Rob Landley on Nostr: I haven't commented on crowdstrike because it confirms too many of my priors. ...
I haven't commented on crowdstrike because it confirms too many of my priors.
Monoculture bad. CI/CD instead of cutting releases is playing a game with no checkpoints. Adding complexity to "improve security" has a silent "through obscurity" with a net loss of any other kind. If you can't remember the last time you recovered from backup over a fresh install on virgin hardware, you don't have a backup. Supply chains full of nonfungible vendors...
Monoculture bad. CI/CD instead of cutting releases is playing a game with no checkpoints. Adding complexity to "improve security" has a silent "through obscurity" with a net loss of any other kind. If you can't remember the last time you recovered from backup over a fresh install on virgin hardware, you don't have a backup. Supply chains full of nonfungible vendors...