IIRC those were the non-eBPF versions of the sensor.
IIRC those were the non-eBPF versions of the sensor.
It has a little bit to do with the OS. Windows does not have the same sandboxing capability for modules that Linux provides. The fact that the sensor needs to run in ring 0 is a problem, and eBPF at least mitigates much of the issue in Linux. But I think you meant that CrowdStrike is by no means blameless, and I agree - they have a long history of shitty implementations, and rightly deserve to be the focus of our anger.
And increase social spending. Of those who can be reformed, they’ll only do so if there’s a support network.