Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Before reaching the "pushed out to every client without authorization" stage, a kernel driver/module should have been tested. Tested by Microsoft, not by "a third party security vendor shitting in the kernel" that some criminally negligent manager decided to trust.



> Tested by Microsoft

MS don't have testers any more. Where do you think CS learned their radically effective test-in-prod approach?


I think they learned it from Freedesktop developers.


Yeah we have a staging and test process where we run their updated Falcon sensor releasees.

They shit all over our controls and went to production.

This says we don't control it and should not trust it. It is being removed.


> It is being removed.

Congratulations on actually fixing the root cause, as opposed to hand wringing and hoping they don't break you again. I'm expecting "oh noes, better keep it on anyway to be safe" to be the popular choice.


yeah, I agree. I think most places will at least keep it until the existing contract comes time for renegotiation and most will probably keep using cs.

It's far easier for IT departments to just keep using it than it is to switch and managers will complain about "the cost of migrating" and "the time to evaluate and test a new solution" or "other products don't have feature X that we need" (even when they don't need that feature, but THINK they do).


why would Microsoft be required to test some 3rd party software? Maybe I mis-understood.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: