• Cornelius_Wangenheim@lemmy.world
    link
    fedilink
    arrow-up
    20
    ·
    edit-2
    5 months ago

    Because it isn’t. Their Linux sensor also uses a kernel driver, which means they could have just as easily caused a looping kernel panic on every Linux device it’s installed on.

    • YTG123@sopuli.xyz
      link
      fedilink
      arrow-up
      2
      arrow-down
      10
      ·
      5 months ago

      There’s no way of knowing that, though. Perhaps their Linux and Darwin drivers wouldn’t have paniced the system?

      Regardless, doing almost anything at the kernel level is never a good idea

      • ricecake@sh.itjust.works
        link
        fedilink
        arrow-up
        6
        ·
        5 months ago

        Also, it’s less about “their” drivers and more about what a kernel module can do.
        Saying “there’s no way to know” doesn’t fit, because we do know that a malformed kernel module can destabilize a linux or mac system.

        “Malformed file” isn’t a programming defect or something you can fix by having a better API.

        • deadbeef79000@lemmy.nz
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          5 months ago

          Having the data exposed to userspace via an API would avoid having to have a kernel module at all… Which when malformed wouldn’t compromise the kernel.

          • ricecake@sh.itjust.works
            link
            fedilink
            arrow-up
            4
            ·
            5 months ago

            I mean, sure. But typically operating systems don’t expose that type of information to user space, instead providing a kernel interface with user mode configuration.

            It’s why they use the same basic approach on mac and Linux.

      • ricecake@sh.itjust.works
        link
        fedilink
        arrow-up
        4
        ·
        5 months ago

        Security operations being one of the things that is often best done at the kernel level because of the need to monitor network and file operations in a way you can’t in user mode.