Asklemmy

47726 readers

1 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

Open-ended question
Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
Not ad nauseam inducing: please make sure it is a question that would be new to most members
An actual topic of discussion

Looking for support?

Looking for a community?

Lemmyverse: community search
sub.rehab: maps old subreddits to fediverse options, marks official as such
!lemmy411@lemmy.ca: a community for finding communities

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 6 years ago

MODERATORS

My brother claims that Vanguard for League can do the same to gaming PCs that install it as CrowdStrike did to businesses who installed that, is this true? Does Vanguard have as much access/power? (lemm.ee)

submitted 2 years ago by Comment105@lemm.ee to c/asklemmy@lemmy.ml

66 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Ephera@lemmy.ml 8 points 2 years ago* (last edited 2 years ago) (9 children)

It has comparable access, yes, ~~but assuming no malicious intentions, it's extremely unlikely that they achieve something as catastrophic.~~

~~If they fucked up in a similar fashion, that would cause your PC to bluescreen, too, but since League does not start up during boot, you could still use your PC, just not League.~~

Nope.

[–] zaph@sh.itjust.works 20 points 2 years ago (8 children)

Vanguard doesn't care if LoL or valorant or any other game is running. Vanguard is in your kernel and will be starting regardless.

[–] Dran_Arcana@lemmy.world 12 points 2 years ago (6 children)

This is correct, as in windows a driver is the most straightforward method to runlevel0 access. It absolutely could at any time do exactly what crowdstrike did. But also so could Nvidia/amd with GPU drivers, your motherboard manufacturer with chipset and RGB drivers, etc. it's not quite the smoking gun people make it out to be, as there are a lot of legitimate reasons to have this kind of system access.

The egregious part was that crowdstrike users agreed to allow a vendor to bypass canary channels and deploy straight to their endpoints.

[–] Mikina@programming.dev 1 points 2 years ago

One important thing about CS was that it's also marked as a boot-start driver. That flag tells the OS that it can't boot without it no matter what happens, aside from safe mode, and iirc if your driver doesn't have that flag, which drivers probably shouldnt have, from how I understand it if such a boot loop would happen due to a faulty non-boot-start driver, the system will recognize that and simply disable it.

load more comments (5 replies)

load more comments (6 replies)