microsoft Windows, causing worldwide issues affecting airlines, retailers, banks, hospitals, rail networks, and more. Computers were stuck in continuous recovery loops, rendering them unusable.
The failure was caused by an update to the CrowdStrike Falcon antivirus software that auto-installed on Windows 10 PCs, but Mac and Linux machines were not affected even though they received the same software. A report from The Wall Street Journal delves into what happened and includes some critical information from Microsoft on why Macs did not get taken out by the update.
On Windows machines, CrowdStrike's Falcon security software is a kernel module, which gives the software full access to a PC. The kernel manages memory, processes, files, and devices, and it's basically the heart of the operating system. Much of the software on a PC is typically limited to user mode, where bad code can't cause harm, but software with kernel mode access can cause catastrophic total machine failures, like what was encountered last week.
The Falcon software was not able to wreak similar havoc on Macs because Apple does not give software makers kernel access. In macOS Catalina, which came out in 2019, Apple deprecated kernel extensions and transitioned to system extensions that run in a user space instead of at a kernel level. The change made Macs more stable and more secure, adding protection against unstable software updates like the one CrowdStrike pushed out. It is not possible for Macs to have a similar failure because of the change that Apple made.
In a statement to The Wall Street Journal, Microsoft blamed the European Commission for an inability to offer the same protections that Macs have. Microsoft said that it is unable to wall off its operating system because of an "understanding" with the European Commission. Back in 2009, Microsoft agreed to interoperability rules that provide third-party security apps with the same level of access to Windows that Microsoft gets. Microsoft agreed to provide kernel access in order to resolve multiple longstanding competition law issues in Europe.
Apple has not been forced to make changes to how Macs work, but the European Commission has been targeting the closed nature of iOS, and Apple has warned that the updates that have already been implemented could lead to security risks in the future. The European Union's Digital Markets Act has pushed Apple to allow developers to offer apps through third-party marketplaces and websites. Apple says explicitly that the DMA compromises its ability to "detect, prevent, and take action against malicious apps."
The major CrowdStrike failure that affected Windows PCs highlights some of the unintended consequences and the tradeoffs inherent in legislation that weakens security in the name of open access. CrowdStrike's simple software update impacted global infrastructure, bringing travel, commerce, and healthcare to a standstill.
Microsoft does not seem to have a way to stop a recurrence because it can't cut off kernel access. The company says that significant incidents "are infrequent" and that less than one percent of all Windows machines were impacted. CrowdStrike says that it is "deeply sorry for the inconvenience and disruption," and that in the future, it will share the steps that it is taking to prevent a similar situation.
Article Link: Microsoft Blames European Commission for Major Worldwide Outage
It isn't but the anti-choicer/pro monopolists will claim it is.
I don’t know if I believe MS on this idea that they wanted to take away kernel access, but I can totally see the EU regulators telling them not to do it or face penalties.
We'd be screwed without it though. Their views on tech companies is such a small part of what they do, you should realise that.
Pretty desperate even by MICROS~1 standards. The EU are a lot of things but not Windows programmers so lashing out at them isn't going to help. Maybe if Micro-Soft did proper fuzz testing they might have prevented this problem from occurring. Using it as a stick to beat up the EU on something from 15 years ago doesn't pass the smell test. Advantage: EEC
The main problem with the EU's policies (and their sycophant, Elizabeth Warren), is that they don't understand what competition is: innovating something no one else has and letting the people decide what they'd prefer. And yes, that means Apple might be a better thing for alotta people, and yes, it will be difficult for those people to switch because the other companies don't have Apple's IP passed around.
It isn’t, but this “blame game” is exactly what happens when any entity wants all the benefits, but none of the responsibility, of their efforts.
If the EU didn't meddle where they shouldn't, they wouldn't catch blame.
Deciding OS kernel access policies is not something a government should be doing.
Well, yes, but it didn't happen with a Defender update, nor does microsoft generally push Defender updates that are barely tested out to every windows machine out there at the same time (they do staggered releases) so what's the relevance of this counterfactual?
Right. Some intern broke their kernel extension and sent the broken patch into production. Not an exploit, an accident. Like sending an email to the wrong John, only, you know, much more destructive.
It's something the consumer, who owns the hardware, should be deciding. If companies won't allow it, then it's up to the government to force them to give the rights back to the consumer, where it belongs.
Or, I don’t know, maybe do not allow kernel access to any app, like Mac OS. A very similar update in Windows Defender could have caused a crash as well. Just an unsafe practice. It is pathetic blame game from Microsoft. But EU = bad is popular here.
I disagree, it IS the EU's fault. Microsoft wanted to implement changes to windows in the first decade of the 21st century that would have made this exact issue impossible to occur. The EU wouldn't let them because that would have prevented several big antivirus players from "competing" in that space so Microsoft didn't.
The Conditio Sine Qua Non principle used for causation in many legal jurisdictions clearly shows that the EU is legally to blame: "but for" the meddling of the EU Microsoft would have taken away kernel control from the company that directly caused it. They are a distal cause and thus legally at least partially to blame.
If MS took the access away from themselves, too, it should be fine. It's not an unfair advantage if no one, even yourself, is able to use it.
Who knows less about technology than the government your average consumer. Neither one is qualified to make these decisions...