The XZ advantage over CrowdStrike
May I remind you that the XZ incident 1 was discovered because it was open-source (FOSS) by an open-source contributor employed at Microsoft, while the CrowdStrike 2, a Microsoft Windows’ bug, was discovered when millions of people woke up to a fucking BSOD? It is as if there is something about FLOSS that prevents this kind of fuckup.
-
You know the XZ incident? A malicious actor called Jia Tang had inserted a backdoor into the XZ program. Likely targeting Linux servers? ↩
-
A company called CrowdStrike distributed a patch to many enterprise Windows OSes through Microsoft’s update channel, bricking a massive amount of Windows installation — which, at the time of this writing, could only can be fixed manually. ↩