Crowdstrike broke Red Hat and Debian earlier this year. There but for the grace of God. If you install software there runs in kernel space, you may have a really bad time when it breaks.
Solution: don't run software that runs in kernel mode. It's wildly unpopular in Linux, rampant on Android, fairly standard in Windows, and impossible on Mac. We've made this too normalized. Such software is inherently risky, and the fact it's a blackbox blob makes it unauditable. Even nvidia is moving away from kernel blobs.
> Crowdstrike broke Red Hat and Debian earlier this year.
For Crowdstrike customers foolish enough to be Crowdstrike customers, yes. The nature of the software pipelines for Red Hat and Debian are very friendly to continuous integration and testing in a way that Windows can not be, at least not without Microsoft sharing source code, which to be fair Crowdstrke is one of the companies they may actually do that with.
Nonetheless, other vendors can choose to do proper cicd with Red Hat and Debian without asking Microsoft.
