Rocksolid Light

News from da outaworlds

mail  files  register  groups  login

Message-ID:  

You have an ability to sense and know higher truth.


comp / comp.os.linux.misc / Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday

SubjectAuthor
* Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday26yh.0712
+* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterdayyeti
|+* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday26yh.0712
||`* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayCharlie Gibbs
|| `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday26yh.0712
||  +* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
||  |+* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday26yh.0712
||  ||+* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterdayrbowman
||  |||+* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday26yh.0712
||  ||||+- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
||  ||||`* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayCharlie Gibbs
||  |||| `- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday26yh.0712
||  |||`- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayHarold Stevens
||  ||`- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
||  |`* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayAndy Burns
||  | +- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday26yh.0712
||  | `- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
||  `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterdayrbowman
||   `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayThe Natural Philosopher
||    `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayAndy Burns
||     `- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday26yh.0712
|+* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
||`* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayNuno Silva
|| +* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayPopping Mad
|| |+* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
|| ||`* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayPopping Mad
|| || `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
|| ||  `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayBobbie Sellers
|| ||   `- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
|| |+- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayNuno Silva
|| |`- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayRich
|| +* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayDavid W. Hodgins
|| |+* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterdayrbowman
|| ||+- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
|| ||`* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayCharlie Gibbs
|| || `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterdayrbowman
|| ||  `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayCharlie Gibbs
|| ||   `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterdayrbowman
|| ||    +- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
|| ||    `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayCharlie Gibbs
|| ||     `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterdayrbowman
|| ||      `- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayCharlie Gibbs
|| |`- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
|| `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
||  +* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayPopping Mad
||  |`- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
||  +* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayPopping Mad
||  |`* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayD
||  | `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterdayvallor
||  |  `- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayD
||  `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayNuno Silva
||   +* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayRich
||   |`* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayNuno Silva
||   | `- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayRich
||   `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
||    `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayRich
||     `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayNuno Silva
||      `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayRich
||       +* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayNuno Silva
||       |+- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayThe Natural Philosopher
||       |+- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayRich
||       |`- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
||       `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterdayvallor
||        `- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
|`* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayJohn McCue
| +* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterdaycandycanearter07
| |+* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayBobbie Sellers
| ||+* Linux at scale (was: Re: Wonderful Windows Zaps Banks/Transport/Media after "Updvallor
| |||`* Re: Linux at scaleBobbie Sellers
| ||| `* Re: Linux at scalevallor
| |||  `* Re: Linux at scaleLawrence D'Oliveiro
| |||   `* MS Access (was: Re: Linux at scale)vallor
| |||    +* Re: MS AccessComputer Nerd Kev
| |||    |`* Re: MS AccessLawrence D'Oliveiro
| |||    | +* Re: MS Accessvallor
| |||    | |`* Re: MS AccessLawrence D'Oliveiro
| |||    | | `* Re: MS Access186282@ud0s4.net
| |||    | |  `* Re: MS AccessLawrence D'Oliveiro
| |||    | |   +* Re: MS AccessCharlie Gibbs
| |||    | |   |`* Re: MS AccessLawrence D'Oliveiro
| |||    | |   | +* Re: MS Accesscandycanearter07
| |||    | |   | |+* Re: MS AccessPaul
| |||    | |   | ||`* Re: MS AccessLawrence D'Oliveiro
| |||    | |   | || `- Re: MS Accesscandycanearter07
| |||    | |   | |+* Re: MS AccessJack Strangio
| |||    | |   | ||`- Re: MS Accesscandycanearter07
| |||    | |   | |`- Re: MS AccessLawrence D'Oliveiro
| |||    | |   | `* Re: MS Access186282@ud0s4.net
| |||    | |   |  `* Re: MS AccessLawrence D'Oliveiro
| |||    | |   |   `* Re: MS Access186282@ud0s4.net
| |||    | |   |    `* Re: MS AccessLawrence D'Oliveiro
| |||    | |   |     +* Re: MS Access186282@ud0s4.net
| |||    | |   |     |`* Re: MS AccessLawrence D'Oliveiro
| |||    | |   |     | +* Re: MS AccessJohn Dallman
| |||    | |   |     | |+* Re: MS AccessThe Natural Philosopher
| |||    | |   |     | ||`* Re: MS AccessLawrence D'Oliveiro
| |||    | |   |     | || `* Re: MS AccessNuno Silva
| |||    | |   |     | ||  `- Re: MS AccessThe Natural Philosopher
| |||    | |   |     | |`* Re: MS AccessLawrence D'Oliveiro
| |||    | |   |     | | `* Re: MS AccessJohn Dallman
| |||    | |   |     | |  `- Re: MS AccessLawrence D'Oliveiro
| |||    | |   |     | `* Re: MS AccessPaul
| |||    | |   |     `* Re: MS AccessPaul
| |||    | |   `* Re: MS Access186282@ud0s4.net
| |||    | `* Re: MS AccessJust Me
| |||    +* Re: MS Access (was: Re: Linux at scale)Philip Herlihy
| |||    +* Re: MS Access (was: Re: Linux at scale)Char Jackson
| |||    +* Re: MS Access (was: Re: Linux at scale)Stan Brown
| |||    +- Re: MS AccessBig Al
| |||    `- Re: MS Access (was: Re: Linux at scale)Lawrence D'Oliveiro
| ||+* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayLawrence D'Oliveiro
| ||+* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayThe Natural Philosopher
| ||`* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayRich
| |`- Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday186282@ud0s4.net
| `* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterdaycandycanearter07
+* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayAnna
`* Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" YesterdayJohn McCue

Pages:123456789
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Charlie Gibbs
Newsgroups: comp.os.linux.misc
Date: Sun, 21 Jul 2024 16:37 UTC
References: 1 2 3 4 5 6
Path: eternal-september.org!news.eternal-september.org!feeder3.eternal-september.org!border-1.nntp.ord.giganews.com!nntp.giganews.com!news-out.netnews.com!s1-1.netnews.com!peer03.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx17.iad.POSTED!not-for-mail
Newsgroups: comp.os.linux.misc
From: cgibbs@kltpzyxm.invalid (Charlie Gibbs)
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <op.2q74qrb7a3w0dxdave@hodgins.homeip.net>
<lg2v6sF553jU4@mid.individual.net>
User-Agent: slrn/1.0.3 (Linux)
Lines: 21
Message-ID: <ZOanO.141233$xL%b.7926@fx17.iad>
X-Complaints-To: https://www.astraweb.com/aup
NNTP-Posting-Date: Sun, 21 Jul 2024 16:37:13 UTC
Date: Sun, 21 Jul 2024 16:37:13 GMT
X-Received-Bytes: 1697
X-Original-Bytes: 1646
View all headers

On 2024-07-20, rbowman <bowman@montana.com> wrote:

> On Sat, 20 Jul 2024 16:05:05 -0400, David W. Hodgins wrote:
>
>> Pushing an update for privileged software to tens of thousands of
>> systems all at once is never a good idea. It should have been done in
>> stages starting with a small number of systems, with verification that
>> it was working properly at each stage of the roll out.
>
> Canary testing is definitely beneficial. Even worse, our support people
> are indoctrinated from Day One that unless the system is completely broken
> and can't get any worse never push out updates on Friday when everyone is
> headed to the beach.

What is it you find so bad about not updating on a Friday?

--
/~\ Charlie Gibbs | We'll go down in history as the
\ / <cgibbs@kltpzyxm.invalid> | first society that wouldn't save
X I'm really at ac.dekanfrus | itself because it wasn't cost-
/ \ if you read it the right way. | effective. -- Kurt Vonnegut

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: vallor
Newsgroups: comp.os.linux.misc
Date: Sun, 21 Jul 2024 18:01 UTC
References: 1 2 3 4 5 6 7
Path: eternal-september.org!news.eternal-september.org!feeder3.eternal-september.org!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: vallor@cultnix.org (vallor)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
Date: 21 Jul 2024 18:01:17 GMT
Lines: 41
Message-ID: <lg50ncFdc9eU2@mid.individual.net>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <v7hm97$3p5q7$2@dont-email.me>
<v7i3q7$6ak$3@reader1.panix.com>
<09a33276-1f22-a9af-6c0b-990cef30f9ad@example.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Trace: individual.net khNZ8i4TqBAHAE5iCSRCOgnEKsv0meQvR4VpQQ2OizNnUXJA5Y
Cancel-Lock: sha1:w7QUIma8i4y+R2IhT+nq6XQZzDo= sha256:JQuTmEO+E/zNuCSD1kM6H6KmkEzZtVGe82vmr24I/XU=
X-Face: +McU)#<-H?9lTb(Th!zR`EpVrp<0)1p5CmPu.kOscy8LRp_\u`:tW;dxPo./(fCl
CaKku`)]}.V/"6rISCIDP`
User-Agent: Pan/0.159 (Vovchansk; 31ef135; Linux-6.9.10)
View all headers

On Sun, 21 Jul 2024 11:23:08 +0200, D <nospam@example.net> wrote in
<09a33276-1f22-a9af-6c0b-990cef30f9ad@example.net>:

> On Sun, 21 Jul 2024, Popping Mad wrote:
>
>> On 7/20/24 8:55 PM, Lawrence D'Oliveiro wrote:
>>> On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:
>>>
>>>> But immediately ruling out this scenario for Linux systems sounds
>>>> quite unrealistic to me. (And, from what I've read yesterday, I got
>>>> the impression that there had been a similar incident with Linux
>>>> systems, but I didn't study that further.)
>>>
>>> Sure. But remember, the various pieces of a Linux system are just
>>> inherently put together in a more modular, flexible fashion, and that
>>> includes systemd. That does reduce the chance for trouble quite
>>> significantly.
>>
>>
>> BTW - you are now in my kill fly, so you can troll the back of the hand
>> now...
>>
>>
> Wise choice! I also discovered that Lawrence was just a troll and choose
> the same action. He really has nothing of value to say in my opinion.

There's a far cry from "I disagree" to "nothing of value".

I don't agree with everything Lawrence posts, and I've called
him out on his "snip and snark" style, but not everything he
posts is without merit.

Regarding the crowdstrike matter: It seems that Linux
systems would be much less vulnerable to such SNAFUs -- and
there are Linux distributions that don't use systemd, if
that is a concern.

--
-v System76 Thelio Mega v1.1 x86_64 NVIDIA RTX 3090 Ti
OS: Linux 6.9.10 Release: Mint 21.3 Mem: 258G
"He's dead Jim. Grab his tricorder. I'll get his wallet."

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: rbowman
Newsgroups: comp.os.linux.misc
Date: Sun, 21 Jul 2024 18:36 UTC
References: 1 2 3 4 5 6 7
Path: eternal-september.org!news.eternal-september.org!feeder3.eternal-september.org!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: bowman@montana.com (rbowman)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
Date: 21 Jul 2024 18:36:57 GMT
Lines: 29
Message-ID: <lg52q9Fesd0U3@mid.individual.net>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <op.2q74qrb7a3w0dxdave@hodgins.homeip.net>
<lg2v6sF553jU4@mid.individual.net> <ZOanO.141233$xL%b.7926@fx17.iad>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Trace: individual.net agglg9lG3gK0TWkMCeCprwr9E2E5lqYzLfxOcNt9mQAFxZXz7B
Cancel-Lock: sha1:aIcotEaRlBfwNAay0TQEN3x7f6s= sha256:LTm5sQ5RHVz/Mg441uFLHFye5T8eHmRP+g1oPqOpSzw=
User-Agent: Pan/0.149 (Bellevue; 4c157ba)
View all headers

On Sun, 21 Jul 2024 16:37:13 GMT, Charlie Gibbs wrote:

> On 2024-07-20, rbowman <bowman@montana.com> wrote:
>
>> On Sat, 20 Jul 2024 16:05:05 -0400, David W. Hodgins wrote:
>>
>>> Pushing an update for privileged software to tens of thousands of
>>> systems all at once is never a good idea. It should have been done in
>>> stages starting with a small number of systems, with verification that
>>> it was working properly at each stage of the roll out.
>>
>> Canary testing is definitely beneficial. Even worse, our support people
>> are indoctrinated from Day One that unless the system is completely
>> broken and can't get any worse never push out updates on Friday when
>> everyone is headed to the beach.
>
> What is it you find so bad about not updating on a Friday?

I don't think you what you wrote is what you intended. Anyway for most
organizations Friday is the end of the week and people are more focused on
planning their weekend. If there is IT support on the weekend it is an
oncall situation and they are not actually at their desks. In the
CrowdStrike scenario that really hurts since a remote reboot doesn't work.

Too put it colloquially, people really don't want to deal with shit on
Friday and that goes for more than software updates. Sure, in this case
where the system is completely FUBAR they have to but the response time is
slower.

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Bobbie Sellers
Newsgroups: comp.os.linux.misc
Organization: none at all
Date: Sun, 21 Jul 2024 20:58 UTC
References: 1 2 3 4 5 6 7 8
Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: blissInSanFrancisco@mouse-potato.com (Bobbie Sellers)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
Date: Sun, 21 Jul 2024 13:58:59 -0700
Organization: none at all
Lines: 19
Message-ID: <v7jsqk$8gvd$1@dont-email.me>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <v7gv7b$dhs$2@reader1.panix.com>
<v7hmau$3p5q7$3@dont-email.me> <v7i3je$6ak$1@reader1.panix.com>
<v7i7e1$3vh6m$2@dont-email.me>
Reply-To: blissInSanFrancisco@mouse-potato.com
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Sun, 21 Jul 2024 22:59:00 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="3dacc6fbfd9bc4b0ddb5b86ba9693d3a";
logging-data="279533"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19fF48Rx/tfP55lFu1WvrLe"
User-Agent: Betterbird (Linux)
Cancel-Lock: sha1:sdxKe/wMOYzfDTME0DeZeMTbhXk=
In-Reply-To: <v7i7e1$3vh6m$2@dont-email.me>
Content-Language: en-US
View all headers

On 7/20/24 22:47, Lawrence D'Oliveiro wrote:
> On Sun, 21 Jul 2024 00:41:53 -0400, Popping Mad wrote:
>
>> On 7/20/24 8:55 PM, Lawrence D'Oliveiro wrote:
>>
>>> systemd myth number 1: “systemd is monolithic”
>>>
>>> <http://0pointer.de/blog/projects/the-biggest-myths.html>
>>
>> You are a fucking idiot.
>
> systemd-haters are like the anti-fluoridationists of the Open-Source world.

in your opinion but unlike floridation systemd has a large attack
surface. That makes it more like the MS program launcher.and
promotes disruption of services.

--
b l i s s - S F 4 e v e r at D S L E x t r e m e dot com

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: D
Newsgroups: comp.os.linux.misc
Organization: i2pn2 (i2pn.org)
Date: Sun, 21 Jul 2024 21:39 UTC
References: 1 2 3 4 5 6 7 8
Path: eternal-september.org!news.eternal-september.org!feeder3.eternal-september.org!i2pn.org!i2pn2.org!.POSTED!not-for-mail
From: nospam@example.net (D)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
Date: Sun, 21 Jul 2024 23:39:45 +0200
Organization: i2pn2 (i2pn.org)
Message-ID: <5f8746c7-a06c-5b50-c3c0-4c76fb714e29@example.net>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com> <87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me> <v7g2bi$3fp58$1@dont-email.me> <v7hm97$3p5q7$2@dont-email.me> <v7i3q7$6ak$3@reader1.panix.com> <09a33276-1f22-a9af-6c0b-990cef30f9ad@example.net>
<lg50ncFdc9eU2@mid.individual.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
Injection-Info: i2pn2.org;
logging-data="4094123"; mail-complaints-to="usenet@i2pn2.org";
posting-account="w/4CleFT0XZ6XfSuRJzIySLIA6ECskkHxKUAYDZM66M";
X-Spam-Checker-Version: SpamAssassin 4.0.0
In-Reply-To: <lg50ncFdc9eU2@mid.individual.net>
View all headers

On Sun, 21 Jul 2024, vallor wrote:

> On Sun, 21 Jul 2024 11:23:08 +0200, D <nospam@example.net> wrote in
> <09a33276-1f22-a9af-6c0b-990cef30f9ad@example.net>:
>
>> On Sun, 21 Jul 2024, Popping Mad wrote:
>>
>>> On 7/20/24 8:55 PM, Lawrence D'Oliveiro wrote:
>>>> On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:
>>>>
>>>>> But immediately ruling out this scenario for Linux systems sounds
>>>>> quite unrealistic to me. (And, from what I've read yesterday, I got
>>>>> the impression that there had been a similar incident with Linux
>>>>> systems, but I didn't study that further.)
>>>>
>>>> Sure. But remember, the various pieces of a Linux system are just
>>>> inherently put together in a more modular, flexible fashion, and that
>>>> includes systemd. That does reduce the chance for trouble quite
>>>> significantly.
>>>
>>>
>>> BTW - you are now in my kill fly, so you can troll the back of the hand
>>> now...
>>>
>>>
>> Wise choice! I also discovered that Lawrence was just a troll and choose
>> the same action. He really has nothing of value to say in my opinion.
>
> There's a far cry from "I disagree" to "nothing of value".
>
> I don't agree with everything Lawrence posts, and I've called
> him out on his "snip and snark" style, but not everything he
> posts is without merit.
>
> Regarding the crowdstrike matter: It seems that Linux
> systems would be much less vulnerable to such SNAFUs -- and
> there are Linux distributions that don't use systemd, if
> that is a concern.
>

I agree completely with you linux point of view. It has benefitted me
greatly in the past. In the distant past I think I even ran a web server
on OpenBSD and had the pleasure of tail -f:inf the web server logs
watching some windows worm trying again and again without anything
happening.

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Charlie Gibbs
Newsgroups: comp.os.linux.misc
Date: Sun, 21 Jul 2024 22:04 UTC
References: 1 2 3 4 5 6 7 8
Path: eternal-september.org!news.eternal-september.org!feeder3.eternal-september.org!panix!weretis.net!feeder9.news.weretis.net!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!feeder.usenetexpress.com!tr1.iad1.usenetexpress.com!peer03.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx09.iad.POSTED!not-for-mail
Newsgroups: comp.os.linux.misc
From: cgibbs@kltpzyxm.invalid (Charlie Gibbs)
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com> <87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me> <v7g2bi$3fp58$1@dont-email.me> <op.2q74qrb7a3w0dxdave@hodgins.homeip.net> <lg2v6sF553jU4@mid.individual.net> <ZOanO.141233$xL%b.7926@fx17.iad> <lg52q9Fesd0U3@mid.individual.net>
User-Agent: slrn/1.0.3 (Linux)
Lines: 42
Message-ID: <vBfnO.58247$BYv6.15090@fx09.iad>
X-Complaints-To: https://www.astraweb.com/aup
NNTP-Posting-Date: Sun, 21 Jul 2024 22:04:11 UTC
Date: Sun, 21 Jul 2024 22:04:11 GMT
X-Received-Bytes: 2923
View all headers

On 2024-07-21, rbowman <bowman@montana.com> wrote:

> On Sun, 21 Jul 2024 16:37:13 GMT, Charlie Gibbs wrote:
>
>> What is it you find so bad about not updating on a Friday?
>
> I don't think you what you wrote is what you intended.

I suspected that there was possibly some terminological confusion.

> Anyway for most
> organizations Friday is the end of the week and people are more focused
> on planning their weekend. If there is IT support on the weekend it is
> an oncall situation and they are not actually at their desks. In the
> CrowdStrike scenario that really hurts since a remote reboot doesn't work.
>
> Too put it colloquially, people really don't want to deal with shit on
> Friday and that goes for more than software updates. Sure, in this case
> where the system is completely FUBAR they have to but the response time is
> slower.

Many of our customers are hotels, for whom the output of our system is
a revenue stream. We're a small outfit, and can't provide 24/7 support.
If an update knocks out our data stream on Friday afternoon, there's
nobody around until Monday to fix things - and many of our hotels'
peak time is on the weekend. It saves a lot of headaches to refrain
from Friday updates; if the excrement does hit the rotating ventilation
device as the result of a bad update, we can get them back up within
24 hours.

Note: not all outages are due to software bugs on our part. Configuration
changes on the customer site can kill things just as effectively, and in
fact are the more likely cause of a failure. Or maybe someone unplugged
something they shouldn't. But if data stops flowing, the finger is
pointed at us first, rightly or wrongly. So not only do we not do
updates on Friday, we recommend the philosophy on genreral principles.

--
/~\ Charlie Gibbs | We'll go down in history as the
\ / <cgibbs@kltpzyxm.invalid> | first society that wouldn't save
X I'm really at ac.dekanfrus | itself because it wasn't cost-
/ \ if you read it the right way. | effective. -- Kurt Vonnegut

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Lawrence D'Oliv
Newsgroups: comp.os.linux.misc
Organization: A noiseless patient Spider
Date: Sun, 21 Jul 2024 23:12 UTC
References: 1 2 3 4 5 6
Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: ldo@nz.invalid (Lawrence D'Oliveiro)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
Date: Sun, 21 Jul 2024 23:12:01 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 33
Message-ID: <v7k4k1$9scj$1@dont-email.me>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <v7hm97$3p5q7$2@dont-email.me>
<v7ih9m$pll$2@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 22 Jul 2024 01:12:02 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="b212b481dfd7840f1fe4e09cc20d25c2";
logging-data="323987"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/OiJ5qrjkwvW6GHiO5EkER"
User-Agent: Pan/0.158 (Avdiivka; )
Cancel-Lock: sha1:Jw6pE/wlCn4BCwzk5jnhnVM0MeU=
View all headers

On Sun, 21 Jul 2024 09:36:06 +0100, Nuno Silva wrote:

> On 2024-07-21, Lawrence D'Oliveiro wrote:
>
>> On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:
>>
>>> But immediately ruling out this scenario for Linux systems sounds
>>> quite unrealistic to me. (And, from what I've read yesterday, I got
>>> the impression that there had been a similar incident with Linux
>>> systems, but I didn't study that further.)
>>
>> Sure. But remember, the various pieces of a Linux system are just
>> inherently put together in a more modular, flexible fashion, and that
>> includes systemd. That does reduce the chance for trouble quite
>> significantly.
>
> Well, there is one notable piece of software in Linux systems that's
> quite monolithic, unless something has changed and I didn't get the
> memo: the kernel itself.

It’s always been modular. Look up “Linux kernel modules”:

ldo@theon:~> find /lib/modules/$(uname -r) -name \*.ko\* | wc -l
4142

See that number? That’s how many loadable modules I have on my system--and
that’s just for the currently-running kernel.

> If you write a bad quality module that crashes the kernel, what
> mechanisms are there to recover from that?

First you said it was “monolithic”, now you realize that “modules” are
involved.

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Lawrence D'Oliv
Newsgroups: comp.os.linux.misc
Organization: A noiseless patient Spider
Date: Sun, 21 Jul 2024 23:14 UTC
References: 1 2 3 4 5 6 7 8 9
Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: ldo@nz.invalid (Lawrence D'Oliveiro)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
Date: Sun, 21 Jul 2024 23:14:10 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 10
Message-ID: <v7k4o2$9scj$2@dont-email.me>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <v7gv7b$dhs$2@reader1.panix.com>
<v7hmau$3p5q7$3@dont-email.me> <v7i3je$6ak$1@reader1.panix.com>
<v7i7e1$3vh6m$2@dont-email.me> <v7jsqk$8gvd$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 22 Jul 2024 01:14:11 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="b212b481dfd7840f1fe4e09cc20d25c2";
logging-data="323987"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19zTGmk2Ce7w/YCmInIyPvH"
User-Agent: Pan/0.158 (Avdiivka; )
Cancel-Lock: sha1:cTMp8J1qR1I2cLoWtBVbo3efGRU=
View all headers

On Sun, 21 Jul 2024 13:58:59 -0700, Bobbie Sellers wrote:

> systemd has a large attack surface.

Mmm ... myth 11, “systemd is complex”, and/or myth 12, “systemd is
bloated”, maybe even myth 18, “systemd is a feature creep”? And of course
myth 24, “systemd is unstable and buggy”, plus myth 25, “systemd is not
debuggable”?

<http://0pointer.de/blog/projects/the-biggest-myths.html>

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Rich
Newsgroups: comp.os.linux.misc
Organization: A noiseless patient Spider
Date: Sun, 21 Jul 2024 23:27 UTC
References: 1 2 3 4 5 6 7
Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: rich@example.invalid (Rich)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
Date: Sun, 21 Jul 2024 23:27:36 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 31
Message-ID: <v7k5h7$a10s$1@dont-email.me>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com> <87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me> <v7g2bi$3fp58$1@dont-email.me> <v7hm97$3p5q7$2@dont-email.me> <v7ih9m$pll$2@dont-email.me> <v7k4k1$9scj$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 22 Jul 2024 01:27:36 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="29eb5f955e13a8d704edc989f2b069f2";
logging-data="328732"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18D2uEDodpiubWmQaZSaNO4"
User-Agent: tin/2.6.1-20211226 ("Convalmore") (Linux/5.15.139 (x86_64))
Cancel-Lock: sha1:6vwGqKCUtuwH6ScFb+LkQ7f0hVU=
View all headers

Lawrence D'Oliveiro <ldo@nz.invalid> wrote:
> On Sun, 21 Jul 2024 09:36:06 +0100, Nuno Silva wrote:
>
>> On 2024-07-21, Lawrence D'Oliveiro wrote:
>>
>>> On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:
>>>
>>>> But immediately ruling out this scenario for Linux systems sounds
>>>> quite unrealistic to me. (And, from what I've read yesterday, I got
>>>> the impression that there had been a similar incident with Linux
>>>> systems, but I didn't study that further.)
>>>
>>> Sure. But remember, the various pieces of a Linux system are just
>>> inherently put together in a more modular, flexible fashion, and that
>>> includes systemd. That does reduce the chance for trouble quite
>>> significantly.
>>
>> Well, there is one notable piece of software in Linux systems that's
>> quite monolithic, unless something has changed and I didn't get the
>> memo: the kernel itself.
>
> It’s always been modular. Look up “Linux kernel modules”:

Ah, no. Although one does have to time travel back to circa 1994 to
find a Linux kernel that did not have the modules subsystem. But it
has not "always" been modular.

Back in those days we had to recompile the kernel to turn on drivers
that one's distro did not compile in by default. And compiling the
kernel on a 386 was a multi hour proposition.

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: rbowman
Newsgroups: comp.os.linux.misc
Date: Mon, 22 Jul 2024 05:31 UTC
References: 1 2 3 4 5 6 7 8 9
Path: eternal-september.org!news.eternal-september.org!feeder3.eternal-september.org!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: bowman@montana.com (rbowman)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
Date: 22 Jul 2024 05:31:36 GMT
Lines: 22
Message-ID: <lg695nFkdpgU3@mid.individual.net>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <op.2q74qrb7a3w0dxdave@hodgins.homeip.net>
<lg2v6sF553jU4@mid.individual.net> <ZOanO.141233$xL%b.7926@fx17.iad>
<lg52q9Fesd0U3@mid.individual.net> <vBfnO.58247$BYv6.15090@fx09.iad>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Trace: individual.net fkVcdR409vV+f6mEDaShswwbEBJOeXAn2HplAs4yfWVwO/7i8g
Cancel-Lock: sha1:VZV/XGKh7EaOaq06OQ7LNaSM3eg= sha256:O0OgbD5U2kDiPH3X2a7cSQJ3an3yt3fEaVyjBK1SYyo=
User-Agent: Pan/0.149 (Bellevue; 4c157ba)
View all headers

On Sun, 21 Jul 2024 22:04:11 GMT, Charlie Gibbs wrote:

> Note: not all outages are due to software bugs on our part.
> Configuration changes on the customer site can kill things just as
> effectively, and in fact are the more likely cause of a failure. Or
> maybe someone unplugged something they shouldn't. But if data stops
> flowing, the finger is pointed at us first, rightly or wrongly. So not
> only do we not do updates on Friday, we recommend the philosophy on
> genreral principles.

Yup. Our clients are PSAPs (dispatch software in 911 call centers). They
get really unhappy when the software goes down during a mass casualty
incident.

The typical procedure is to deploy software to a backup/training server
and test it using the site's configuration files before pushing it to the
main servers and workstations.

We're definitely #1 on the 'who do you call?' list. My favorite goes back
to the days of modems. Paging suddenly stopped working and it took a while
to figure out a dispatcher got sick of listening to the modem and turned
it off.

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Lawrence D'Oliv
Newsgroups: comp.os.linux.misc
Organization: A noiseless patient Spider
Date: Mon, 22 Jul 2024 06:05 UTC
References: 1 2 3 4 5 6 7 8 9 10
Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: ldo@nz.invalid (Lawrence D'Oliveiro)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
Date: Mon, 22 Jul 2024 06:05:03 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 7
Message-ID: <v7ksqf$hbdq$2@dont-email.me>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <op.2q74qrb7a3w0dxdave@hodgins.homeip.net>
<lg2v6sF553jU4@mid.individual.net> <ZOanO.141233$xL%b.7926@fx17.iad>
<lg52q9Fesd0U3@mid.individual.net> <vBfnO.58247$BYv6.15090@fx09.iad>
<lg695nFkdpgU3@mid.individual.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 22 Jul 2024 08:05:04 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="89af1fc151722dd219ab9464b4cc6030";
logging-data="568762"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/+O4SqXTmRXr4kbIRN9Yr+"
User-Agent: Pan/0.158 (Avdiivka; )
Cancel-Lock: sha1:eV++xsZNQNYDmGtsTPUKp3MV+Lk=
View all headers

On 22 Jul 2024 05:31:36 GMT, rbowman wrote:

> Paging suddenly stopped working and it took
> a while to figure out a dispatcher got sick of listening to the modem
> and turned it off.

“ATM0”, I believe is the command.

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Nuno Silva
Newsgroups: comp.os.linux.misc
Organization: A noiseless patient Spider
Date: Mon, 22 Jul 2024 07:36 UTC
References: 1 2 3 4 5 6 7 8
Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: nunojsilva@invalid.invalid (Nuno Silva)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
Date: Mon, 22 Jul 2024 08:36:12 +0100
Organization: A noiseless patient Spider
Lines: 41
Message-ID: <v7l25c$i6ai$1@dont-email.me>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <v7hm97$3p5q7$2@dont-email.me>
<v7ih9m$pll$2@dont-email.me> <v7k4k1$9scj$1@dont-email.me>
<v7k5h7$a10s$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 22 Jul 2024 09:36:13 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="7bbbae834fde26766b6dfebf831584f7";
logging-data="596306"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/5zrYROFqu79ezcGX3ZBkb"
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
Cancel-Lock: sha1:R/K3FLtzK3jA9fKLRXCD+U9V2+o=
View all headers

On 2024-07-22, Rich wrote:

> Lawrence D'Oliveiro <ldo@nz.invalid> wrote:
>> On Sun, 21 Jul 2024 09:36:06 +0100, Nuno Silva wrote:
>>
>>> On 2024-07-21, Lawrence D'Oliveiro wrote:
>>>
>>>> On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:
>>>>
>>>>> But immediately ruling out this scenario for Linux systems sounds
>>>>> quite unrealistic to me. (And, from what I've read yesterday, I got
>>>>> the impression that there had been a similar incident with Linux
>>>>> systems, but I didn't study that further.)
>>>>
>>>> Sure. But remember, the various pieces of a Linux system are just
>>>> inherently put together in a more modular, flexible fashion, and that
>>>> includes systemd. That does reduce the chance for trouble quite
>>>> significantly.
>>>
>>> Well, there is one notable piece of software in Linux systems that's
>>> quite monolithic, unless something has changed and I didn't get the
>>> memo: the kernel itself.
>>
>> It’s always been modular. Look up “Linux kernel modules”:
>
> Ah, no. Although one does have to time travel back to circa 1994 to
> find a Linux kernel that did not have the modules subsystem. But it
> has not "always" been modular.
>
> Back in those days we had to recompile the kernel to turn on drivers
> that one's distro did not compile in by default. And compiling the
> kernel on a 386 was a multi hour proposition.

The modular part, AFAIK, only applies to having the separate files and
loading and unloading. Isn't it still a monolithic process in-memory?

Or, for what matters for the topic of this thread: if code in a module
crashes, how can the rest of the kernel continue running?

--
Nuno Silva

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Nuno Silva
Newsgroups: comp.os.linux.misc
Organization: A noiseless patient Spider
Date: Mon, 22 Jul 2024 07:40 UTC
References: 1 2 3 4 5 6 7
Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: nunojsilva@invalid.invalid (Nuno Silva)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
Date: Mon, 22 Jul 2024 08:40:03 +0100
Organization: A noiseless patient Spider
Lines: 22
Message-ID: <v7l2cj$i6ai$2@dont-email.me>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <v7hm97$3p5q7$2@dont-email.me>
<v7ih9m$pll$2@dont-email.me> <v7j5en$43lr$2@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain
Injection-Date: Mon, 22 Jul 2024 09:40:04 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="7bbbae834fde26766b6dfebf831584f7";
logging-data="596306"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/OgUw73AemFZKVPvqALYhr"
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
Cancel-Lock: sha1:axq8vkKEMBsXkBKFbc87T6YAtCQ=
View all headers

On 2024-07-21, Rich wrote:

> Nuno Silva <nunojsilva@invalid.invalid> wrote:
>> Well, there is one notable piece of software in Linux systems that's
>> quite monolithic, unless something has changed and I didn't get the
>> memo: the kernel itself.
>>
>> If you write a bad quality module that crashes the kernel, what
>> mechanisms are there to recover from that?
>
> Boot into single user mode (hopefully the module is not autoloaded by
> the kernel itself) and remove/rename the module file.

I was thinking more along the lines of recovering without a reboot.

But for what you say, it's indeed an approach (unless there is something
in place that prevents such access to remove the file - which, I think,
has been happening with some Windows machines with CrowdStrike, and
could always be implemented on Linux systems too).

--
Nuno Silva

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Rich
Newsgroups: comp.os.linux.misc
Organization: A noiseless patient Spider
Date: Mon, 22 Jul 2024 16:44 UTC
References: 1 2 3 4 5 6 7 8
Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: rich@example.invalid (Rich)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
Date: Mon, 22 Jul 2024 16:44:29 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 35
Message-ID: <v7m29d$nqfd$1@dont-email.me>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com> <87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me> <v7g2bi$3fp58$1@dont-email.me> <v7hm97$3p5q7$2@dont-email.me> <v7ih9m$pll$2@dont-email.me> <v7j5en$43lr$2@dont-email.me> <v7l2cj$i6ai$2@dont-email.me>
Injection-Date: Mon, 22 Jul 2024 18:44:30 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="29eb5f955e13a8d704edc989f2b069f2";
logging-data="780781"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+vuWeldCg+uGYjQspyXD+8"
User-Agent: tin/2.6.1-20211226 ("Convalmore") (Linux/5.15.139 (x86_64))
Cancel-Lock: sha1:pNxQVTSXfBBPqEHNiIT14DcBn+M=
View all headers

Nuno Silva <nunojsilva@invalid.invalid> wrote:
> On 2024-07-21, Rich wrote:
>
>> Nuno Silva <nunojsilva@invalid.invalid> wrote:
>>> Well, there is one notable piece of software in Linux systems that's
>>> quite monolithic, unless something has changed and I didn't get the
>>> memo: the kernel itself.
>>>
>>> If you write a bad quality module that crashes the kernel, what
>>> mechanisms are there to recover from that?
>>
>> Boot into single user mode (hopefully the module is not autoloaded by
>> the kernel itself) and remove/rename the module file.
>
> I was thinking more along the lines of recovering without a reboot.

A kernel panic is not recoverable without a reboot -- that is the whole point.
Something went wrong that the code can't recover from, so the system
stops. And most processor detected faults, when they happen in kernel
code, trigger a kernel panic (to prevent one fault from compounding
into more, and creating more damage in the process).

> But for what you say, it's indeed an approach (unless there is
> something in place that prevents such access to remove the file -
> which, I think, has been happening with some Windows machines with
> CrowdStrike, and could always be implemented on Linux systems too).

If one had their root partition encrypted, and did not have a source,
other than the non-booting computer, for the encryption key, then a
Linux system owner could be in the same boat as many Window's users
find themselves. Without the encryption key to access the disk, they
can't "get in" to delete the file (and for 'corporate/govt' windows
machines, most all end users do not have the encryption key if the
filesystem is encrypted by MS Bitlocker).

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Rich
Newsgroups: comp.os.linux.misc
Organization: A noiseless patient Spider
Date: Mon, 22 Jul 2024 16:49 UTC
References: 1 2 3 4 5 6 7 8 9
Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: rich@example.invalid (Rich)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
Date: Mon, 22 Jul 2024 16:49:59 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 51
Message-ID: <v7m2jn$nqfd$2@dont-email.me>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com> <87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me> <v7g2bi$3fp58$1@dont-email.me> <v7hm97$3p5q7$2@dont-email.me> <v7ih9m$pll$2@dont-email.me> <v7k4k1$9scj$1@dont-email.me> <v7k5h7$a10s$1@dont-email.me> <v7l25c$i6ai$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 22 Jul 2024 18:49:59 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="29eb5f955e13a8d704edc989f2b069f2";
logging-data="780781"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18X++JylQFw2UOHwNgdYC21"
User-Agent: tin/2.6.1-20211226 ("Convalmore") (Linux/5.15.139 (x86_64))
Cancel-Lock: sha1:xgmDZ9P3rCX9HPifaBYg7UHoS5s=
View all headers

Nuno Silva <nunojsilva@invalid.invalid> wrote:
> On 2024-07-22, Rich wrote:
>
>> Lawrence D'Oliveiro <ldo@nz.invalid> wrote:
>>> On Sun, 21 Jul 2024 09:36:06 +0100, Nuno Silva wrote:
>>>
>>>> On 2024-07-21, Lawrence D'Oliveiro wrote:
>>>>
>>>>> On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:
>>>>>
>>>>>> But immediately ruling out this scenario for Linux systems sounds
>>>>>> quite unrealistic to me. (And, from what I've read yesterday, I got
>>>>>> the impression that there had been a similar incident with Linux
>>>>>> systems, but I didn't study that further.)
>>>>>
>>>>> Sure. But remember, the various pieces of a Linux system are just
>>>>> inherently put together in a more modular, flexible fashion, and that
>>>>> includes systemd. That does reduce the chance for trouble quite
>>>>> significantly.
>>>>
>>>> Well, there is one notable piece of software in Linux systems that's
>>>> quite monolithic, unless something has changed and I didn't get the
>>>> memo: the kernel itself.
>>>
>>> It’s always been modular. Look up “Linux kernel modules”:
>>
>> Ah, no. Although one does have to time travel back to circa 1994 to
>> find a Linux kernel that did not have the modules subsystem. But it
>> has not "always" been modular.
>>
>> Back in those days we had to recompile the kernel to turn on drivers
>> that one's distro did not compile in by default. And compiling the
>> kernel on a 386 was a multi hour proposition.
>
> The modular part, AFAIK, only applies to having the separate files and
> loading and unloading. Isn't it still a monolithic process in-memory?

For that, one starts delving into semantics, which I'm trying to avoid.
For those "literal thinking art students" like Lawrence, the mere fact
that the word "module" is used to name the loadable code files means
the kernel must be "not-monolithic".

> Or, for what matters for the topic of this thread: if code in a module
> crashes, how can the rest of the kernel continue running?

It can't, just about any (unexpected) CPU protection fault while
running ring 0 (kernel) mode code (whether in the main kernel or code
from a loaded module) results in a kernel panic and halt of the system.
But that fact does not lend any evidence for, or against, whether the
kernel itself is "modular".

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Nuno Silva
Newsgroups: comp.os.linux.misc
Organization: A noiseless patient Spider
Date: Mon, 22 Jul 2024 17:19 UTC
References: 1 2 3 4 5 6 7 8 9 10
Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: nunojsilva@invalid.invalid (Nuno Silva)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
Date: Mon, 22 Jul 2024 18:19:31 +0100
Organization: A noiseless patient Spider
Lines: 67
Message-ID: <v7m4b4$o6uv$1@dont-email.me>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <v7hm97$3p5q7$2@dont-email.me>
<v7ih9m$pll$2@dont-email.me> <v7k4k1$9scj$1@dont-email.me>
<v7k5h7$a10s$1@dont-email.me> <v7l25c$i6ai$1@dont-email.me>
<v7m2jn$nqfd$2@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 22 Jul 2024 19:19:32 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="7bbbae834fde26766b6dfebf831584f7";
logging-data="793567"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1++Nec1mHzUHhtNE+MLAHjT"
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
Cancel-Lock: sha1:jrR6/gFRDqFKcHi7is86ttZnQ4M=
View all headers

On 2024-07-22, Rich wrote:

> Nuno Silva <nunojsilva@invalid.invalid> wrote:
>> On 2024-07-22, Rich wrote:
>>
>>> Lawrence D'Oliveiro <ldo@nz.invalid> wrote:
>>>> On Sun, 21 Jul 2024 09:36:06 +0100, Nuno Silva wrote:
>>>>
>>>>> On 2024-07-21, Lawrence D'Oliveiro wrote:
>>>>>
>>>>>> On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:
>>>>>>
>>>>>>> But immediately ruling out this scenario for Linux systems sounds
>>>>>>> quite unrealistic to me. (And, from what I've read yesterday, I got
>>>>>>> the impression that there had been a similar incident with Linux
>>>>>>> systems, but I didn't study that further.)
>>>>>>
>>>>>> Sure. But remember, the various pieces of a Linux system are just
>>>>>> inherently put together in a more modular, flexible fashion, and that
>>>>>> includes systemd. That does reduce the chance for trouble quite
>>>>>> significantly.
>>>>>
>>>>> Well, there is one notable piece of software in Linux systems that's
>>>>> quite monolithic, unless something has changed and I didn't get the
>>>>> memo: the kernel itself.
>>>>
>>>> It’s always been modular. Look up “Linux kernel modules”:
>>>
>>> Ah, no. Although one does have to time travel back to circa 1994 to
>>> find a Linux kernel that did not have the modules subsystem. But it
>>> has not "always" been modular.
>>>
>>> Back in those days we had to recompile the kernel to turn on drivers
>>> that one's distro did not compile in by default. And compiling the
>>> kernel on a 386 was a multi hour proposition.
>>
>> The modular part, AFAIK, only applies to having the separate files and
>> loading and unloading. Isn't it still a monolithic process in-memory?
>
> For that, one starts delving into semantics, which I'm trying to avoid.
> For those "literal thinking art students" like Lawrence, the mere fact
> that the word "module" is used to name the loadable code files means
> the kernel must be "not-monolithic".

(I don't know what to say, the kernel is monolithic, it's a single
process, and wasn't this also a topic of a discussion between Torvalds
and Tanenbaum that's part of the USENET lore?)

>> Or, for what matters for the topic of this thread: if code in a module
>> crashes, how can the rest of the kernel continue running?
>
> It can't, just about any (unexpected) CPU protection fault while
> running ring 0 (kernel) mode code (whether in the main kernel or code
> from a loaded module) results in a kernel panic and halt of the system.
> But that fact does not lend any evidence for, or against, whether the
> kernel itself is "modular".

It does provide evidence against the claim that something like the
CrowdStrike incident would not be likely on Linux: what you describe
means that, if CrowdStrike were operating with a similar driver on Linux
as they do on Windows (a comment I linked elsewhere in the thread
suggests they might (hopefully?) be doing something else now), it'd just
fail in the same way as it did on Windows: with a hung system that needs
a reboot/restart/....

--
Nuno Silva

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: The Natural Philosop
Newsgroups: comp.os.linux.misc
Organization: A little, after lunch
Date: Mon, 22 Jul 2024 17:26 UTC
References: 1 2 3 4 5 6 7 8 9 10 11
Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: tnp@invalid.invalid (The Natural Philosopher)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
Date: Mon, 22 Jul 2024 18:26:55 +0100
Organization: A little, after lunch
Lines: 27
Message-ID: <v7m4ov$o8re$2@dont-email.me>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <v7hm97$3p5q7$2@dont-email.me>
<v7ih9m$pll$2@dont-email.me> <v7k4k1$9scj$1@dont-email.me>
<v7k5h7$a10s$1@dont-email.me> <v7l25c$i6ai$1@dont-email.me>
<v7m2jn$nqfd$2@dont-email.me> <v7m4b4$o6uv$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Mon, 22 Jul 2024 19:26:55 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="0f04b0232e9bbc944f334a29b23aeb4a";
logging-data="795502"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18TYoXRPrQfLKFib0jxXKKT3BKu2K1+zc4="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:mSOcbmPdWGXyPHi9YNOOqoQoabA=
In-Reply-To: <v7m4b4$o6uv$1@dont-email.me>
Content-Language: en-GB
View all headers

On 22/07/2024 18:19, Nuno Silva wrote:
> if CrowdStrike were operating with a similar driver on Linux
> as they do on Windows (a comment I linked elsewhere in the thread
> suggests they might (hopefully?) be doing something else now), it'd just
> fail in the same way as it did on Windows: with a hung system that needs
> a reboot/restart/....

I've had linux updates brick my Pi.

And, back in the day stop wifi working on a laptop.

The point as issue is not where Linux is immune - clearly it isn't - but
that crowdstrike appears to have the quality control standards of a
portaloo, which is why their share price is tanking.

If your business model is predicated on keeping customers kit running,
and you crash the fucking lot, you don't deserve to be in business.

Dont bring carefully crafted bullshit to a reality contest.

--
The lifetime of any political organisation is about three years before
its been subverted by the people it tried to warn you about.

Anon.

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Rich
Newsgroups: comp.os.linux.misc
Organization: A noiseless patient Spider
Date: Mon, 22 Jul 2024 17:46 UTC
References: 1 2 3 4 5 6 7 8 9 10 11
Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: rich@example.invalid (Rich)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
Date: Mon, 22 Jul 2024 17:46:27 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 87
Message-ID: <v7m5tj$oi4p$1@dont-email.me>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com> <87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me> <v7g2bi$3fp58$1@dont-email.me> <v7hm97$3p5q7$2@dont-email.me> <v7ih9m$pll$2@dont-email.me> <v7k4k1$9scj$1@dont-email.me> <v7k5h7$a10s$1@dont-email.me> <v7l25c$i6ai$1@dont-email.me> <v7m2jn$nqfd$2@dont-email.me> <v7m4b4$o6uv$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 22 Jul 2024 19:46:27 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="29eb5f955e13a8d704edc989f2b069f2";
logging-data="805017"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18u2M6YICXzfdUYsOvav4Bp"
User-Agent: tin/2.6.1-20211226 ("Convalmore") (Linux/5.15.139 (x86_64))
Cancel-Lock: sha1:YNU1wMPK4lJK7WiskH94r0bqsM4=
View all headers

Nuno Silva <nunojsilva@invalid.invalid> wrote:
> On 2024-07-22, Rich wrote:
>
>> Nuno Silva <nunojsilva@invalid.invalid> wrote:
>>> On 2024-07-22, Rich wrote:
>>>
>>>> Lawrence D'Oliveiro <ldo@nz.invalid> wrote:
>>>>> On Sun, 21 Jul 2024 09:36:06 +0100, Nuno Silva wrote:
>>>>>
>>>>>> On 2024-07-21, Lawrence D'Oliveiro wrote:
>>>>>>
>>>>>>> On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:
>>>>>>>
>>>>>>>> But immediately ruling out this scenario for Linux systems sounds
>>>>>>>> quite unrealistic to me. (And, from what I've read yesterday, I got
>>>>>>>> the impression that there had been a similar incident with Linux
>>>>>>>> systems, but I didn't study that further.)
>>>>>>>
>>>>>>> Sure. But remember, the various pieces of a Linux system are just
>>>>>>> inherently put together in a more modular, flexible fashion, and that
>>>>>>> includes systemd. That does reduce the chance for trouble quite
>>>>>>> significantly.
>>>>>>
>>>>>> Well, there is one notable piece of software in Linux systems that's
>>>>>> quite monolithic, unless something has changed and I didn't get the
>>>>>> memo: the kernel itself.
>>>>>
>>>>> It’s always been modular. Look up “Linux kernel modules”:
>>>>
>>>> Ah, no. Although one does have to time travel back to circa 1994 to
>>>> find a Linux kernel that did not have the modules subsystem. But it
>>>> has not "always" been modular.
>>>>
>>>> Back in those days we had to recompile the kernel to turn on drivers
>>>> that one's distro did not compile in by default. And compiling the
>>>> kernel on a 386 was a multi hour proposition.
>>>
>>> The modular part, AFAIK, only applies to having the separate files and
>>> loading and unloading. Isn't it still a monolithic process in-memory?
>>
>> For that, one starts delving into semantics, which I'm trying to avoid.
>> For those "literal thinking art students" like Lawrence, the mere fact
>> that the word "module" is used to name the loadable code files means
>> the kernel must be "not-monolithic".
>
> (I don't know what to say, the kernel is monolithic, it's a single
> process,

Yes, agreed.

> and wasn't this also a topic of a discussion between Torvalds
> and Tanenbaum that's part of the USENET lore?)

Also why I'm trying to avoid falling down into that pit. We aren't
likely to add anything that Torvalds and Tanenbaum had not already
hashed out.

>>> Or, for what matters for the topic of this thread: if code in a
>>> module crashes, how can the rest of the kernel continue running?
>>
>> It can't, just about any (unexpected) CPU protection fault while
>> running ring 0 (kernel) mode code (whether in the main kernel or
>> code from a loaded module) results in a kernel panic and halt of the
>> system. But that fact does not lend any evidence for, or against,
>> whether the kernel itself is "modular".
>
> It does provide evidence against the claim that something like the
> CrowdStrike incident would not be likely on Linux: what you describe
> means that, if CrowdStrike were operating with a similar driver on
> Linux as they do on Windows (a comment I linked elsewhere in the
> thread suggests they might (hopefully?) be doing something else now),
> it'd just fail in the same way as it did on Windows: with a hung
> system that needs a reboot/restart/....

No need for 'providing evidence'. CrowdStrike *did* break Linux a few
months ago in the same way they just broke Windows just this past
Friday:

CrowdStrike broke Debian and Rocky Linux months ago, but no one
noticed

https://www.neowin.net/news/crowdstrike-broke-debian-and-rocky-linux-months-ago-but-no-one-noticed/

But breaking the few foolish ones who installed CrowdStrike on their
Linux machines didn't get the same press coverage as halting air
traffic for much of the world for a day.

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Charlie Gibbs
Newsgroups: comp.os.linux.misc
Date: Mon, 22 Jul 2024 18:43 UTC
References: 1 2 3 4 5 6 7 8 9 10
Path: eternal-september.org!news.eternal-september.org!feeder3.eternal-september.org!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx09.iad.POSTED!not-for-mail
Newsgroups: comp.os.linux.misc
From: cgibbs@kltpzyxm.invalid (Charlie Gibbs)
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <op.2q74qrb7a3w0dxdave@hodgins.homeip.net>
<lg2v6sF553jU4@mid.individual.net> <ZOanO.141233$xL%b.7926@fx17.iad>
<lg52q9Fesd0U3@mid.individual.net> <vBfnO.58247$BYv6.15090@fx09.iad>
<lg695nFkdpgU3@mid.individual.net>
User-Agent: slrn/1.0.3 (Linux)
Lines: 56
Message-ID: <VKxnO.60236$BYv6.20309@fx09.iad>
X-Complaints-To: https://www.astraweb.com/aup
NNTP-Posting-Date: Mon, 22 Jul 2024 18:43:01 UTC
Date: Mon, 22 Jul 2024 18:43:01 GMT
X-Received-Bytes: 3882
View all headers

On 2024-07-22, rbowman <bowman@montana.com> wrote:

> On Sun, 21 Jul 2024 22:04:11 GMT, Charlie Gibbs wrote:
>
>> Note: not all outages are due to software bugs on our part.
>> Configuration changes on the customer site can kill things just as
>> effectively, and in fact are the more likely cause of a failure. Or
>> maybe someone unplugged something they shouldn't. But if data stops
>> flowing, the finger is pointed at us first, rightly or wrongly. So not
>> only do we not do updates on Friday, we recommend the philosophy on
>> genreral principles.
>
> Yup. Our clients are PSAPs (dispatch software in 911 call centers). They
> get really unhappy when the software goes down during a mass casualty
> incident.

For sure. We have call tracking software in some 911 call centres;
it doesn't do the actual dispatching, but records call metadata generated
by the dispatch software (both for PSAPs and downstream agencies).
The consequences of our software going down are less severe than the
dispatch software going down - still, though, the police would get a
bit miffed if call data was missing when they're trying to get a record
of all calls related to, say, reports of gunshots in an area.

> The typical procedure is to deploy software to a backup/training server
> and test it using the site's configuration files before pushing it to the
> main servers and workstations.

At any given time we have a customer or two with whom we're working
closely (usually with remote access these days, thank goodness).
It makes it easy to slip in a new program and watch it for a while.
Then we try it at a few more friendly sites, and wait until several
customers are banging away at it without problems before proceeding
with a general release.

> We're definitely #1 on the 'who do you call?' list. My favorite goes back
> to the days of modems. Paging suddenly stopped working and it took a while
> to figure out a dispatcher got sick of listening to the modem and turned
> it off.

At our local 911 call centre, we had a test routine built into our code.
If we received no 911 call data for a certain length of time, we would
dial out on special numbers that went directly to the various dispatchers.
So that they'd know it was just a test, upon connection we'd send an ATDT
command to the modem, and the dispatcher would hear "Mary had a little
lamb" in DTMF tones. The dispatching software would generate a record
for the call, and everybody knew all was well. If we didn't receive
a call record at this point, we'd trigger an alarm. One night an entire
telephone central office went down; the first warning anyone had was when
our tester alerted the call centre, who called the phone company.

--
/~\ Charlie Gibbs | We'll go down in history as the
\ / <cgibbs@kltpzyxm.invalid> | first society that wouldn't save
X I'm really at ac.dekanfrus | itself because it wasn't cost-
/ \ if you read it the right way. | effective. -- Kurt Vonnegut

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: rbowman
Newsgroups: comp.os.linux.misc
Date: Mon, 22 Jul 2024 19:49 UTC
References: 1 2 3 4 5 6 7 8 9 10 11
Path: eternal-september.org!news.eternal-september.org!feeder3.eternal-september.org!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: bowman@montana.com (rbowman)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
Date: 22 Jul 2024 19:49:33 GMT
Lines: 31
Message-ID: <lg7recFrst6U1@mid.individual.net>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <op.2q74qrb7a3w0dxdave@hodgins.homeip.net>
<lg2v6sF553jU4@mid.individual.net> <ZOanO.141233$xL%b.7926@fx17.iad>
<lg52q9Fesd0U3@mid.individual.net> <vBfnO.58247$BYv6.15090@fx09.iad>
<lg695nFkdpgU3@mid.individual.net> <VKxnO.60236$BYv6.20309@fx09.iad>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Trace: individual.net ZwMVz6vgStROeDqNpg6uigpfGCWJyIIzKSNXkk9p4bRtwvzPeH
Cancel-Lock: sha1:4j3uCJlJOUAe5WbqWskryuz9LdY= sha256:/6WP/4ICaLBDgBKwZ9JlDBBL8CspUx05GRr87UoGVtg=
User-Agent: Pan/0.149 (Bellevue; 4c157ba)
View all headers

On Mon, 22 Jul 2024 18:43:01 GMT, Charlie Gibbs wrote:

> For sure. We have call tracking software in some 911 call centres;
> it doesn't do the actual dispatching, but records call metadata
> generated by the dispatch software (both for PSAPs and downstream
> agencies).
> The consequences of our software going down are less severe than the
> dispatch software going down - still, though, the police would get a bit
> miffed if call data was missing when they're trying to get a record of
> all calls related to, say, reports of gunshots in an area.

Previous history certainly is important and we search either by location
or phone number. There is a configurable limit on returns. Mom's Nursing
Home and Joe's Bucket of Blood tend to generate a lit of previous history.
There are also database searches for persons or vehicles involved in
previous incidents. I wouldn't want to be a dispatcher. You never know if
the next time the phone rings if it will be somebody complaining about the
neighbor's cat, a medical emergency, or a home invasion in progress.

It's also easy for the clients to create alerts that will pop up for a
location. They may be informational for businesses with contact
information and Knox Box locations or comments on a resident who doesn't
interact well with police.

The historical data has to be retained too. Sometimes it takes years for a
case to come to court where evidence has to be presented. The volume of
data has taken off with the increased use of bodycams and dashcams.
Luckily we just pass incident information to a third party. They're
responsible for activating cameras for the responding units, capturing the
video data, and archiving it. That's got to amount to petabytes sooner or
later.

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Charlie Gibbs
Newsgroups: comp.os.linux.misc
Date: Mon, 22 Jul 2024 20:43 UTC
References: 1 2 3 4 5 6 7 8 9 10 11 12
Path: eternal-september.org!news.eternal-september.org!feeder3.eternal-september.org!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer01.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx18.iad.POSTED!not-for-mail
Newsgroups: comp.os.linux.misc
From: cgibbs@kltpzyxm.invalid (Charlie Gibbs)
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <op.2q74qrb7a3w0dxdave@hodgins.homeip.net>
<lg2v6sF553jU4@mid.individual.net> <ZOanO.141233$xL%b.7926@fx17.iad>
<lg52q9Fesd0U3@mid.individual.net> <vBfnO.58247$BYv6.15090@fx09.iad>
<lg695nFkdpgU3@mid.individual.net> <VKxnO.60236$BYv6.20309@fx09.iad>
<lg7recFrst6U1@mid.individual.net>
User-Agent: slrn/1.0.3 (Linux)
Lines: 51
Message-ID: <KvznO.92187$q2da.2099@fx18.iad>
X-Complaints-To: https://www.astraweb.com/aup
NNTP-Posting-Date: Mon, 22 Jul 2024 20:43:22 UTC
Date: Mon, 22 Jul 2024 20:43:22 GMT
X-Received-Bytes: 3756
View all headers

On 2024-07-22, rbowman <bowman@montana.com> wrote:

> On Mon, 22 Jul 2024 18:43:01 GMT, Charlie Gibbs wrote:
>
>> For sure. We have call tracking software in some 911 call centres;
>> it doesn't do the actual dispatching, but records call metadata
>> generated by the dispatch software (both for PSAPs and downstream
>> agencies).
>> The consequences of our software going down are less severe than the
>> dispatch software going down - still, though, the police would get a bit
>> miffed if call data was missing when they're trying to get a record of
>> all calls related to, say, reports of gunshots in an area.
>
> Previous history certainly is important and we search either by location
> or phone number. There is a configurable limit on returns. Mom's Nursing
> Home and Joe's Bucket of Blood tend to generate a lit of previous history.
> There are also database searches for persons or vehicles involved in
> previous incidents. I wouldn't want to be a dispatcher. You never know if
> the next time the phone rings if it will be somebody complaining about the
> neighbor's cat, a medical emergency, or a home invasion in progress.

Yes, I've been in the call centre and overheard the dispatchers at work.
They're pretty amazing, keeping cool in the face of what's going on out
there - even more than air traffic control (and I've heard a few ATC
exchanges that must have created grey hair).

> It's also easy for the clients to create alerts that will pop up for a
> location. They may be informational for businesses with contact
> information and Knox Box locations or comments on a resident who doesn't
> interact well with police.
>
> The historical data has to be retained too. Sometimes it takes years for a
> case to come to court where evidence has to be presented. The volume of
> data has taken off with the increased use of bodycams and dashcams.
> Luckily we just pass incident information to a third party. They're
> responsible for activating cameras for the responding units, capturing the
> video data, and archiving it. That's got to amount to petabytes sooner or
> later.

The call metadata isn't too much by today's standards - a couple of hundred
megabytes a month. When we first got our stuff working, the cost of disk
storage was falling to the point where it was worth keeping it all for more
than just a few months. They were storing the actual call transcripts on
audio cassettes in those days - it's probably all digitized now. But video
is a whole other dimension...

--
/~\ Charlie Gibbs | We'll go down in history as the
\ / <cgibbs@kltpzyxm.invalid> | first society that wouldn't save
X I'm really at ac.dekanfrus | itself because it wasn't cost-
/ \ if you read it the right way. | effective. -- Kurt Vonnegut

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Lawrence D'Oliv
Newsgroups: comp.os.linux.misc
Organization: A noiseless patient Spider
Date: Tue, 23 Jul 2024 00:38 UTC
References: 1 2 3 4 5 6 7 8 9 10 11
Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: ldo@nz.invalid (Lawrence D'Oliveiro)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
Date: Tue, 23 Jul 2024 00:38:14 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 7
Message-ID: <v7mu1m$se4i$12@dont-email.me>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <v7hm97$3p5q7$2@dont-email.me>
<v7ih9m$pll$2@dont-email.me> <v7k4k1$9scj$1@dont-email.me>
<v7k5h7$a10s$1@dont-email.me> <v7l25c$i6ai$1@dont-email.me>
<v7m2jn$nqfd$2@dont-email.me> <v7m4b4$o6uv$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Tue, 23 Jul 2024 02:38:14 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="e8b75ad8e7aaf8b1a754381faa416e2b";
logging-data="931986"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+TLl9zfcFbzvyPhzmqd/jC"
User-Agent: Pan/0.158 (Avdiivka; )
Cancel-Lock: sha1:8lU8evg2jPuB+wmEbMXXo20KFgM=
View all headers

On Mon, 22 Jul 2024 18:19:31 +0100, Nuno Silva wrote:

> ... if CrowdStrike were operating with a similar driver on Linux
> as they do on Windows ...

They don’t. On Linux, they can use EBPF. Matthew Garrett mentioned this in
his posting.

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: vallor
Newsgroups: comp.os.linux.misc
Date: Tue, 23 Jul 2024 02:00 UTC
References: 1 2 3 4 5 6 7 8 9 10
Path: eternal-september.org!news.eternal-september.org!feeder3.eternal-september.org!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: vallor@cultnix.org (vallor)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
Date: 23 Jul 2024 02:00:34 GMT
Lines: 68
Message-ID: <lg8h62Fu0d6U9@mid.individual.net>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <v7hm97$3p5q7$2@dont-email.me>
<v7ih9m$pll$2@dont-email.me> <v7k4k1$9scj$1@dont-email.me>
<v7k5h7$a10s$1@dont-email.me> <v7l25c$i6ai$1@dont-email.me>
<v7m2jn$nqfd$2@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Trace: individual.net muGR0bGKGknjZ7aCG8tEvAagqsz8GSvxbSNi8Uz2VfHmFRW00O
Cancel-Lock: sha1:3biS0KrMGg67+47IsefUKNdhhkg= sha256:8VXctG+v95f5vbYlsH53grOZJxXGfPhDQdHAUh8nfj8=
X-Face: +McU)#<-H?9lTb(Th!zR`EpVrp<0)1p5CmPu.kOscy8LRp_\u`:tW;dxPo./(fCl
CaKku`)]}.V/"6rISCIDP`
User-Agent: Pan/0.159 (Vovchansk; c649823; Linux-6.9.10)
View all headers

On Mon, 22 Jul 2024 16:49:59 -0000 (UTC), Rich <rich@example.invalid>
wrote in <v7m2jn$nqfd$2@dont-email.me>:

> Nuno Silva <nunojsilva@invalid.invalid> wrote:
>> On 2024-07-22, Rich wrote:
>>
>>> Lawrence D'Oliveiro <ldo@nz.invalid> wrote:
>>>> On Sun, 21 Jul 2024 09:36:06 +0100, Nuno Silva wrote:
>>>>
>>>>> On 2024-07-21, Lawrence D'Oliveiro wrote:
>>>>>
>>>>>> On Sat, 20 Jul 2024 11:08:50 +0100, Nuno Silva wrote:
>>>>>>
>>>>>>> But immediately ruling out this scenario for Linux systems sounds
>>>>>>> quite unrealistic to me. (And, from what I've read yesterday, I got
>>>>>>> the impression that there had been a similar incident with Linux
>>>>>>> systems, but I didn't study that further.)
>>>>>>
>>>>>> Sure. But remember, the various pieces of a Linux system are just
>>>>>> inherently put together in a more modular, flexible fashion, and that
>>>>>> includes systemd. That does reduce the chance for trouble quite
>>>>>> significantly.
>>>>>
>>>>> Well, there is one notable piece of software in Linux systems that's
>>>>> quite monolithic, unless something has changed and I didn't get the
>>>>> memo: the kernel itself.
>>>>
>>>> It’s always been modular. Look up “Linux kernel modules”:
>>>
>>> Ah, no. Although one does have to time travel back to circa 1994 to
>>> find a Linux kernel that did not have the modules subsystem. But it
>>> has not "always" been modular.
>>>
>>> Back in those days we had to recompile the kernel to turn on drivers
>>> that one's distro did not compile in by default. And compiling the
>>> kernel on a 386 was a multi hour proposition.
>>
>> The modular part, AFAIK, only applies to having the separate files and
>> loading and unloading. Isn't it still a monolithic process in-memory?
>
> For that, one starts delving into semantics, which I'm trying to avoid.
> For those "literal thinking art students" like Lawrence, the mere fact
> that the word "module" is used to name the loadable code files means
> the kernel must be "not-monolithic".
>
>> Or, for what matters for the topic of this thread: if code in a module
>> crashes, how can the rest of the kernel continue running?
>
> It can't, just about any (unexpected) CPU protection fault while
> running ring 0 (kernel) mode code (whether in the main kernel or code
> from a loaded module) results in a kernel panic and halt of the system.
> But that fact does not lend any evidence for, or against, whether the
> kernel itself is "modular".

I recently was starting up a game, which triggered rebuild of
DXVK shaders for the game. The nvidia module freaked out, wreaking
havoc on the kernel, and freezing the display.

I was able to ssh in, dump dmesg output to a file, and reboot. For
those interested in what that can look like, the dmesg.txt.gz
can be found in this post on the developer forum:

https://forums.developer.nvidia.com/t/550-78-release-feedback-discussion-thread/291665/12?u=scott-nv

--
-v System76 Thelio Mega v1.1 x86_64 NVIDIA RTX 3090 Ti
OS: Linux 6.9.10 Release: Mint 21.3 Mem: 258G
"One way to better your lot is to do a lot better..."

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: Lawrence D'Oliv
Newsgroups: comp.os.linux.misc
Organization: A noiseless patient Spider
Date: Tue, 23 Jul 2024 02:43 UTC
References: 1 2 3 4 5 6 7 8 9 10 11
Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: ldo@nz.invalid (Lawrence D'Oliveiro)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
Date: Tue, 23 Jul 2024 02:43:19 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 9
Message-ID: <v7n5c6$11h0t$2@dont-email.me>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7f20n$37e0a$3@dont-email.me>
<v7g2bi$3fp58$1@dont-email.me> <v7hm97$3p5q7$2@dont-email.me>
<v7ih9m$pll$2@dont-email.me> <v7k4k1$9scj$1@dont-email.me>
<v7k5h7$a10s$1@dont-email.me> <v7l25c$i6ai$1@dont-email.me>
<v7m2jn$nqfd$2@dont-email.me> <lg8h62Fu0d6U9@mid.individual.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Tue, 23 Jul 2024 04:43:19 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="e8b75ad8e7aaf8b1a754381faa416e2b";
logging-data="1098781"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+ShxgENleQnaf1+0yh/5Q1"
User-Agent: Pan/0.158 (Avdiivka; )
Cancel-Lock: sha1:WxAH2C9QgeBNJjPkPKaLvje8zhI=
View all headers

On 23 Jul 2024 02:00:34 GMT, vallor wrote:

> I recently was starting up a game, which triggered rebuild of DXVK
> shaders for the game. The nvidia module freaked out, wreaking havoc on
> the kernel, and freezing the display.

So you had trouble with a proprietary module. Big surprise.

Remember the open-source dictum: “many eyes make all bugs shallow”.

Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update" Yesterday
From: candycanearter07
Newsgroups: comp.os.linux.misc
Organization: the-candyden-of-code
Date: Wed, 31 Jul 2024 05:30 UTC
References: 1 2 3
Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: candycanearter07@candycanearter07.nomail.afraid (candycanearter07)
Newsgroups: comp.os.linux.misc
Subject: Re: Wonderful Windows Zaps Banks/Transport/Media after "Update"
Yesterday
Date: Wed, 31 Jul 2024 05:30:04 -0000 (UTC)
Organization: the-candyden-of-code
Lines: 41
Message-ID: <slrnvajisi.3e0ab.candycanearter07@candydeb.host.invalid>
References: <LhednausWIoLFwf7nZ2dnZfqnPidnZ2d@earthlink.com>
<87h6cl74ix.fsf@tilde.institute> <v7gf9l$3i29q$3@dont-email.me>
Injection-Date: Wed, 31 Jul 2024 07:30:04 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="91675b819fee9c04573935554ec98113";
logging-data="1542344"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19Q5eq2pfAiY010l1Ll5VHpWHvojTfw6ZDP1D+ZUojoCQ=="
User-Agent: slrn/1.0.3 (Linux)
Cancel-Lock: sha1:nt8lhYl/Nq1q2GSFK/LOGW0/O3Y=
X-Face: b{dPmN&%4|lEo,wUO\"KLEOu5N_br(N2Yuc5/qcR5i>9-!^e\.Tw9?/m0}/~:UOM:Zf]%
b+ V4R8q|QiU/R8\|G\WpC`-s?=)\fbtNc&=/a3a)r7xbRI]Vl)r<%PTriJ3pGpl_/B6!8pe\btzx
`~R! r3.0#lHRE+^Gro0[cjsban'vZ#j7,?I/tHk{s=TFJ:H?~=]`O*~3ZX`qik`b:.gVIc-[$t/e
ZrQsWJ >|l^I_[pbsIqwoz.WGA]<D
View all headers

John McCue <jmccue@hairball.jmcunx.com> wrote at 13:49 this Saturday (GMT):
> followups trimmed to comp.os.linux.misc
>
> In comp.os.linux.misc yeti <yeti@tilde.institute> wrote:
>> "26yh.0712" <26yh.0713@e6t5y.net> writes:
>>
>>> Ah ... wunnerful Winders :-)
>>>
>>> It should be banned as a socioeconomic WMD ...
>>
>> Imagine systemd swallowing package management, doing automagic
>> security updates and such a "MSLinux" monoculture.
>
> I can see this happening, I think they just swallowed sudo.

You mean polkit?

>> Wouldn't that be similarly vulnerable?
>
> Maybe, any complex solution is open to vulnerabilities. I
> think (hope) these changes would be tested better than
> crowdstrike was. But as things get more complex, the harder
> to test :(
>
> I still think these changes Red Hat is pushing is their way
> to make things easier for admins, but to me, eventually you
> end up with a Windows clone. Now I wonder if they will "AI"
> systemd, I think it is possible since IBM seems to be
> getting into AI.

That sounds like a nightmare. AI Systems...

>> IMO "MSLinux" everywhere would have the same problem.
>>
>> I think redundancy, diversity and reducing complexity is the right
>> answer.
>

--
user <candycane> is generated from /dev/urandom

Pages:123456789

rocksolid light 0.9.8
clearnet tor