SRE Weekly - SRE Weekly Issue #436
View on sreweekly.com
As we can see from the above, any reliability problem like this invalid memory access issue can lead to widespread availability issues when not combined with safe deployment practices.
This analysis from Microsoft starts off by examining crash dumps from the incident that were voluntarily submitted by Windows users. Then they explain why security vendors like CrowdStrike might choose to operate in kernel mode, the inherent risks, and alternative options they could use instead.
Microsoft
This is CrowdStrike's initial technical analysis posted shortly after the incident, which I shared here previously. I'm linking to it again to highlight an apparent contradiction with the analysis from Microsoft as to whether the CrowdStrike component involved was a kernel driver:
Although Channel Files end with the SYS extension, they are not kernel drivers.
I'm guessing the technical resolution to this apparent contradiction is that the channel files are merely data files and not kernel drivers, whereas the thing that processes the channel files is in fact a kernel driver. To me this seems like a needless clarification that was highly likely to mislead readers into thinking that kernel drivers were not at play, which is exactly how I interpreted it at the time.
CrowdStrike
Here's a summary and opinion piece on Microsoft's analysis article, including more on the trade-off of vendors running code in kernel mode.
Thom Holwerda — OSNews
The challenge is, how do you formulate the right free-text representation of your system to get a useful answer out of an LLM?
Amir Krayden — DevOps.com
Will artfully uses a refrigeration-based metaphor to discuss creating a blameless culture. Trust me, it works.
Will Gallego
These folks wanted to allow log lines greater than 128 bytes in their observability product, but their data store made that tricky. They used bloom filters and other techniques to achieve acceptable performance.
Nathan Ostgard and Javier Schoijet — Embrace
It turns out sending texts and making phone calls automatically is really hard, and many assumptions you might make turn out to be wrong.
Leo Sjöberg — incident.io
Wow, I had no idea Systemd could limit a program's ability to access certain IPs. This one's worth a read to save you from hair-pulling if you ever run into this.
rachelbythebay
|
Older messages
SRE Weekly Issue #435
Monday, July 29, 2024
View on sreweekly.com A message from our sponsor, FireHydrant: We've gone all out on our new integration with Microsoft Teams. If you're a MS Teams user, FireHydrant now supports the most
SRE Weekly Issue #434
Monday, July 22, 2024
View on sreweekly.com A message from our sponsor, FireHydrant: We've gone all out on our new integration with Microsoft Teams. If you're a MS Teams user, FireHydrant now supports the most
SRE Weekly Issue #433
Monday, July 15, 2024
View on sreweekly.com A message from our sponsor, FireHydrant: We've gone all out on our new integration with Microsoft Teams. If you're a MS Teams user, FireHydrant now supports the most
SRE Weekly Issue #432
Monday, July 8, 2024
View on sreweekly.com A message from our sponsor, FireHydrant: We've gone all out on our new integration with Microsoft Teams. If you're a MS Teams user, FireHydrant now supports the most
SRE Weekly Issue #431
Monday, July 1, 2024
View on sreweekly.com A message from our sponsor, FireHydrant: We've gone all out on our new integration with Microsoft Teams. If you're a MS Teams user, FireHydrant now supports the most
You Might Also Like
North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams
Saturday, September 7, 2024
THN Daily Updates Newsletter cover Backups: The Key to Cybersecurity How Much Cybersecurity is Enough? Recovery + Resistance = Resilience Download Now Sponsored LATEST NEWS Sep 7, 2024 North Korean
Content Neverending
Saturday, September 7, 2024
What do you know about how Flickr started? ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏
📧 Refit in .NET: Building Robust API Clients in C#
Saturday, September 7, 2024
Refit in .NET: Building Robust API Clients in C# Read on: my website / Read time: 8 minutes The .NET Weekly is brought to you by: The State of Designer-Developer Collaboration 2024 Survey Take
👎 The Most Unpopular Windows Features — Learning Real Skills in VR
Friday, September 6, 2024
Also: Get Switch Games to Load Faster, and More! How-To Geek Logo September 6, 2024 Did You Know The Nintendo company was founded in 1889 to produce playing cards. Despite significantly larger holdings
A vision!
Friday, September 6, 2024
Product Vision and Product Mission As Product Managers and Product Leaders, it's easy to get caught up in the day-to-day grind of feature releases, bug fixes, and user feedback. But amidst this
Daily Coding Problem: Problem #1548 [Easy]
Friday, September 6, 2024
Daily Coding Problem Good morning! Here's your coding interview problem for today. This problem was asked by Atlassian. MegaCorp wants to give bonuses to its employees based on how many lines of
iOS Dev Weekly - Issue 677
Friday, September 6, 2024
Did I let Xcode's predictive code completion write any of the text in this newsletter? 🤖 View on the Web Archives ISSUE 677 September 6th 2024 Comment I found myself needing to upgrade to macOS
Ranked | The 10 Best and Worst States to Retire In 💰
Friday, September 6, 2024
We chart Bankrate's ranking of best and worst states to retire in, based on criteria of affordability, well-being, healthcare, weather, and crime. View Online | Subscribe Presented by: Morningstar
Whopper of a Week
Friday, September 6, 2024
New Telegram Moderation, Boring New iPhones, New Ocean's Movies, Annoying New Threads, and a New WeChat with Same Old Apple Whopper of a Week New Telegram Moderation, Boring New iPhones, New
How to DRY Your Apache APISIX Config
Friday, September 6, 2024
Top Tech Content sent at Noon! #1 Web Scraper for Developers – Try ZenRows for Free Read this email in your browser How are you, @newsletterest1? 🪐 What's happening in tech today, September 6, 2024