digdilem

True. Learning your first programming language (or scripting language) is usually the hardest.

Put it this way - it doesn't hurt.

Nothing fully replaces real world experience with the exact software and technologies your potential employer uses, but having demonstrable ability to use and understand linux is very transferrable. Ultimately it comes down to the interviewers and what they're looking for, and to the more technical of those, choosing linux as a daily driver shows you're more interested in understanding how computers work and that you have a degree of problem solving ability.

Read some adverts of the jobs you want to get, being realistic that you may need to start low to get that experience, and build ability in what's wanted, especially the bits that are marketable.

And then unsubscribe or block as soon as you've got it.

They're hosting this 33Gb download for free - I don't begrudge them trying to advertise a bit.

Maybe, but it's not going to happen soon. Any malware type insurance requires effective AV on all devices, and C-levels do love their insurance.

You are right.

It's human nature emboldened by freedom, of course. Codes of Practice help, but can't change the freedom that comes from entitlement and anonymity.

But on balance, there's an awful lot of genuine people doing good, respectfully and politely.

Not just Crowdstrike - any vendor that does automatic updates, which is more and more each day. Microsoft too big for a bad actor to do as you describe? Nope. Anything relying on free software? Supply chain vulnerabilities are huge and well documented - its only a matter of time.

Why would you want another year of their software for free?

Because AV, like everything else, costs a fortune at enterprise scale.

And yeah, I do understand your real point, but it's really hard to choose good software. Every purchasing decision is a gamble and pretty much every time you choose something it'll go bad sooner or later. (We didn't imagine Vmware would turn into an extortion racket, for example. And we were only saying a few months ago how good value and reliable PRTG was, and they've just quadrupled their costs)

It doesn't matter how much due diligence and testing you put into software, it's really hard to choose good stuff. Crowdstrike was the choice a year ago (the Linux thing was more recent than that), and its detection methods remain world class. Do we trust it? Hell no, but if we change to something else, there are risks and costs to that too.

I lost a day's holiday, and our team spent 8 man days on this entirely preventable mistake.

$10? Try extending our licence by another year for free, that might start going towards it.

Wow, that makes it seem like politicians will say whatever the person paying them wants them to!

We recently researched these for work.

They tick a lot of boxes - lots of space, reasonable speed, great cold storage figures. Reasonably priced tapes. Agree, they're the best thing. The slow read speed isn't quite as bad as expected (They can go extremely fast in seek mode), but definitely something to consider. We were okay with that for our needs.

But damn, the price of the hardware was horrendous - we got priced (I think) close to £20k for a suitable drive that met our needs. Completely killed the project. And remember that if you're doing site replication for DR, you'll need at least two of them. Sadly, it looks like we'll be using external HDD's for a while longer...

Small number of machines?

Disable unattended-upgrades and use crontab to schedule this on the days of the week you want.

Eg, Monday each week at 4 am - every combination of dates and days is possible with crontab. 2nd Tuesdays in a month? No problem.

0 4 * * MON apt-get update && apt-get upgrade && reboot

(You can also be more subtle by calling a script that does the above, and also does things like check whether a reboot is needed first)

Dozens, hundreds or thousands of machines? Use a scheduling automation system like Uyuni. That way you can put machines into System Groups and set patching schedule like that. And you can also define groups of machines, either ad-hoc or with System Groups, to do emergency patching like that day's openssh critical vuln by sending a remote command like the above to a batch at a time.

All of that is pretty normal SME/Enterprise sysadminning, so there's some good tools. I like Uyuni, but others have their preference.

However - Crowdstrike on Linux operates much like CS on Windows - they will push out updates, and you have little or no control over when or what. They aren't unique in this - pretty much every AV needs to be able to push updates to clients when new malware is detected. But! In the example of Crowdstrike breaking EL 9.4 a few months ago when it took exception to a new kernel and refused to boot, then yes, scheduled group patching would have minimised the damage. It did so for us, but we only have CS installed on a handful of Linux machines.