Go | New | Find | Notify | Tools | Reply | |
His Royal Hiney |
The thought crossed my mind that it may be a cover up but, ain't nobody going to give up a piece of their money when they don't have to. And that's what happened to the stock value of Crowdstrike. The company and the big wigs lost money and a lot of it by saying it was a software deployment issue. Companies may probably go after them for the money lost. "It did not really matter what we expected from life, but rather what life expected from us. We needed to stop asking about the meaning of life, and instead to think of ourselves as those who were being questioned by life – daily and hourly. Our answer must consist not in talk and meditation, but in right action and in right conduct. Life ultimately means taking the responsibility to find the right answer to its problems and to fulfill the tasks which it constantly sets for each individual." Viktor Frankl, Man's Search for Meaning, 1946. | |||
|
Shaman |
Just another reason to ditch MS products. Windoze is bodged together garbage. If the government can go after Boeing, they need to go after MS and Crowdstrike.  He who fights with monsters might take care lest he thereby become a monster. | |||
|
| Left-Handed, NOT Left-Winged! |
I want to see LIABILITY for MS and Crowdstrike. Software companies hide behind copyright law, disclaim all warranties on the function of their software, release buggy software and try to fix it with constant updates. If they were financially liable for damages resulting from product failures, they would do a better job in the first place. | |||
|
| Member |
I've seen many different forums advocate this. What exactly is the MS liability in this instance? I'm confused. Allowing a very popular (and expensive) security application to be installed on their system(s)? If you recall MS got their ass kicked over making it hard to install 3rd party apps and manipulating the OS interfaces. Many cheered the DOJ on with those cases. Are you now saying that MS should make their APIs less accessible like Apple or more accessible and open source like Linux. Do you want that on desktops as well as servers? | |||
|
| Member |
I'm reminded of having 1 type of corn crop or banana strain. If something happens to it your entire line is wiped out. Having choices and not everyone being on the same choice is essential. ____________________________________________________ The butcher with the sharpest knife has the warmest heart. | |||
|
Itchy was taken |
Fortunately, the 50,000 servers that my team manages are all linux. We had windows based applications take a crap. Major impact to the business. _________________ This space left intentionally blank. | |||
|
| probably a good thing I don't have a cut |
How is this Microsofts fault? It's a Crowdstrike problem in my eyes. If a third party company created a problem that only effected Apple systems, would it be Apples fault? | |||
|
A Grateful American |
Because the news came out of the gate talking about Microsoft. It was red meat, and the party was on. "the meaning of life, is to give life meaning" ✡ Ani Yehudi אני יהודי Le'olam lo shuv לעולם לא שוב! | |||
|
אַרְיֵה |
I just received an email from Amazon. My "next day" Prime delivery turned into "next week."
הרחפת שלי מלאה בצלופחים | |||
|
| Left-Handed, NOT Left-Winged! |
Microsoft makes shitty buggy software with major security holes. Some time ago, servers were UNIX and no one ever dreamed of running Windows on servers because it is too damn unreliable. Then Microsoft used whatever influence was needed to convince big business that "Windows Server" is suitable for enterprise severs. And the stupid IT managers swallowed the hook and jumped in. In the old days the saying was "no one ever got fired for going with IBM". Now it's "Microsoft". While this issue seems mostly due to Crowdstrike, MS is partially liable because of the above. If MS wasn't such shit, there would be less of a need for Crowdstrike. MS system security SHOULD NOT PERMIT an update by Crowdstrike that has not been fully vetted BY MICROSOFT to ensure it doesn't cause any issues. The idea that Crowdstrike can hose severs all over the world because of their own bugs, exposes massive vulnerabilities that need to be managed better at the OS level. "Sorry cannot process this update until MS verifies it and signs the certificate". | |||
|
Member |
Lefty is spot on. Our Linux guys hate Windows in general, and virtually 100% of our outages in my company invariably involve the Windows operating system, whether it's servers or workstations, but mostly workstations because of the innate lack of security in the general architecture itself. We use CrowdStrike like everyone else and a metric ton of our Windows machines went down overnight, which we will be dealing with en-masse as soon as the procedure for the official fix is finalized and approved. I have two unix boxes and three mini windows boxes I use for small development and proof of concept testing, and two of the windoze boxes are down with the crowdstrike bug. My main one is still up, because it was shut down when the push was installed. The other two windows boxes are on all the time, as are Linux and Ubuntu boxes, and the Linux boxes are of course unaffected. A few years ago our entire company went down with ransomware for a couple months, and the vector was a fucking email from a company windows workstation. Incredible how bad Windows truly is with security in general. It was a herculean effort to bring the everything back to 100% after the ransomware attack (we never paid a dime), but all of our Linux boxes were good, and all of our windows servers were completely hosed. After that incident crowdstrike was one of the vendors we contracted with to minimize out attack surface going forward, and now this. At least it wasn't a true attack, but it is ironic for sure. But to answer a previous posters question about insufficient testing before releasing the patch to production, I would say hell yes somebody MAY have dropped the ball, and I would generally agree without a better story, but these things like anything else can be complicated, though not always for a good reason to be fair. I was thinking about this situation trying to come up with an imaginary conversation between a CrowdStrike development engineer, testing engineer, and the rest of the packaging and product release engineers, and so far I have not been able to fathom a possible legitimate conversation for set of events that could explain it. So I guess I would just say "shit happens", but my best guess would be someone's head is gonna get rolled, and it probably won't be the people who deserve it, notwithstanding at the executive ranks, as these things go. Lover of the US Constitution Wile E. Coyote School of DIY Disaster | |||
|
Member |
Got the message for a same day delivery of a pound of Celtic sea salt and 50 velvet covered clothes hangers. Said it would be one day late. What to do... oh what WILL we do! Collecting dust. | |||
|
| אַרְיֵה |
הרחפת שלי מלאה בצלופחים | |||
|
Prepared for the Worst, Providing the Best |
It's been a few years, but in my experience, ransomware was typically initiated by an idiot user clicking on something they shouldn't, not a vulnerability within the OS. Windows does exactly what it's designed to do, but it's also the most common user-lever OS, so it is the most regularly exploited. More idiots behind keyboards = more security breaches. We had a few ransomware attacks at my old job, but we also did a pretty good job of compartmentalizing our network storage permissions and had daily backups. When something got compromised, it typically only affected one department, and we were able to wipe and restore from backup. Yeah, that department would lose a day worth of work, but it was better than being down for months or paying some exorbitant ransom. Public-facing systems and transaction data were never effected, because we didn't give users access to the file systems of any of those. And if the department-head complained about that solution, we basically told them to talk to their idiot because we can't fix stupid. When I started doing desktop support in IT, it was well before the prevalence of remote tools and I remember a number of security outbreaks where we had to run around and touch every machine. It wasn't fun, but we just knuckled down and got it done. You got pretty good at walking into an office space and updating/scanning/fixing every machine in that space all at once...running back and forth between desks as stuff rebooted and trying to be as time-efficient as possible. This was in the days of old Pentium II and IIIs running Win 2k, so sometimes it took a machine 10-15 minutes to reboot, and a virus scan could be a 3 hour ordeal. Everything is way faster these days, but I imagine that with all the remote users and outsourced support, dealing with something like this that requires an in-person fix is creating a huge mess. | |||
|
| Blinded by the Sun  |
Woke up Friday morning in Manhattan, supposed to check out and fly back to ATL I was at Hertz when they opened at 7:00 am. They don’t want to rent me a gas vehicle. They wanted me to take an EV. I asked the manager to help me find a gas vehicle because I had kids (I didn’t say they were 17, & 18) to get back the Atlanta. Was in a car driving out that morning. This was 41st between 8th & 7th. I honked nicely no response. Laid on the horn till the guy got in and moved. By the way NYC was cleaner, less visible homeless, and felt safer than Atlanta. Everyone in our group felt the same. I know the city gets bashed for its policies but it is one of the greatest cities on the planet.  ------------------------------ Smart is not something you are but something you get. Chi Chi, get the yayo | |||
|
| Member |
Maybe they're miners? "Anybody who can go down 300 to 3,000 feet in a mine, sure in hell can learn to program." ... (look the author up yourself!) | |||
|
Member |
I think there's a pretty decent chance that you and your kids had more fun driving back than you would have had flying. How was it? . | |||
|
| Member |
A great, great intellect. (I looked it up)  . | |||
|
King Nothing |
Haha I totally didn’t get the quote, but looked up the author, as well, and it then it made sense. ...Then it comes to be that the soothing light at the end of your tunnel, was just a freight train coming your way... | |||
|
Member |
A very good description. _________________________ You do NOT have the right to never be offended. | |||
|
| Powered by Social Strata | Page 1 2 3 4 5 6 |
 | Please Wait. Your request is being processed... |
|
© SIGforum 2024