SRE Weekly - SRE Weekly Issue #436

View on sreweekly.com

A message from our sponsor, FireHydrant:

Migrate off of PagerDuty, save money, and then have all of your configuration exported as Terraform modules? We did that. We know one of the hardest parts of leaving a legacy tool is the old configuration, that's why we dedicated time to build the Signals migrator, making it easy to switch.

https://firehydrant.com/blog/speedrun-to-signals-automated-migrations-are-here/

As we can see from the above, any reliability problem like this invalid memory access issue can lead to widespread availability issues when not combined with safe deployment practices.

This analysis from Microsoft starts off by examining crash dumps from the incident that were voluntarily submitted by Windows users. Then they explain why security vendors like CrowdStrike might choose to operate in kernel mode, the inherent risks, and alternative options they could use instead.

  Microsoft

This is CrowdStrike's initial technical analysis posted shortly after the incident, which I shared here previously.  I'm linking to it again to highlight an apparent contradiction with the analysis from Microsoft as to whether the CrowdStrike component involved was a kernel driver:

Although Channel Files end with the SYS extension, they are not kernel drivers.

I'm guessing the technical resolution to this apparent contradiction is that the channel files are merely data files and not kernel drivers, whereas the thing that processes the channel files is in fact a kernel driver. To me this seems like a needless clarification that was highly likely to mislead readers into thinking that kernel drivers were not at play, which is exactly how I interpreted it at the time.

  CrowdStrike

Here's a summary and opinion piece on Microsoft's analysis article, including more on the trade-off of vendors running code in kernel mode.

  Thom Holwerda — OSNews

The challenge is, how do you formulate the right free-text representation of your system to get a useful answer out of an LLM?

  Amir Krayden — DevOps.com

Will artfully uses a refrigeration-based metaphor to discuss creating a blameless culture. Trust me, it works.

  Will Gallego

These folks wanted to allow log lines greater than 128 bytes in their observability product, but their data store made that tricky. They used bloom filters and other techniques to achieve acceptable performance.

  Nathan Ostgard and Javier Schoijet — Embrace

It turns out sending texts and making phone calls automatically is really hard, and many assumptions you might make turn out to be wrong.

  Leo Sjöberg — incident.io

Wow, I had no idea Systemd could limit a program's ability to access certain IPs. This one's worth a read to save you from hair-pulling if you ever run into this.

  rachelbythebay







This email was sent to you
why did I get this?    unsubscribe from this list    update subscription preferences
SRE Weekly, a production of Tinker Tinker Tinker, LLC · PO Box 253 · South Lancaster, MA 01561-0253 · USA

Older messages

SRE Weekly Issue #435

Monday, July 29, 2024

View on sreweekly.com A message from our sponsor, FireHydrant: We've gone all out on our new integration with Microsoft Teams. If you're a MS Teams user, FireHydrant now supports the most

SRE Weekly Issue #434

Monday, July 22, 2024

View on sreweekly.com A message from our sponsor, FireHydrant: We've gone all out on our new integration with Microsoft Teams. If you're a MS Teams user, FireHydrant now supports the most

SRE Weekly Issue #433

Monday, July 15, 2024

View on sreweekly.com A message from our sponsor, FireHydrant: We've gone all out on our new integration with Microsoft Teams. If you're a MS Teams user, FireHydrant now supports the most

SRE Weekly Issue #432

Monday, July 8, 2024

View on sreweekly.com A message from our sponsor, FireHydrant: We've gone all out on our new integration with Microsoft Teams. If you're a MS Teams user, FireHydrant now supports the most

SRE Weekly Issue #431

Monday, July 1, 2024

View on sreweekly.com A message from our sponsor, FireHydrant: We've gone all out on our new integration with Microsoft Teams. If you're a MS Teams user, FireHydrant now supports the most

You Might Also Like

North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams

Saturday, September 7, 2024

THN Daily Updates Newsletter cover Backups: The Key to Cybersecurity How Much Cybersecurity is Enough? Recovery + Resistance = Resilience Download Now Sponsored LATEST NEWS Sep 7, 2024 North Korean

Content Neverending

Saturday, September 7, 2024

What do you know about how Flickr started? ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏

📧 Refit in .NET: Building Robust API Clients in C#

Saturday, September 7, 2024

​ Refit in .NET: Building Robust API Clients in C# Read on: m​y website / Read time: 8 minutes The .NET Weekly is brought to you by: The State of Designer-Developer Collaboration 2024 Survey ​ Take

👎 The Most Unpopular Windows Features — Learning Real Skills in VR

Friday, September 6, 2024

Also: Get Switch Games to Load Faster, and More! How-To Geek Logo September 6, 2024 Did You Know The Nintendo company was founded in 1889 to produce playing cards. Despite significantly larger holdings

A vision!

Friday, September 6, 2024

​ Product Vision and Product Mission As Product Managers and Product Leaders, it's easy to get caught up in the day-to-day grind of feature releases, bug fixes, and user feedback. But amidst this

Daily Coding Problem: Problem #1548 [Easy]

Friday, September 6, 2024

Daily Coding Problem Good morning! Here's your coding interview problem for today. This problem was asked by Atlassian. MegaCorp wants to give bonuses to its employees based on how many lines of

iOS Dev Weekly - Issue 677

Friday, September 6, 2024

Did I let Xcode's predictive code completion write any of the text in this newsletter? 🤖 View on the Web Archives ISSUE 677 September 6th 2024 Comment I found myself needing to upgrade to macOS

Ranked | The 10 Best and Worst States to Retire In 💰

Friday, September 6, 2024

We chart Bankrate's ranking of best and worst states to retire in, based on criteria of affordability, well-being, healthcare, weather, and crime. View Online | Subscribe Presented by: Morningstar

Whopper of a Week

Friday, September 6, 2024

New Telegram Moderation, Boring New iPhones, New Ocean's Movies, Annoying New Threads, and a New WeChat with Same Old Apple Whopper of a Week New Telegram Moderation, Boring New iPhones, New

How to DRY Your Apache APISIX Config

Friday, September 6, 2024

Top Tech Content sent at Noon! #1 Web Scraper for Developers – Try ZenRows for Free Read this email in your browser How are you, @newsletterest1? 🪐 What's happening in tech today, September 6, 2024