would that be fixed by using TUF? ( https://theupdateframework.io/ )
and I guess somehow disabling proxying in CSAAgent.sys
and then blocking writes to that crowdstrike directory in the kernel unless it's from one CSUpdate.exe that /only/ does updates (and self-contains the TUF checks)?
fiercest lasagna on the seven seas! /
npub1g5…28tcf
2024-08-06 15:50:06
in reply to nevent1q…xagp
Author Public Key
npub1g5c0qqgqkegm8fmhq9pqr7gw0803dww6mmj0gpxkc6gsqwk4dqgqz28tcfPublished at
2024-08-06 15:50:06Event JSON
{
"id": "819d149703c231303c6d12a6a76427771145e2142c85dbc6fe609a3706f4688b",
"pubkey": "4530f00100b651b3a777014201f90e79df16b9dadee4f404d6c691003ad56810",
"created_at": 1722959406,
"kind": 1,
"tags": [
[
"proxy",
"https://tech.lgbt/@risottobias/112915867693610591",
"web"
],
[
"e",
"cbcc3edb91fc1ff6679c254dd542807d1988ffeef94bb174441c30dbdfe30647",
"",
"root",
"f39833f08e0f05972be0604735d51ec700fb118d49d02a79bf6447093138c8e2"
],
[
"p",
"f39833f08e0f05972be0604735d51ec700fb118d49d02a79bf6447093138c8e2"
],
[
"proxy",
"https://tech.lgbt/users/risottobias/statuses/112915867693610591",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://tech.lgbt/users/risottobias/statuses/112915867693610591",
"pink.momostr"
],
[
"-"
]
],
"content": "would that be fixed by using TUF? ( https://theupdateframework.io/ )\n\nand I guess somehow disabling proxying in CSAAgent.sys\n\nand then blocking writes to that crowdstrike directory in the kernel unless it's from one CSUpdate.exe that /only/ does updates (and self-contains the TUF checks)?",
"sig": "87b7b7eaa44898ec1bdae4ad1ce1d58aa9c4e46d3a2b351d2849a94ed049a19a9746c34b87c67233285d4dd63974b3d5d562839a1a169a23c5aa874df1c2cea7"
}