It has comparable access, yes, but assuming no malicious intentions, it’s extremely unlikely that they achieve something as catastrophic.
If they fucked up in a similar fashion, that would cause your PC to bluescreen, too, but since League does not start up during boot, you could still use your PC, just not League.
This is correct, as in windows a driver is the most straightforward method to runlevel0 access. It absolutely could at any time do exactly what crowdstrike did. But also so could Nvidia/amd with GPU drivers, your motherboard manufacturer with chipset and RGB drivers, etc. it’s not quite the smoking gun people make it out to be, as there are a lot of legitimate reasons to have this kind of system access.
The egregious part was that crowdstrike users agreed to allow a vendor to bypass canary channels and deploy straight to their endpoints.
Of course it’s not a smoking gun. That’s the wrong metaphor. It’s an extra stick of dynamite that isn’t needed, just waiting to explode at the flip of a coin. That there are other sticks of dynamite doesn’t negate the risk posed by this one.
It has comparable access, yes,
but assuming no malicious intentions, it’s extremely unlikely that they achieve something as catastrophic.If they fucked up in a similar fashion, that would cause your PC to bluescreen, too, but since League does not start up during boot, you could still use your PC, just not League.Nope.
Vanguard doesn’t care if LoL or valorant or any other game is running. Vanguard is in your kernel and will be starting regardless.
This is correct, as in windows a driver is the most straightforward method to runlevel0 access. It absolutely could at any time do exactly what crowdstrike did. But also so could Nvidia/amd with GPU drivers, your motherboard manufacturer with chipset and RGB drivers, etc. it’s not quite the smoking gun people make it out to be, as there are a lot of legitimate reasons to have this kind of system access.
The egregious part was that crowdstrike users agreed to allow a vendor to bypass canary channels and deploy straight to their endpoints.
Of course it’s not a smoking gun. That’s the wrong metaphor. It’s an extra stick of dynamite that isn’t needed, just waiting to explode at the flip of a coin. That there are other sticks of dynamite doesn’t negate the risk posed by this one.