• Winged_Hussar@lemmy.world
    link
    fedilink
    English
    arrow-up
    27
    ·
    edit-2
    4 months ago

    Very interesting, especially how they’re executing unsigned code via the *.sys files to (presumably) get around waiting for MS to re-sign their driver.

    • wolfylow@lemmy.world
      link
      fedilink
      English
      arrow-up
      20
      ·
      4 months ago

      Yeah this was the main take-away for me, too. You’d expect they’d have ironclad QA when doing shit like this.

  • magic_lobster_party@kbin.run
    link
    fedilink
    arrow-up
    25
    ·
    edit-2
    4 months ago

    I like when videos are as direct as this guy’s. Just straight to the point. No extra fluff, distracting skits or drama. It’s just him talking straight to the camera about things he’s passionate about.

      • tabris@lemmy.world
        link
        fedilink
        English
        arrow-up
        11
        ·
        4 months ago

        Because video creation can be a better source of revenue for creators than a blog post and some people still like to get paid for their expertise?

          • Echo Dot@feddit.uk
            link
            fedilink
            English
            arrow-up
            6
            ·
            edit-2
            4 months ago

            You really don’t need any visual content you can just listen to it. The only thing he shows is a bit of code and unless you actually understand what you’re looking at it’s meaningless. It just says 0000000000006c

          • Sleepkever@lemm.ee
            link
            fedilink
            English
            arrow-up
            3
            ·
            4 months ago

            It’s just a guy talking 99% of the time and the few visuals that are in the movie are not required to understand the story. I’d just listen to it like a podcast. The guys voice and pronunciation probably beats text to speech from a blogpost with images.

      • asdfasdfasdf@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        4 months ago

        I watched it while doing dishes and it was great for me. I like videos for things that don’t require my undivided attention. If this were about something like programming I’d want code examples and would need to read to digest it.

  • peopleproblems@lemmy.world
    link
    fedilink
    English
    arrow-up
    21
    ·
    4 months ago

    That answered a lot of questions.

    I hope they publicly state how they pushed a bad file, but I doubt it.

    Seems like someone really didn’t pay attention to what they were doing, and they might have an internal problem with QA.

      • sunzu@kbin.run
        link
        fedilink
        arrow-up
        7
        arrow-down
        1
        ·
        4 months ago

        This likely going to be text book case of how to not a run a company in a dominant market position that caused world wide system failures.

        Makes you wonder if we should be allowing such consolidtion in critical industries. This ain’t even about economics anymore. More of a infrastructure and national security decision.

        Or fucking supervivise and train people properly… I don’t know. Sounds like management problems.

    • SauceFlexr@lemmy.world
      link
      fedilink
      English
      arrow-up
      14
      ·
      4 months ago

      As someone that works in QA, yeah, they needed something to catch this. I saw someone mention somewhere without a source that they missed it as all test machines have their full suite of software installed. In that scenario, the computer wasn’t affected. So for QA it seems their labs might need to be more in tune with the user base.

      However, the fact that they are able to push this so quickly worldwide seems like a big process issue. I get 0 day issues and that is how they justify it. But deploy to a small subset of customers before going global seems more reasonable.

      • NateSwift@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        9
        ·
        4 months ago

        I heard somewhere that the updated ignored staging settings set. So even if companies had it set to only roll out to a subset of their computers it went everywhere

        • SauceFlexr@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          ·
          4 months ago

          Oof. Then that seems more on the ops side of things. Interesting. I can’t wait for them to never share what happened so we can all continue to speculate. 😂

      • 0x0@programming.dev
        link
        fedilink
        English
        arrow-up
        3
        ·
        4 months ago

        I read somewhere (commentes in that video) that CS ignored their own customer-configured stagger upgrades for some upgrades…

        • dan@upvote.au
          link
          fedilink
          English
          arrow-up
          4
          ·
          4 months ago

          Apparently those settings are only for updates to the software itself, not for updates to the definition files.

    • andrew_bidlaw@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      14
      ·
      4 months ago

      they might have an internal problem with QA.

      They don’t have a lack of quality assurance. They have a lack-of-quality assurance.