• @fishpen0
    link
    English
    23 months ago

    With a magic one size fits all solution that happens to also be a rootkit that by default rewrites itself on automatic updates.

    If you’re still with me please read about EBPF and why it can be used to do EDR style monitoring without a rootkit on any modern flavor of Linux. It can also be used to replace your monitoring and observability stack shims in your product. It was built by kernel developers and is already baked into your OS.

    • Ogmios
      link
      fedilink
      English
      -33 months ago

      The man behind the curtain is the intentional problems that are baked into your hardware, like how phones have a battery that can’t be disconnected from the wireless devices at all.