• fartsparkles@sh.itjust.works
    link
    fedilink
    arrow-up
    14
    ·
    5 months ago

    Two things come to mind:

    1. Do we need compliance regulations on minimum testing infrastructure etc for kernel-level development so that dangerous bugs can’t be mistakenly released?

    2. Kurtz has a history of this calibre of issue under their leadership (both at CrowdStrike and at McAfee); why does this keep happening under their leadership and what can we learn to instruct other orgs not to make the same mistakes (e.g. via CISA directives)?