Crowdstrike 'Oopsy'
Boils Down To Three Things
2024-07-26
I have been asked for an analysis on the Crowdstrike "oopsy",
and I have seen that it comes down to three main things:
- Having their program run in kernel space instead of userspace makes any exception fatal
- It is written in an unsafe language (C++)
- This was the perfect example of "testing in prod"
What are you thoughts?