• slazer2au@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    1
    ·
    5 个月前

    I wouldn’t call an auto update mechanism an unauthorised backdoor, it is required behaviour for that kind of software.

    • ricecake@sh.itjust.works
      link
      fedilink
      arrow-up
      6
      ·
      5 个月前

      It’s absolutely not required behavior! Software for servers has very different requirements from software for end users, and if you have a lot of them you also want to manage your end user machines differently.

      Updates can go wrong, and if you roll out a bad update to everything at once you can crash everything and lose a lot of money. As aptly demonstrated by cloudstrike.

      That’s why Delta and many other companies disabled the auto update functions: so they could control the rollout cadence.
      They reasonably believed that disabling autoupdates disabled them. They didn’t expect a second autoupdate system that wasn’t documented, wasn’t controlled by the autoupdate system settings and couldn’t be disabled.

      • SupraMario@lemmy.world
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        5 个月前

        It’s not a second auto update. It’s %100 documented in the software and you can %100 throttle it. Channel files are heavily discussed when you roll out CS.

        • ricecake@sh.itjust.works
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          5 个月前

          https://www.crowdstrike.com/en-us/blog/falcon-content-update-preliminary-post-incident-report/

          Might want to let crowdstrike know.

          Rapid Response Content Deployment

          Implement a staggered deployment strategy for Rapid Response Content in which updates are gradually deployed to larger portions of the sensor base, starting with a canary deployment.

          Improve monitoring for both sensor and system performance, collecting feedback during Rapid Response Content deployment to guide a phased rollout.

          Provide customers with greater control over the delivery of Rapid Response Content updates by allowing granular selection of when and where these updates are deployed.

          Provide content update details via release notes, which customers can subscribe to.

          https://www.theregister.com/2024/07/23/crowdstrike_lessons_to_learn/

          Maybe you’re thinking of changes that they made as a result of the incident?

          • SupraMario@lemmy.world
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            5 个月前

            No channel files where %100 there. It’s in the general GUI settings. You could throttle channel files. Now after this your able to do General availability, Early availability or pausing them.