11 Comments

Good article, thanks. One thing I'm wondering if you'd research more - I'm no expert. I have read often in the past that linux is the dominant operating system on the server side of the world (not the desktop side). Here's one link - https://w3techs.com/technologies/comparison/os-linux,os-windows. I have experience as an enterprise architect and the enterprise I worked in - linux had a far larger share of the servers. Also, if we looked at the percentage of services that people use that were unavailable - large numbers of services were unaffected.

Your article is excellent in explaining a complex subject in a way that a large number of people can understand. I'm hoping that the clarification of Windows not being the dominant OS for servers and the services people use - would just further help what you have accomplished so well.

Expand full comment

Good callout Mick, you're correct that on the server side, Linux is the dominant OS. In fact DigitalOcean still doesn't even support Windows, hah

On the server side, you don't really need to worry about antivirus software: you're not getting emails, opening files, browsing the web, etc. Servers usually just exist to run your code, chances of malware getting in there is minimal (although there are other vulnerabilities to worry about). So that's how I'd think about it

Expand full comment

This is a great post! The nuance is important and the statement about windows being the most popular OS is a bit misleading. Linux is the most popular if you look at devices shipped, because of Android, and, as mentioned, is the biggest share of server OS. Windows is the most popular **desktop** OS. That's why crowdstrike impacted sectors that rely on desktop machines in critical roles.

Expand full comment

Yes, I mention desktop in the following sentence. Will update to the first one

Expand full comment

Very timely article, thanks!

Expand full comment

Loved this!

Expand full comment

Thank you!

Expand full comment

Like you, I have become extremely dissapointed in the way Windows handles security breaches. I would say that Linux is the best way to surmount this difficulty. Here is a short essay on the advantages I have derived from Linux, https://swiftenterprises.substack.com/p/live-free-with-linux.

Please let me know if I am leaving anything out.

Expand full comment

Good breakdown. I still question the official story though. There's a possibility this was the result of an inside threat actor who intentionally changed the file after it was tested or approved. Don't be surprised if more about this story "leaks" in the coming months.

Expand full comment

I like that some of us are still talking about this.

Expand full comment

The best XDR is no XDR. We went all in on google and chromeOS and have barely any need for all this endpoint protection security theatre. Msft sucks so bad with cybersecurity but the cyber industry loves it for precisely that reason, and it dominates the industry merely due to legacy inertia. There’s nothing especially “enterprise” about msft, nothing that you can’t do better and cheaper and with lower cyber risk profile and operational overheads with a non-msft stack.

Expand full comment