Good read, thank you. Is this you shaking your fist at a cloud, or do you have an idea up your sleeve next Wednesday for how to replace monoculture (or "oligoculture") with a robust multiculture?
Strawman: within a decade, AI tools will be powerful enough that we can ask them to burp up a bespoke operating / software system, to detailed specifications, for whichever snowflake application we want, when we want it. Even one-offs will be best practices all the way down.
(Maybe interesting prior art: https://cryptome.org/cyberinsecurity.htm for which the principal author, Dan Geer, was fired from the consulantcy company he worked for)
I came across this article where Microsoft essentially is pointing a finger at the EU. The TL;DR; I got from it was that because of the EU regulating (not sure if this is the right word) Windows and Windows Defender, Microsoft had to open up it's kernel to 3rd parties. I am curious to hear your thoughts on this.
I read that too and I must say that I think this is a bogus argument, a cheap shot by Microsoft against the EU. In itself this is somewhat understandable, as the EU has been massively annoying and expensive for Microsoft and other Big Tech, usually for a good reason, sometimes not.
The EU forced Microsoft to open up their ecosystem to third parties because we were getting to a world where only they could effectively write virus checkers and browsers and other things that everyone wanted and needed. That was not great for consumers, so the EU did something about it. However, that put the onus on Microsoft to open up their system in a way that does not risk the stability of the system. As I understand the Crowdstrike bug this was essentially a null pointer exception in a kernel driver, and there are definitely ways that the kernel can defend themselves against that happening in third party drivers or subsystems. It is not trivial and requires some thoughtful engineering, but it can be done. Maybe they didn't do it, or they didn't do it well enough, but it is certainly possible.
Good read, thank you. Is this you shaking your fist at a cloud, or do you have an idea up your sleeve next Wednesday for how to replace monoculture (or "oligoculture") with a robust multiculture?
Strawman: within a decade, AI tools will be powerful enough that we can ask them to burp up a bespoke operating / software system, to detailed specifications, for whichever snowflake application we want, when we want it. Even one-offs will be best practices all the way down.
(Maybe interesting prior art: https://cryptome.org/cyberinsecurity.htm for which the principal author, Dan Geer, was fired from the consulantcy company he worked for)
I came across this article where Microsoft essentially is pointing a finger at the EU. The TL;DR; I got from it was that because of the EU regulating (not sure if this is the right word) Windows and Windows Defender, Microsoft had to open up it's kernel to 3rd parties. I am curious to hear your thoughts on this.
https://www.forbes.com/sites/davidphelan/2024/07/22/crowdstrike-outage-microsoft-blames-eu-while-macs-remain-immune/
I read that too and I must say that I think this is a bogus argument, a cheap shot by Microsoft against the EU. In itself this is somewhat understandable, as the EU has been massively annoying and expensive for Microsoft and other Big Tech, usually for a good reason, sometimes not.
The EU forced Microsoft to open up their ecosystem to third parties because we were getting to a world where only they could effectively write virus checkers and browsers and other things that everyone wanted and needed. That was not great for consumers, so the EU did something about it. However, that put the onus on Microsoft to open up their system in a way that does not risk the stability of the system. As I understand the Crowdstrike bug this was essentially a null pointer exception in a kernel driver, and there are definitely ways that the kernel can defend themselves against that happening in third party drivers or subsystems. It is not trivial and requires some thoughtful engineering, but it can be done. Maybe they didn't do it, or they didn't do it well enough, but it is certainly possible.