CrowdStrike effectively bricked windows, Mac and Linux today.
Windows machines won’t boot, and Mac and Linux work is abandoned because all their users are on twitter making memes.
Incredible work.
Come on, it was right in their name. CrowdStrike. They were threatening us all this time.
We formed a crowd, then BAM, they striked.
We should have seen this coming!!!
Imagine this happening during open heart surgery and all the monitors go blue!
Good lord I would hope critical surgical computers like that aren't networked externally... Somehow I'm guessing I'm wrong.
Maybe not everywhere, but all of ours are air gapped.
Anecdotal, but my spouse was in surgery during the outage and it went fine, so I imagine they take precautions (like probably having a test machine for updates before they install anything on the real one, maybe)
There were no test rings for this one and it wasn't a user controlled update. It was pushed by CS in a way that couldn't be intercepted/tested/vetted by the consumer unless your device either doesn't have CS installed or isn't on an external network.. or I suppose you could block CS connections at the firewall. 🤷♂️
Depending on the machine, I guess it's likely that those aren't using Windoofs at all. I would be surprised if there were devices in use during surgery who run on that.
Any critical devices should be airgapped while in service.
on twitter?!?
I wish my Windows work machine wouldn’t boot. Everything worked fine for us. :-(
Could be worse. I was the only member of my entire team who didn't get stuck in a boot loop, meaning I had to do their work as well as my own... Can't even blame being on Linux as my work computer is Windows 11, I got 'lucky'; I just got a couple of BSODs and the system restarted just fine.
Funny, mine did a couple BSODs then restarted just fine, at first. Then a fist shaped hole appeared in the monitor and it wouldn't turn on again.
Weird bug.
~~cloudstrike~~ crowdstrike should be sued into hell
Crowdstrike*
Cloud Strife*
Counter Stri... no not that.
"the bomb has been planted" - the intern that pushed the update at crowd strike or whatever
well maybe letting them pay compensation to all(!) victims (not just their customers) for all losses including lost time already would solve that problem.
that would leave the decades-long unsolved problem of microsoft not beeing held liable for their buggy products (which is the reason for all security-products-as-a-workaround-to-compensate-that-crappy-os companies existance) open.
why not in general hold companies liable for the damage they cause so they CAN develop beeing more cautious with what they do? i mean not ONLY cs should be sued to hell, but ALL of them should be sued until they are reasonable cautious with all possible damages they can cause (and already did in the past)
Let your plans be dark and impenetrable as night. And when you strike fall like a thunderbolt.
As a career QA, i just do not understand how this got through? Do they not use their own software? Do they not have a UAT program?
Heads will roll for this
Oh so its not windows only
The joke is Mac and Linux users, who aren't actually effected, are incapacitated due to being busy gloating on social media.
Lol, they only bricked specific machines running their product. Everyone else was fine.
This was a business problem, not a user problem.
Is there a good eli5 on what crowdstrike is, why it is so massively used, why it seems to be so heavily associated with Microsoft and what the hell happened?
Gonna try my best here:
Crowdstrike is an anti-virus program that everyone in the corporate world uses for their windows machines. They released a update that made the program fail badly enough that windows crashes. When it crashes like this, it tries to restart in case it fixes the issue, but here it doesn't, and computers get stuck in a loop of restarting.
Because anti-virus programs are there to prevent bad things from happening, you can't just automatically disable the program when it crashes. This means a lot of computers cannot start properly, which means you also cannot tell the computers to fix the problem remotely like you usually would.
The end result is a bunch of low level techs are spending their weekends manually going to each computer individually, and swapping out the bad update file so the computer can boot. It's a massive failure on crowdstrikes part, and a good reason you shouldn't outsource all your IT like people have been doing.
It's also a strong indicator that companies are not doing enough to protect their own infrastructure. Production servers shouldn't have third party software that auto-updates without going through a test environment. It's one thing to push emergency updates if there is a timely concern or vulnerability, but routine maintenance should go through testing before being promoted to prod.
Crowdstrike is a cybersecurity company that makes security software for Windows. It apparently operates at the kernel-level, so it's running in the critical path of the OS. So if their software crashes, it takes Windows down with it.
This is very popular software. Many large entities including fortune 500 companies, transport authorities, hospitals etc. use this software.
They pushed a bad update which caused their software to crash, which took Windows down with it on an extremely large number of machines worldwide.
Hilariously bad.
This is very popular software.
if that's a "good" argument for you, then i've already heared that, and it nearly never really fits. here is another one for you that is an argument as generic as yours: "maybe try eating poo, trillions of flies cannot be wrong, poo is VERY popular food, much more popular than any human food !!! (as in mass per day as well as in its number of consumers)"
I wasn't making a case for adopting this software. Just pointing out that it is widely used, which is why it had such a wide effect.
I think you'll find most corporations would jump off a bridge if they saw their competitors jump.
so i misunderstood. sry then.
and yes, every company running an alltime-ever-in-news-due-to-critical-exploitable-bugs-in-the-mailclient already IS in freefall after that said jump.
So, do all windows machines use this, or do you have to add this software?
It's separate software; CrowdStrike is independent from Microsoft and it isn't a default component of Windows.
It’s interesting that Microsoft is getting a lot of flack from this.
Yeah, this isn't really the fault of windows.
Windows normalized running third party software as kernel level code.
Third parties love their trojans just being treated as normal way of life.
"Anti-cheats" instead of not being imbeciles while designing protocols for multiplayer, "anti-viruses" which need to run kernel-level and download databases with executable code, video drivers which just can't be packaged with Windows.
One thing I've realized is that large parts of social structure are dependent on cheating. We all want to cheat, so we all agree to a system where cheating is possible, but pretend it's not happening until someone gets caught and then just behave as if nothing happened.
One necessary part of someone's upbringing is honesty. There's an amazingly deep moment in LOTR where Eomer says that Rohirrim don't lie, so they are not easily deceived.
This is not a poetic device. This is how it works. Ponzi schemes usually target people who think they are smarter and more cunning and will gain something from them. And rigged security systems work because most of participants think they are the ones who may at some point abuse those systems, but most of them are the ones becoming eventually victims of such abuse.
I think it's much simpler: people don't know what they're doing, while CEOs want to make more money so don't do appropriate (expensive) practices.
Can an OS be bricked?:
A brick (or bricked device) is a mobile device, game console, router, computer or other electronic device that is no longer functional due to corrupted firmware, a hardware problem, or other damage.[1] The term analogizes the device to a brick's modern technological usefulness.[2]
Edit: you may click the tiny down arrow if you think it can't. ;)
No, unless its an embedded OS and it has no external ports.
You can absolutely start writing garbage to bios and brick the mobo firmware.
and the one I was replying to was asking about an OS being bricked, not about the bios or firmware.
AND even then you can reflash the bios, its time consuming and costly but you can.
AND even then you can reflash the bios, its time consuming and costly but you can.
then nothing can be bricked because on paper you can desolder the rom chip and put another one in place.
If you want to be stupidly pedantic about shit, then nothing is anything.
What's the criteria for a Windows machine to be affected? I use Windows but haven't had any issues today.
This is specifically caused by an update for CrowdStrike's Falcon antivirus software, which is designed for large organizations. This won't affect personal computers unless they've specifically chosen to install Falcon.
be a windows based machine protected by crowdstrike as a security service, and received said botched update
protected
Um, about that...
i means cops exist to protect and serve, whether they actually do that is a different story
Hey! Its VERY secure, nobody can get into it!
yes it protected - by accident - the servers from booting into malware 😁
I use Arch btw
Sister communities:
Community rules
Please report posts and comments that break these rules!