We had cylance take out all of our kubernetes clusters a few years ago.
The whole cybersecurity concept of installing third party mystery meat in the kernel controllable over the internet by a different company seems contrary both to good security practices and software quality assurance, immutable production architecture and repeatable builds.
People say this like it lets Apple off the hook. Let me explain why it doesn't.
Apple had full control over the whole phone's software stack, in a very good way, meaning they built a good mobile OS that had good systems for power management and an app lifecycle that could actually kill apps at will to maintain efficiency, without disrupting the user.
With this, they decided to ship smaller batteries so they could make slimmer phones.
Except, they used garbage batteries. They were so small (1600mAh on the iPhone 6) that normal wear and tear of a few years degraded them to the point that the battery chemistry could not keep up with normal processor frequency and power ramping.
Apple started getting a lot of complaints because people were understandably upset that their 2-3 year old phone couldn't run for more than an hour off the charger. Apple didn't like increasing support load, even though they weren't covering anyone's battery replacement. Instead of putting out a press release that they had shipped sub-standard batteries in their phones, and offering free battery replacements with a new battery that wouldn't have the same problem in another 2-3 years, they included code in the new version of iOS to SIGNIFICANTLY slow down your 3 year old or less phone.
Apple made a product that deteriorated way too quickly, and then tried to hide it. That's batterygate. If LG sold a fridge that would die after five years because of compressor fatigue and then silently updated their fridges to not operate colder than 45 degrees F to extend the life of the compressor, I would hope you would be pissed at that, right?
A reminder that the iPhone 6 was also "Bendgate", which internal apple memos showed they knew was a serious problem before they sold it, and then claimed two years after release they only had 9 complaints of phone bending and that it wouldn't bend in normal use.
> If LG sold a fridge that would die after five years because of compressor fatigue and then silently updated their fridges to not operate colder than 45 degrees F to extend the life of the compressor, I woul
Apple sycophants are willing to put up with any bullshit from Apple. It is very tiresome to argue against blind faith.
Any other company would face incredible scrutiny if that happened. Imagine if MS did that to their surface devices. And this level of scrutiny from consumers is healthy.
It has a simple reason, any other device is much worse. All my Lenovo laptop batteries died in 2 years, meanwhile my MacBook from 2015 still gets 3 hours of battery life. That one was expensive, but now with Apple Silicon the Macbook has best power to performance ratio by far.
And it's not like other vendors are not full of crap either. I had a Dell laptop with a clearly broken display that they never acknowledged or repaired - and many other problems of all kinds. Apple was always least (but obviously not zero) problems and best build quality.
> It has a simple reason, any other device is much worse. All my Lenovo laptop batteries died in 2 years
Pff. I had a macbook battery (2018 model, brand new, issued by my employer at the time) that died in 1.5 years. Died in the sense that I couldn't use that crap unplugged for more than 10 minutes.
Since every place I work issues me a MacBook, I am very experienced with these luxury toys, and I wouldn't ever buy one for myself. I actually think Thinkpads are much better.
As I said, it's obviously not zero issues with Apple either. But this particular issue is an exception imho, my own experience and everyone with a Mac around me is saying the battery lifetime is much better than any other brand they tried. Also, 1.5 years is below 2 years of warranty (in EU) - if you're around here, try to have it replaced. I had only good experience with Apple customer care - much better than HP, Dell and Lenovo. Again, while it wasn't always perfect and sometimes required visiting again, at least they really wanted to help - unlike the other vendors.
BTW you're saying it was 2018 model, and employer issued, so if I'm correct in assuming it was a top model Intel CPU, these really were chewing through the batteries because of the heat. It's very different with i5, less powerful i7 and Apple Silicon.
I really don't think anyone is claiming that Apple is perfect - it's just that the experience with other vendors is so, so utterly bad. For example ThinkPads - nice performance and cheap, I give you that. But the non-existent customer care (for consumers, not enterprise), the build quality, the bad sound and displays and the absolutely terrible touchpad make me avoid it. Also Windows - and I never got Linux properly working on a ThinkPad as well as MacOS does on a MacBook, even though they claim it's Linux certified.
I work supporting software that processes millions of small files a day, with a lot of these scripting languages. The speed difference in total iops where AV is installed vs not installed is huge. 30-50% loss is no joke.
Even worse, at least aesthetically, than the AV is the pacct stuff to log 1 line for every single syscall. Talk about sublinear scaling. And for what, no one can say.
Actually, even worse than that was we had to install AV on all the images that the ephemeral map-reduce/Hadoop clusters we spun up, but the way the AV stuff worked, the computes were gone by the time the registration for the new compute had gone thru whole process. And, in AWS accounts where there were maybe 63 IPs and say 600 EC2s/day they used IP as the primary key for the "list of compute in the VPC." So they stitched together totally unrelated stuff as if it was the same continuous compute. I guess it would be eventually fixed, but the bad security data was not a real concern of the devops team that was building out stuff as rapidly as possible, nor were the EC2 made in a sealed off VPC and only lived for a few tens of minutes or hours at best a serious security concern to the actual security people. Just a check list solution hitting a novel environment.
That's a management problem. IT security didn't communicate that to the finance folks. Microsoft didn't communicate that to IT security. And if they're on Azure, it's more money for Microsoft.
Oh finance doesn't care. Security is paramount and not something you can save money on, is the mindset. Besides, the real costs of this is allocated to many individual cost centers so in the bigger picture you won't see it.
Devs: Ugh...why?
Security: For safety!
Devs: Fine, we won't argue. Deploy it if you may.
A few moments later...
Devs: All of our VM's are slow as crap! Defender is using 100% of the CPU!
Security: Add another core to your VM's. ticket closed
Management: Why are our developers up 30% on their cloud spend!?