Show HN: A Ring-0 deployment safety checklist(derived from CrowdStrike analysis) (github.com) 1 points by sysdesautopsy 5mo ago ↗ HN
[–] sysdesautopsy 5mo ago ↗ OP here.I put this checklist together after digging into the CrowdStrike "Channel File 291" crash. Basically just tried to map out the specific gates (like N-1 validation and negative fuzzing) that actually would have caught the bug before it hit prod.If anyone is interested in the visual breakdown of how the failure propagated, I recorded an analysis here: https://www.youtube.com/watch?v=D95UYR7Oo3YCurious what other hard gates you folks use for kernel/driver updates.
1 comment
[ 2.5 ms ] story [ 14.4 ms ] threadI put this checklist together after digging into the CrowdStrike "Channel File 291" crash. Basically just tried to map out the specific gates (like N-1 validation and negative fuzzing) that actually would have caught the bug before it hit prod.
If anyone is interested in the visual breakdown of how the failure propagated, I recorded an analysis here: https://www.youtube.com/watch?v=D95UYR7Oo3Y
Curious what other hard gates you folks use for kernel/driver updates.