• kenkenken@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    18
    ·
    4 months ago

    Probably it runs with privileges of the OS level, what applications should not do. The second problem is monoculture. To run the same software of a single company an all machines is easy, but…

      • OfCourseNot@fedia.io
        link
        fedilink
        arrow-up
        5
        ·
        4 months ago

        ‘He’s out of line but he’s right’. I mean, is a bit ironic to give this level of permission to a program that is too malware-like to protect yourself from exactly that. We’re talking about hospitals, airports and airlines, government agencies… many critical systems, so much information’s security rely on a (foreign for most of the world) private company.

    • CaptainBasculin
      link
      fedilink
      arrow-up
      8
      ·
      4 months ago

      Companies wouldn’t mind having an OS level code run on their PCs if its meant to help secure their computers. A malware infecting their computers could result in way more damages after all.

      • kenkenken@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        4
        ·
        4 months ago

        I’m not so sure what is worse. I wish we wouldn’t reimplement statist practices in computers, as it often not goes well in our physical world, and invent more resources into OS/network security, compartmentalization and privilege separation. But yeah, the reality is it’s easier to put a god-like “trusted” agent in a system. Well, the police need have guns, read all private chats, place security cameras with face recognition everywhere… to do their jobs. Otherwise terrorist attacks or whatever could result in way more damages after all. The same story every time.

        • hikaru755@feddit.de
          link
          fedilink
          arrow-up
          6
          arrow-down
          1
          ·
          4 months ago

          Are you seriously equating security software running on business systems with state violence / surveillance on people? Those two things are not even remotely comparable, starting with business systems not being people that have rights

          • Microw@lemm.ee
            link
            fedilink
            arrow-up
            5
            arrow-down
            1
            ·
            4 months ago

            The equation by the user is bs.

            But these companies do hold people’s data, and it’s a catch 22 situation: in order to protect that, they rely on an invasive system. Providers like Crowdstrike have high-level access to critical infrastructure and critical information. Is the a good thing? Maybe yes, maybe no.