Do you want a T-Shirt?

"I have spent my entire weekend to fix the #crowdstrike mess and all I got was a lousy gift card"

https://techcrunch.com/2024/07/24/crowdstrike-offers-a-10-apology-gift-card-to-say-sorry-for-outage/

In Germany you get two days free for every day of the weekend and one day for every night if you have wasted your time on this crap.

Tomorrow is the 25th #sysadminday

1. Don't accept warm words!
2. #unionize !
3. Refuse to deploy this kind of crap
4. Only fix security problems
5. Automate the right way
6. Leave your job before you burnout

Hey #SysAdmin #InfoSec fedi, let's have some fun. 🥳

Microsoft claims that the CrowdStrike thing is EU's fault, acktschually, because years ago EU forced Microsoft to stop abusing their privileged Windows access to have an edge over competitors in antivirus market. 🤨

Seems only fair to have a thread on our favorite examples of Microsoft's utter failures, ideally related to completely botched updates.

Know of such a failure? Share it below!

#Microsoft #Windows #CrowdStrike #EU

CrowdStrike Global Outage (Crowd Struck) via @endingwithali

#ThreatWire #CrowdStrike

https://www.youtube.com/watch?v=N8iOe5NwIAo

CrowdStrike Global Outage (Crowd Struck) - ThreatWire

DESCRIPTION BOX⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️@endingwithali →Twitch: https://twitch.tv/endingwithaliTwitter: https://nitter.privacytools.io/endingwithal...

^YouTube

(Nitter addon enabled: Twitter links via https://nitter.privacytools.io)

"#CrowdStrike is offering its partners a $10 Uber Eats gift card as an apology"

They honestly playing the pizza party card to their own customers🤡

😂 TechCrunch: CrowdStrike offers a $10 apology gift card to say sorry for outage

https://techcrunch.com/2024/07/24/crowdstrike-offers-a-10-apology-gift-card-to-say-sorry-for-outage/ #crowdstrike #outage

If you don't use #Crowdstrike, you might be wondering if your EDR could burn you the same way.

Not all EDRs use Early Launch Anti-Malware drivers. To find out if yours does, use a registry editor or explorer (Like the great one in Zimmerman's tools) to check out C:\Windows\System32\config\ELAM. If it has live data in it, then something (listed in the hive) is updating signatures for an ELAM driver. If not, no ELAM drivers are present.

this is why I’ve side eyed any federal document about software #security, quality, or #resilience that demonizes open source software while touting the virtues of commercial cybersecurity products

as if those products aren’t notorious for deep access + flimsy quality…

I’ve written about this concern in two separate RFIs to CISA et al (with co-conspirator @rpetrich)

1) on OSS security https://kellyshortridge.com/blog/posts/rfi-open-source-security-response/

2) on secure by design https://kellyshortridge.com/blog/posts/rfi-secure-by-design-response/

#crowdstrike

Open-Source Software Security RFI Response from Shortridge Sensemaking LLC

This blog post describes our response to the RFI on Open-Source Software Security and links to the response PDF.

^{Sensemaking by Shortridge}

^ In our RFIs, we note that commercial security software is often a boon for attackers given its deep access + poor quality

indeed, much of it resembles malware in functionality.

in the #Crowdstrike case now, it’s poorly written malware. “Skidiot” shit, as a friend would say…

For all the ballyhooing about open source, why don’t we take the security of commercial security software more seriously?

and this is why we need to stop absolving *commercial* cybersecurity vendors of software quality concerns.

there should be multiple checks preventing this type of broken content in an update.

how did they allow it to ship to so many machines all at once?

#crowdstrike

Southwest Airlines was spared by #CrowdStrike outage because... they're running Windows 3.1 🤯

Resilience through obsolescence 🤷

https://www.tomshardware.com/software/windows/windows-31-saves-the-day-during-crowdstrike-outage

#ITOutage #outage

Windows 3.1 saves the day during CrowdStrike outage — Southwest Airlines scrapes by with archaic OS

Windows 3.1 and Windows 95 save the day.

^{Jowi Morales (Tom's Hardware)}

I agree with everything Scott Hanselman writes in this post.

https://www.linkedin.com/feed/update/urn:li:activity:7220428353269350400

#crowdstrike #microsoft #dei #softwaredevelopment

On April 21, 2010, the antivirus company McAfee released an update to its software used by its corporate customers. The update deleted a key Windows file, causing millions of computers around the world to crash and repeatedly reboot. Much like the CrowdStrike mistake, the McAfee problem required a manual fix.

Kurtz was McAfee's chief technology officer at the time. Months later, Intel acquired McAfee. And several months after that Kurtz left the company. He founded CrowdStrike in 2012 and has been its CEO ever since.

https://www.businessinsider.com/crowdstrike-ceo-george-kurtz-tech-outage-microsoft-mcafee-2024-7

#CrowdStrike

CrowdStrike CEO has twice been at center of global tech failure

CrowdStrike CEO George Kurtz was the CTO of McAfee in 2010 when another security update caused millions of computers to crash around the world.

^{Lakshmi Varanasi (Insider)}

I like to criticize windows as much as most linux users, but above statement is misinformation.

The issue is #cloudstrike not testing a push for #windows - which is the root cause of this outage. Their product is available for mac and linux as well, and not testing a push for #rhel bringing down all #rhel worldwide is JUST AS plausible.

Compounding this root cause is the corporate security monoculture choosing this shitty #crowdstrike vendor. There!

Who in the world would trust Windows for any mission-critical work? https://www.computerworld.com/article/2889660/put-not-your-trust-in-windows-or-crowdstrike.html by @sjvn

#Windows has become a single point of failure for the world’s IT infrastructure. We really must move on. #Crowdstrike

Put not your trust in Windows — or CrowdStrike

^{Steven J. Vaughan-Nichols (Computerworld)}

• Yes, at work (9%, 167 votes)
• Yes, in my life (train, plane, …) (3%, 62 votes)
• I witnessed some BSOD (2%, 50 votes)
• Not at all, only read about it online (84%, 1485 votes)

@kris

"#CrowdStrike Insiders Sold Stock Before the Outage. How That Happened."

It is to me, too.

This link is not, but should read with a VPN:

https://archive.ph/2Ndf4

Context- someone on the birdside are blaming #crowdstrike on DEI hiring

Here’s the thing folks. I’ve been coding 32 years. When something like this happens it’s an organizational failure. Yes, some human wrote a bad line. Someone can “git blame” and point to a human and it’s awful. But it’s the testing, the Cl/CD, the A/B testing, the metered rollouts, an oh shit button to roll it back, the code coverage, the static analysis tools, the code reviews, the organizational health, and on and on 1/3

How was ya’lls day? I managed to avoid the drama of #crowdstrike but spent most of the afternoon installing our new #mastodon server.

You ever feel like hitting your head against the wall over one stupid problem you know the answer to but cant remember? Yeah I spent an hour doing that with something simple.

I think he is spot on, generally, with his comments on the lack of antitrust enforcement. But #crowdstrike has competitors, right?

I also couldn't help but think, again, of a similar problem hitting the monoculture of much of our food supply.

Hey has anyone else remembered that George Kurtz, the co-founder and CEO of CrowdStrike, was CTO at McAfee on April 21, 2010, when the DAT 5958 McAfee update caused millions of computers worldwide running Windows XP Service Pack 3 to delete svchost.exe causing machines to lose network access and, in some cases, enter a reboot loop?

#InfoSec #crowdstrike #clownstrike

Not even ransomware is as effective as CrowdStrike.

#pc #mac #crowdstrike

SJC.

#crowdstrike #sjc

Managed to resuscitate a total of 8 PCs today between 2 sites. It would have been more but for some ancient machines and various complications that slowed me down.

Next week the fun is sure to continue. 🙄 #CrowdStrike

AAARRRGGGHHHHHHHHHH!!!!!!!!

Channel 4 News, in talking about today's #Microsoft #CrowdStrike fuckup, stated that the expected Y2K effect was imaginary.

No! No! NO!

We* did a massive amount of work to update and ensure systems would keep on working. And more importantly WE TESTED EVERYTHING FULLY BEFORE GOING LIVE.

(* As in everyone responsable for operating computer systems around the world!)

Software made by #US #cybersecurity company was intended to protect against crashes and disruptions in vital systems – it ended up taking them down.

What is #CrowdStrike and how did it cause a global #WindowsOutage?
https://www.theguardian.com/technology/article/2024/jul/19/what-is-crowdstrike-microsoft-windows-outage

What is CrowdStrike and how did it cause a global Windows outage?

Software made by US cybersecurity company was intended to protect against crashes and disruptions in vital systems – it ended up taking them down

^{Nick Robins-Early (The Guardian)}

See, it is possible for something to bring Star Wars and Star Trek fans together, even if one series is obviously better than the other.

#crowdstrike #starwars #startrek