quote:

Originally posted by r0gue:
.........Crowdstrike is a leading cybersec vendor of software and services.

"American Airlines says Crowdstrike, a cybersecurity company, is the source of the tech issues."

Add Crowdstrike to the growing list of companies run by morons.

A quick Ducky search reveals some facts about this situation. The problem is, apparently, with a CrowdStrike product named "Falcon." Falcon is a daemon that is intended to detect and respond to threats against the system. My speculation is that the new revision got a little over-eager and detected a false positive system compromise, and responded by locking down the system resulting in a BSoD. In other words, it did what it was supposed to do, only too much so.

Of course, it certainly is possible that all those affected systems actually did have some sort of malware already present on them, and were waiting for a bad actor to activate them en masse, potentially resulting in a much worse event.

The real issue is the near uniformity of installed OS (Windows) and security software (Crowdstrike Falcon) in the business community. The impetus to install the "market leading" software results in a self-reinforcing situation where everybody becomes vulnerable to the same attack, greatly simplifying an attacker's job. System administrators responsible for significant assets would do well to learn from this situation and base their infrastructures going forward on non-mainstream systems, or at least have a backup system in place that works differently from the production system.

Honest mistake? (doubtful)

Incompetence? (possible)

DEI? (probable)

While Amazon is up, their customer support is not.

I bit of a disruption in F1 practice earlier. Not the sponsor image you're hoping to be in circulation.....

This just happened to us a few months ago. Crowdstrike errantly identified a Windows system file as malicious and sent the Windows systems into bluescreen cycles and eventually, by design, into Bitlocker lockdown mode.

The fact that heads didn’t roll when this happened a few months ago, leads me to believe that there should be a larger swath of firings this time around.

This is (probably) not anything to get into a frenzy about, other than to hopefully wake people up to the lack of control we have when everything is SaaS-controlled due to the “cost savings” of running lean.

Crowdstrike is just like every other garbage AV company in that they will happily take your money, while creating a shittier product over time.

This reminds me of the time a video game that I played offered a new patch for download. Problem with it is that they were deleting their boot.ini file within the game files, unfortunately the code deleted the individual user Windows boot.ini file and when they restarted their pc........bricked.

(Eve Online - 2007)

https://www.eveonline.com/news...t-the-boot.ini-issue

Of course the company downplayed the error.

Catastrophic where I am. Live update/cloud based software is the worst.

my kid's flying around Europe for the next few days, hope she doesn't get caught up in it too much.

Lesson 1: Don’t run business/mission critical systems on Windows.

Lesson 2: Don’t connect critical infrastructure systems to the internet. Just in general, but not specifically an issue in this event. Update with the poison file (invalid format in this case) came through the official channel.

Of course the current mantra in IT with Agile / DevSecOps is “Move fast and break things”. Also puts the whole thing about how software is eating the world into a different perspective.

It hit us at work sometime after midnight. 911 went down. Computers went down.

I'm not the IT person but I kept getting calls. I was 550 miles away on vacation. I told them to call the IT people we pay monthly to fix it.

Anyways, I get to work today at 9:30 after driving 6 hours and get to work to fix stuff (while I'm still on vacation till Monday) that the IT company couldn't, and I got written up for something that happened a week ago and suspect didn't even complain. Just a coworker who read a report and said I violated some taser policy which we don't have one.

smh

SIGforum is up.

Namaste

Good news.

All nine the countries with nuclear weapons use CrowdStrike's Falcon EDR...

Sounds about as secure as the secret service

Class?

Now imagine your pc is bricked and all of your money was tied up in the gov't CBDC!

Or worse, your CBDC was bricked.

quote:

Originally posted by parabellum:
Class?

Politics in an apolitical thread?

quote:

Originally posted by Leemur:
...

quote:

Originally posted by trapper189:

quote:

Originally posted by parabellum:
Class?

Politics in an apolitical thread?

Politics in an apolitical thread, yes, thank you.

Now, as I was saying, my TV remote control is functioning properly. Microwave, too.

I don't see the problem.

Just tried my garage door. Goes up, goes down. Stops when I stop it. Starts when I start it.

I don't see the problem