Massive Windows/CrowdStrike Fail

This is the fault of...

  • Micro$oft, because they write software where you need stuff like this

    Votes: 3 13.0%
  • CrowdStrike, because their code broke the world

    Votes: 11 47.8%
  • Those who chose Windows over Linux, because that was the critical market decision

    Votes: 5 21.7%
  • Giant Death Robots, because they did it

    Votes: 4 17.4%

  • Total voters
    23
Is there something Joe Schmo user should be doing, not doing, to prevent this from impacting his personal computer?
I think if you or someone who controls your computer is not a customer of CrowdStrike this will not affect your computer.
 
It's my work-issued computer. I don't know if they use CrowdStrike. I assume I'll get an e-mail from IT soon if they do--telling me what to do. Thanks, Samson.
 
This I guess is the biggest way where we differ. Certainly for an organisation providing services over the internet open source is always a viable choice, as long as it is made soon enough in the development cycle. I could be wrong, but I have not seen a use case where a Micro$oft stack is a better tool than a Linux stack.

A case in point, as I know a little about it is the UK Biobank. This provides programmatic access to private medical data in a secure way. They do that with an Open Source stack and I bet less money than any airport spends on its IT. That is about the hardest problem I have seen solved, and clearly open source software the right tool for the job. If you really believe there is a computational task that Micro$oft stack is a better tool than a Linux stack I would like to see an example.

I shall highlight that this means the banks, who are not short of the money if they wanted to build a proper system, are using both a 1950's programming language (so probably 1960's code) AND Windows in an environment where they are happy to give a third party read and write access to their systems. Does this sound like an organisation that has data security at the heart or their priorities? Remember what this is designed to do, they chose to have this running in the systems that control all our money:

> Falcon Sensor ... blocks attacks on your systems while capturing and recording activity as it happens to detect threats fast

Crowdstrike and Falcon are famous for investigating the Russian hack of the DNC back in 2016.


That event even showed up in Trump's 1st impeachment.

Blue screening the world is truly moving into the big leagues.

Just got to start every impacted computer in safe mode and turn the buggy thing off?
A problem of scale I guess.
 
Last edited:
Wow, largest IT outage in history?


World is experiencing a mini-y2k.


American Airlines, Delta, and United have halted all airplane flights.
 
According to this guy it is just an invalid driver file. If this is true then it is clearly Windows fault, an invalid third party file should not take down the whole system. That is a basic security issue IMO.

> I have obtained the Crowdstrike driver they pushed via auto update. I don't know how it happened, but the file isn't a validly formatted driver and causes Windows to crash every time.

 
I am unaffected. :)
 
According to this guy it is just an invalid driver file. If this is true then it is clearly Windows fault, an invalid third party file should not take down the whole system. That is a basic security issue IMO.
This whole Anti-Virus/Intrusion thing is a security issue in itself. To avoid being out-maneuvered by malware deep in the system, it needs to be deep in the system as well. And this means it has access to everything and can crash the system (or do even more malicious things).

There is not much Microsoft can do about it, because if it tried to, the anti-malware industry will claim foul to the anti-trust agencies immediately.
 
Or a what-y2k-was-feared-to-be-but-turned-out-not-to.
Y2K would've been what it was feared to be, had folks not worked around the clock to make sure it didn't happen.

That kind of pre-emptive coverage doesn't happen much anymore. Too many people undercut the proposed severity and are willing to take a chance on it not affecting them personally (not aimed at anyone here - taking about the industry).
 
This whole Anti-Virus/Intrusion thing is a security issue in itself. To avoid being out-maneuvered by malware deep in the system, it needs to be deep in the system as well. And this means it has access to everything and can crash the system (or do even more malicious things).

There is not much Microsoft can do about it, because if it tried to, the anti-malware industry will claim foul to the anti-trust agencies immediately.
I am not convinced by the legal argument "windows cannot make its systems secure or else the anti-malware industry would sue them". Linux vendors have survived.

We are talking about an invalid third party kernel driver automatically downloaded and installed, and the designed behaviour is the blue screen of death. I think there are better ways to do kernel updates.

It is the GDPR issues I wondering about. This is screwing up a medical records company in the UK, does that mean that this company was training an AI on my medical history without my doctor having any control?
 
The NHS sold out on medical confidentiality a long time ago.

They went though the intermediate step of asking patients (e.g. me) for permission to hold data electronically
and share it about,with the threat of we won't be able to treat you if we don't have your records.

Now it is all been given free to the corporates (AI research) with some pretend ineffective anonymization.
 
Last edited:
I am not convinced by the legal argument "windows cannot make its systems secure or else the anti-malware industry would sue them". Linux vendors have survived.
Linux vendors are not the usual suspects for anti-trust agencies. Microsoft is.

We are talking about an invalid third party kernel driver automatically downloaded and installed, and the designed behaviour is the blue screen of death. I think there are better ways to do kernel updates.
I am pretty sure you can trigger a kernel panic, if you have root rights on a Linux system and inject a faulty kernel module. And it is not like third-party modules are unknown under Linux. The package manager will usually automatically install those as well (although hopefully with much more testing if you are on a stable branch)

It is the GDPR issues I wondering about. This is screwing up a medical records company in the UK, does that mean that this company was training an AI on my medical history without my doctor having any control?

In theory, they should only train on intrusion-relevant data. In practice, who knows?
 
Yikes!
 
Wow, largest IT outage in history?


World is experiencing a mini-y2k.


American Airlines, Delta, and United have halted all airplane flights.

One of the cruise channels I watch on YT mentioned this. The host left on a 7-day cruise earlier today and mentioned that the ship waited awhile past the usual sail time for passengers impacted by the plane situation, and finally had to leave without them.

He was unaffected himself, since he lives close enough to drive to the port.
 
Top Bottom