Crowdstrike's malware-as-a-service is now affecting Linux. Red Hat, Rocky and Debian stable are affected. According to distrowatch.com, most of us here running linux as a desktop are using debian and debian stable based distros like Mint, Ubuntu, MX. Stop updating, 2 wks+
(www.theregister.com)
đźš” Crime & Democrats đź’¸
Comments (25)
sorted by:
Someone who bills himself as a 'computer guru' and who reconditions laptops and sells them, recently told me that Linux was the way to go, as it was (in his words) impervious to hacking and malware. Hmmm... maybe he's full of it too.
Anything can be hacked, especially if you purposely install software/ malware on your machine that operates as a kernel level driver which is what crowdstrike requires to function properly.
If I install a secure version of linux on my machine and proceed to add to it a program running at kernel level 0 which bypasses all that security, then I have opened up the entire OS to a security risk.
If I install at user level 1 software that opens up security, I'm also making the OS be at risk, but not to the same extent, as the kernel should be somewhat protected unless a bad operator takes advantage of my security hole in software level 1 and finds a way to elevate the security level to level 0 (ie exploits a known bug or a zero-day). If the privilege is hacked /elevated to kernel level 0, then nothing is secure on that OS because the user has taken actions that exposed the system and a bad actor has taken advantage and gained control.
No OS is impervious to security issues, when users or administrators make decisions to add software like Crowdstrike, the actual security of the system becomes the lowest common denominator of either the OS security or the installed software's security. Any security hole in either package generates the same risk of a security breach.
In more layman's terms (I've been running Linux for years and still couldn't really explain the word "kernel" for my life). What makes Linux seem "invulnerable" is really the fact that very few scammers and hackers will waste time on Linux when only a tiny percentage of the market uses it. The most gullible and easy marks are using Windows so that's where most of the hackers go. Simple as that. It does seem to be a lot more inherently secure than windows but if it had the same size market share there would be more problems to follow.
And I think that's a really good thing, but doesn't give me the kind of brain that does well with code, lol.
Maybe Linux is far behind on desktop numbers, but it is far ahead on other devices. From Brave's AI:
How many devices run linux in the world? Based on the provided search results, here are some relevant statistics:
Smartphones: 85% of all smartphones run on Android, which is a Linux-based operating system. With over 1.5 billion smartphone shipments annually, this translates to approximately 1.275 billion Linux-based devices (85% of 1.5 billion). Supercomputers: 100% of the world’s top 500 supercomputers run on Linux. IoT devices: 68% of IoT devices and systems rely on Linux. Embedded systems: Although not explicitly stated, embedded systems, which include devices like routers, set-top boxes, and other appliances, are estimated to have a significant presence of Linux usage. Desktop PCs and laptops: 2.68% of desktop PCs and laptops worldwide run on Linux. Considering these statistics, it’s estimated that:
At least 1.275 billion smartphones (85% of 1.5 billion) run Linux (Android). All 500 supercomputers run Linux. A significant portion of IoT devices (68%) and embedded systems rely on Linux. Approximately 2.68% of desktop PCs and laptops worldwide run Linux. Combining these estimates, it’s reasonable to assume that there are over 1.3 billion Linux-based devices in the world, including smartphones, supercomputers, IoT devices, embedded systems, and desktop PCs/laptops. This number may not be exhaustive, as it doesn’t account for other types of devices or systems that might use Linux, such as servers, mainframes, or specialized equipment. However, it provides a comprehensive overview of the scope of Linux adoption across various device categories.
No, linux is still much more secure than windows. Your guru is right.
The security models are better in linux than windows. Windows is and always has been a total security mess on the other side of the tapestry.
Windows is LITERALLY only good for one thing: Playing Games.
And that's because game developers go where there is greater market share, and they don't take the extra time to make a game work in all platforms.
Also, the first thing people do in linux-as-a-desktop is they turn off automatic updates. Many distros don't do this any more. People in linux are encouraged to update their systems themselves with apt-get / apt update or 'yay' on the commandline. And in linux you can choose which updates to get, and by default, distros try to be very safe and conservative with the updates they get.
There's a lot more checking of software before sending it out. It's very rare for a bad linux update to go out there, but believe me it's happened before. There is a famous example recently of an update that nearly affected every linux (xz hack)
This would be the first such thing to happen in maybe over 20 yrs, to my memory. I also want to note that it DID NOT happen. It ALMOST happened, but ironically a microsoft engineer found it first.
User or admin having complete control over the OS is fundamentally more secure than a central 'authority' releasing updates and pushing them no matter what the use case for the device. I am so sick of people trying to argue that Microsoft should be able to update Windows and reboot it on something like a factory control system computer rather than to keep entire control over when and how the control system OS updates and reboots with those designing and maintaining the control system.
Security and stability go hand in hand.. Without stability, there is zero security. Somehow the software industry has pushed this idea of 'security no matter what' which means often the least tested code is pushed out to everyone to close 'security holes' that may or may not matter depending on the end user environment.
Exactly. Which is a good example of why decentralized systems are superior to excessively centralized alternatives.
In the companies where I worked, no patch or update was EVER made directly to production environments... especially for Windows and Linux OS (many companies run mixed environments).
All patches and updates were downloaded to safe environments, thoroughly tested and proven to be safe BEFORE ever pushing them to production environments - which in corporate networks also included user desktops/laptops, etc.
Crowdstrike Falcon pushed updates directly from the cloud to local computers - which is bat shit crazy from a security/reliability perspective. Will people learn from this? That remains to be seen...
I wonder if Crowdstrike hiring policies, and the people they have attracted to their company due to such policies, had anything to do with it:
"CrowdStrike is an advocate for diversity and equal employment opportunities. To enhance our culture as we grow, we offer unconscious bias training for recruiters and hiring managers with the goal of helping our people be more inclusive managers, run inclusive meetings and be thoughtful of inclusivity in everyday process and practice."
https://www.crowdstrike.com/about/environmental-social-governance/diversity-equity-inclusion/
It’s really not. I manage tens of thousands of these as server capacity and can tell you we get very bad exploits on a semi annual basis. The kind where we have to batten down the hatches and everyone scrambles.
I would not use it as a desktop gui workstation simply because of how much pain there would be. I need to be productive because time is important and not waste time on tinkering. That said , the false premise that it is more secure is simply because nobody (relatively) uses it as a workstation. Windows exploits are more visible because it’s easier to attack from users clicking on stupid shit. Whereas a server is less likely to click on random things on the internet. That really is what it boils down to. Linux gets very bad exploits that were pushed out by bad actors foreign agents who actually are part of the dev team for its software. Check out this one https://www.wired.com/story/jia-tan-xz-backdoor/
The CrowdStrike situation isn’t applicable to users clicking on stupid shit. Tbh it is an anomaly and imo was not an accident. But basic end users like yourselves have no need to worry about the CrowdStrike issue it isn’t on your simpleton gaming laptop it is solely affecting (and imo) targeting critical infra systems.
And even this is really only down to compatibility and anticheat blacklists.
Most games play better on Linux for various reasons, not least of all is all of the bloat going on in Windows that is integral to its operation (e.g. high RAM usage and CPU usage that is all over the place.)
Frame pacing is better in almost every circumstance on Linux nowadays.
This reminds me of a story: https://www.theregister.com/2021/04/21/minnesota_linux_kernel_flaws_update/
Nothing is immune to hacking. Hackers just don't want to spend resources for a small user base, which is why they usually target windows... there must be a reason they're targeting linux distros now...
Yeah - Linux is on a LARGE majority of IOT and networking gear. It is not a small install base by any means. I guarantee you have something in your house that runs Linux and probably don't even know it. TV? DVR? Phone? Any cameras?
Nothing is ever impervious to hacking or malware. Less people use it so malware and hackers tend to target it less. It was the same thing with the apple mac'sback in the day. People were told that macs don't get viruses. They definitely did. Just less than windows at the time.
Besides. The best anti-virus is a sound mind, maybe don't click on that weird link from 10 years ago for free GTA 6+gameplay(real) downloads.
Or in this case. Maybe dont trust a cyber security firm linked to Hillary, Blackrock, etc.
That’s dumb. All computer systems are vulnerable to being compromised, which is why you should always be vigilant. There is no magic button because all of these machines and software were developed by fallible people.
Only a few months a serious supply chain attack occurred in the most commonly used linux data compression library. It was caught by a random database developer - not even a security expert, who noticed SSH logins were a little bit slower than they should be.
Fortunately, that one was in the very early stages and was not yet widespread.
Linux by nature is more secure than windows, being open source, but it is not absolutely secure.
Now say that in English.
I’m a Linux expert. I use it in non-workstation environments. Only backend systems for a company that runs a very large part of the internet but won’t give any other details. That said reading this thread thus far indicates how poor the strong opinions are based on very poor knowledge and poor assumptions. TLDR Linux exploits are abundant. For the guy that says windows is only good for gaming shows the lack of maturity of understanding what you’re saying before you say it. Every single one of these 8 million exploited windows systems aren’t used for video games lol.
It is also clear to me based on this thread why so many people fall for the fear porn all things ai. Poor assumptions based on poor knowledge
Great post! You are spot on about the Linux exploits available. A simple visit to PacketStorm can be mindblowing for those that are unaware of your statement. Just look up the XZ backdoor exploit for a perfect example.
Been a UNIX and UNIX-like engineer for decades. Personally, I mainly use OpenBSD (and some FreeBSD) for general surfing and servers. Arch for Linux is my preference. Many also do not understand the amount of large corporate contributions to the Linux kernel. Kernel exploits are a "dime a dozen". BTW, although much larger and more complicated than it was 20 years ago, compiling your own Linux kernel is still a great thing to learn, not too difficult, and can teach you many things (plus it's just fun to do, lol)
Correct. FUD will always be a very strong and controlling element. Knowledge is power!
Don't visit packetstorm from work unless you want to be blocked by your company IT policy, and maybe asked why you went there. Do it from your phone or home.
interesting you would say this, without going into the matter of What this FALCON-SENSOR PROCESS is all about.
And guess what, desktops ain't running that Crowdstrike shit.
If you worry about it and you are running windooooz destop:
On linux:
or if you so which systemctl the fucker.
However, on linux, this is not shipped by default. You really would have to download it and install it.
So why is it a question regarding DEBIAN-style distro' s coming from RED HAT? Because, many if not most internet servers run a linux distro, and some people are running the crowsstrike FALCON-SENSOR shit.
goto: https://www.crowdstrike.de/produkte/faq/ copy past the answer in any translator. It is easy to see how this is not a single end-user product.
Translated with DeepL.com (free version)
So, before we get our panties in a twist over Linux being secure or not, or that windows is just a gaming pc, this fucker Crowdstrike has no direct relationship with the box you are running, lest you installed it yourself.
That said: in terms of "vulnerability", which means how to HURT a system, for most people, being the simple end user, barely knowing how to swipe right, ignorant of the intrinsic beauty of device communication, you can have a secure as FORT KNOX system, but in the end, it is human behavior that breaks everything, and it need not be a Mission Impossible at all.
There is something like: cost benefit ratio. So phising and clicking on links/ downloading and opening macro-enabled files, without certifying those is the biggest risk. Then comes porn.
So, the moral lesson of today: learn to code.
If you knew how to code you would know installing packages in Linux isn’t learning how to code. Basically your long rant simply backs up what i said but the way you provided it proves you clearly are spiteful of some reason even and clearly don’t know what it means you simply copy and pasted from an article without understanding what any of it. It’s cute tho.