Arch Linux Now Believes Malware Incident Under Control: More Than 1,500 Affected Packages

cm0002@europe.pub · 1 day ago

Arch Linux Now Believes Malware Incident Under Control: More Than 1,500 Affected Packages

ATS1312@lemmy.dbzer0.com · 18 hours ago

Okay, where is an updated remediation script?

Prove_your_argument@piefed.social · 1 day ago

I wonder if this will give them reason to consider an ML tool or something like crowdstrike to scan the repo.

FiniteBanjo@programming.dev · 1 day ago

Crowdstrike as in the compant responsible for a global outage for machines using it including airports, hotels, fuelstations, banks, broadcasting, and manufacturing?

The company that accidentally made every impacted machine boot-loop because they accidentally added a whole bunch of empty lines of code to production?

Prove_your_argument@piefed.social · 10 hours ago

Yes, i’m a crowdstrike customer. I had that pop up on my feeds around 2am while I was high on my couch and went in and took care of the ~3 non-user systems that were affected in my org. I implemented a fix very quickly because it really was just one bad file.

Anything virtualized I was able to fix hands off. Also anything with an idrac or similar. It really wasn’t much work for us.

Blame windows and how it handles things honestly. Also blame the companies that had major outages with endpoints in places they couldn’t reach, and did not react quickly enough despite being massive companies with billions in revenue because IT is just a cost center to them. This stuff was popping up everywhere when it started in terms of any communications channel I look at, and a fix was available in under an hour.

Every software company is going to have at least one bad update every now and then. Microsoft has major outages all the time. AWS has major outages all the time. Don’t even get me started on the amount of man hours that goes into managing updates for windows based systems because it’s all just a fucking shit show.

FiniteBanjo@programming.dev · 8 hours ago

A few months before the windows incident they did the same thing to their Linux customers, so definitely can’t blame that part on Windows. I think the real takeaway here is that bigger and more centralized is generally not better.

FauxLiving@lemmy.world · 19 hours ago

No, the other one

makeshift0546@lemmy.today · edit-2 1 day ago

Linux is perfection. I’ve never ever had to emergency patch nix distros. Ever.

It’s amazing what a free pass this place will give based on how much money your product makes.

wizardbeard@lemmy.dbzer0.com · 22 hours ago

fun fact: a few months before the big crowdstirke incident, they did the same thing to their Linux customers. I can only assume it didn’t make headlines due to lower adoption rates and what I suspect was far easier remediation.

lazynooblet@lazysoci.al · 1 day ago

Yes that one. Who are still regardless best in class for anti malware in businesses. I think what they did was dumb but businesses still trust them. They are one of the few AV vendors that back up their product with a hands on SOC.

Solemarc@lemmy.world · 1 day ago

I’m not sure that it’s necessary, the issue here is that anyone can create an account and adopt an orphaned package.

Onno (VK6FLAB)@lemmy.radio · 1 day ago

You don’t think that cron and grep is sufficient?