[Info-vax] Computing is Complex (was: Re: A meditation on the Antithesis of the VMS Ethos)
Lawrence D'Oliveiro
ldo at nz.invalid
Mon Jul 29 17:36:37 EDT 2024
On Mon, 29 Jul 2024 12:58:51 -0400, Stephen Hoffman wrote:
> ... with occasionally-intractable results. Such as trying to stuff a
> modern and robust password hash into an eight-byte field.
The Unix tradition of text-based config files (in this case, /etc/shadow)
wins again.
> As for the referenced mess, CrowdStrike was basically testing in
> production, and seemingly lacked any sort of continuous integration ...
They advertise it as a positive point, that they can respond to new
security threats faster than other companies--certainly faster than
Microsoft.
And yes, they do it by cutting corners on testing. I’ve seen many other
comments raising the hoary old “never implement new system changes on a
Friday” meme ... but what happens if the malware writers release a zero-
day on a Friday?
More information about the Info-vax
mailing list