Sorry if this has been asked/answered previously, but it just struck me that I hadn’t really noticed any impacts of CloudStrike on aussie.zone.

Was wondering if it was a non-event, or maybe there are some war stories with heroes deserving medals!

  • shirro
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    5 months ago

    Pretty much the entire Internet runs on Linux or BSD. The systems are cheaper, more reliable and more flexible than Windows. Also you put only what you need in a container or virtual machine and it runs with such limited privileges there is really no need to have intrusive one-size-fits-all malware detection systems as it would only increase the attack surface and make the system more fragile.

    Microsoft spent a lot of money increasing mind share in education and creating developer tools in the past that led to a massive ecosystem developing business logic with their tools. It created a huge software legacy that isn’t going to be replaced any time soon. That leaves enterprise IT in a very different position to orgs running Internet services as enterpises need to secure this legacy from modern threats while facing budget and staffing pressures that are sometimes self-inflicted. My opinion is that enterprise IT has embraced some very bad practices and sought to normalize them but I also don’t work in that environment and it is easy to be critical if you don’t have to deal with the same shit.

    Most Internet facing services were created more recently with tools popular at the time (Rails and PHP at the time of Twitter/Facebook), then Golang, Python, nodejs, and more recently lemmy uses Rust which has only been in stable release for a decade. While these languages and associated tools run cross platform, Linux is generally preferred for deployment and often has the most mature support though I believe Netflix is a heavy user of FreeBSD.

    The only notable Windows backed “Internet scale” website that isn’t a frontend to some internal business system that I can think of was Stack Overflow though there are probably others.

    Linux/BSD threats differ from those on Windows as do the mitigations. Some best practices in Windows land would be considered highly irresponsible in Linux land and the reverse is also true.