A Security tool wreaks havoc globally

I was wondering (theoretically) whether a faulty driver could bring down a UNIX system like that too, or whether UNIX has better inherent protection.
 
Toopy14 said:
Not even Sphere in Vegas was safe.

View attachment 143077
Click to expand...
I just flew into Vegas an hour ago from denver. All of the flight status monitors in Denver were bsod. All of them. Everywhere in the airport. Upon arriving in vegas, the sphere was black. I haven't seen the sphere black since they first turned it on. Had I been on an airline other than Southwest, I probably wouldn't be home right now. They seemed to be the only Airline still running, even though they were delayed.
 
mr_fender said:
Article is a bit misleading. It's not a Windows problem. It's Crowdstrike's drivers that are hosing machines. Modern Windows systems that don't use Crowdstrike's drivers are completely unaffected.
Click to expand...
I wonder if they were implying that because they were using such an old OS that couldn’t run Crowdstrike’s software/security drivers, they were able to stay up and running.
 
Man I'm glad that, as a Network Administrator for 25 years, I ran any and all of my network support servers/functions on Linux, and had to spend little time on MSoft servers. Properly tuned and administered, those Linux servers/services handled thousands of concurrent connections day in, day out for decades without issue (as long as the hardware was functioning properly). I never had days like the last couple where everything ground to a halt due to an update/patch, etc.
 
iaresee said:
Have had to scramble the crew to patch CVEs on Linux systems plenty of times over the years. But today was not one of those days.

Nothing is immune from bugs.
Click to expand...

No, of course not...that's patently obvious...I've deployed plenty of exploit/security patches on Linux systems over the years, sometimes a frenzy, but never had anything remotely this disastrous occur.
 
Stratoblaster said:
No, of course not...that's patently obvious...I've deployed plenty of exploit/security patches over the years but never had anything remotely this disastrous occur.
Click to expand...

On the scale of impacting the world, this is pretty unique. But I've definitely been in near company-ending outages that started with someone in the team saying, "I'll just push this to all of production at the same time now..."
 
iaresee said:
On the scale of impacting the world, this is pretty unique. But I've definitely been in near company-ending outages that started with someone in the team saying, "I'll just push this to all of production at the same time now..."
Click to expand...

Lol.....I know that feeling all too well. Someone doesn't test on a isolated, sandboxed environment, etc. "It'll be fine...."!

This is a unique issue, I agree, but you have to wonder how such a faulty patch that affected so many machines wasn't detected....??
 
The problem at my level is that you 100% have to do your serious diligence, but also, sitting around waiting to be super ultra mega sure your new code won't break anything is totally not constructive. At some point you just have to press go, then keep your ear to the ground for trouble.

But we're a small shop, effectively me for one of the big apps I work on. I can barely get the first level customer (a major medical center) to look at what they asked me to build before it goes live.

CrowdStrike is many orders of magnitude bigger, better resourced, and in for way way higher stakes. How could they not have discovered a flaw this catastrophic in house???

Boggles the mind.
 
What's boggling my mind is: How is the most used OS in the world seemingly that vulnerable to a mal-tested 3rd party sw patch.

Edit: Even as a former programmer, I guess I've been under the illusion that no 3rd party software could get close to hobbling an OS this way (MS OS disabled until 3rd pty org's correction patch manually applied). If it was an MS patch misfire, I could kinda, maybe understand how it might happen, but not with 3rd pty software where I would have imagined there should be, even for low level tasks, a very strict and enforced api protocol for non-MS processes hooking into core OS territory.
 
Last edited:
GlennO said:
Shit happens. The way to guard against severe consequences is to make your release rollouts gradual. Pushing an update all around the world simultaneously is galactically stupid.
Click to expand...
I wonder if that update guards against some very dangerous new threat(s), enough that they skipped steps to get it out there.

Still.
 
You must log in or register to reply here.
Back
Top Bottom