Show HN: A Ring-0 deployment safety checklist(derived from CrowdStrike analysis)github.com1 points·by sysdesautopsy·6 माह पहले·1 comments
sysdesautopsy·6 माह पहले·discussOP here.I put this checklist together after digging into the CrowdStrike "Channel File 291" crash. Basically just tried to map out the specific gates (like N-1 validation and negative fuzzing) that actually would have caught the bug before it hit prod.If anyone is interested in the visual breakdown of how the failure propagated, I recorded an analysis here: https://www.youtube.com/watch?v=D95UYR7Oo3YCurious what other hard gates you folks use for kernel/driver updates.
sysdesautopsy·6 माह पहले·discussChange HealthCare also faced $22M ransomware attack due to missing MFA.
I put this checklist together after digging into the CrowdStrike "Channel File 291" crash. Basically just tried to map out the specific gates (like N-1 validation and negative fuzzing) that actually would have caught the bug before it hit prod.
If anyone is interested in the visual breakdown of how the failure propagated, I recorded an analysis here: https://www.youtube.com/watch?v=D95UYR7Oo3Y
Curious what other hard gates you folks use for kernel/driver updates.