https://www.reddit.com/r/crowdstrike/comments/1e6vmkf/bsod_error_in_latest_crowdstrike_update/
Link to the Tech Alrt from crowdstrike's support form: https://supportportal.crowdstrike.com/s/article/Tech-Alert-Windows-crashes-related-to-Falcon-Sensor-2024-07-19
Someone of Wallstreetbets started shorting their stock yesterday lmao https://www.reddit.com/r/wallstreetbets/comments/1e6ms9z/crowdstrike_is_not_worth_83_billion_dollars/
Late stage empire vibes.
- Self-own your own IT infrastructure by pushing out an update on your overly bloated domestic security software peddled by your military industrial complex. Wasn't even an attack from a major cyber rival: you fucked this up all on your own.
- Your space agency cancels their only moon robot because their contractors bled them dry. Meanwhile your main geopolitical rivals are building entire military bases on the moon.
- You have astronauts stranded on a space station because Boeing, your only remaining domestic aerospace company, was taken over by MBAs and can't make airplanes OR space shuttles without endangering your own citizens.
- Your two major political parties are so dysfunctional that one got through a whole primary cycle with a decrepit old man before realizing he was actually too senile for the job and now your political elites are forced to play their veto uno reverse card in the media. And the other party just had their candidate survive a homegrown assassination attempt by a slight neck twitch, only to turn around and start endorsing a public plan to dismantle your own government with their VP pick.
And ALL of this in the past week, lmao.
meanwhile the dei woke gays are the ones currently fixing the problem the failson cishet white guys created by taking m$ kickbacks to use their vulnerable software then mandating that the built-in m$ virus protection was insufficient and shelling out more money for a rootkit company to have control over critical systems
This is so true. The intelligence community literally pushes Crowdstrike on companies that are “of national security importance”. You’ll have a goon monitoring your company FROM THE OUTSIDE call you up about the latest cyber attack that hit you and pushing this. So of course you buy because they know better right?
All of those companies are hosed right now lol
Oh cool so Boeing is gonna introduce fucked up parts to several unrelated manufacturers planes, air travel will never be safe again
- Show
Does the US Military ever think about logistics? Great, now you can move a squad further, faster. But now you have two helicopters strapped together, plus the tilt system, and all of that needs to be repaired and maintained, you need to move parts and replacements. You've at minimum doubled the amount of ground maintenance your aircraft needs after every flight. And while that aircraft is being serviced for either twice as long or by twice as many mechanics it's not in the air, it's not ready to fly, so to keep up the same number of missions you need twice as many of them, or twice as much maintenance logistics.
Does this read? I really think that with vundervaffen like the F-35, even if they could do everything they say, the US is setting itself up to starve due to the long, very complex logistics trains. The F-35 in stealth carries half the payload of an F-16 and needs several times as much maintenance, which means that any airfield or carrier is going to have to do vastly more maintanence on twice as many sorties to keep up the intensity of F16 raids. Which means if anything in the supply chain breaks they're gonna get real fucked real fast. And carriers only have so much space in them, so it's not like you can just add more planes, hangars, and fields. It seems so obvious to me that if the US actually tries to use these things the logistics network will collapse within days or weeks.
The US Army highly logistics driven and its probably true for other individual branches (maybe not the air force). Its the MIC that keeps making wunderwaffen because thats the most profitable. All of those faults you listed are profit for the MIC. Extra ground maintenance is a private contractor making $300K to only fix one system on one plane.
The F-35 was designed to save money by replacing +3 different fighter jets with 1 platform. The result is 3 different jets that share a shape and frame but literally nothing else.
I'm in the process of switching, thank goodness.
Is this an issue I'm too Linux-y to understand?
I used to be way more evangelical about Linux and a few years ago a bash/terminal exploit was discovered after going unnoticed for like a decade that could give someone superuser privileges to a system and my brother and his friend tried giving me shit over it and I was like "yeah, it's already patched. Like not even an issue. Meanwhile malware and security holes on Windows is just another Tuesday, but whatever."
It's more GNU than Linux. With proprietary software, people are forced to compete to come up with the quickest solution rather than the most correct. Inevitably under a capitalist system, few large conglomerates dominate the field of technology and bend society to its will leading to a space where only venture capitalist grifters can thrive while the public suffers.
A monoculture is more vulnerable to being wiped out by a single disease. so in the end, like all problems caused by capitalism, will cause the whole system to collapse.
It's not being an "evangelical" which is the lazy excuse that capitalist bootlickers give to any socialist project. It's about being for the workers.
This has nothing to do with the operating system that was being run and everything g to do with enterprise using a third party monitoring application that was not tested properly before an update was pushed by the vendor
It probably doesn't have much to do with a side by side comparison of the current OS architectures, but there is a lot of historical inertia behind the current state of the Linux and Windows ecosystems. Windows originated as a graphical shell for DOS, which was mainly a single-user, single-process system. Linux originated as a multi-user, multi-process system since inception. Throughout a long period of Windows's history, these habits lingered among third party developers (developers developers developers) out of convenience or simple necessity for backwards compatibility with other third party components. Even when the NT kernel became the universal Windows kernel with Windows XP, a lot of third party software development adhered to the assumption of a single user machine where the user runs everything with admin privileges. They simply ported their old shit over from (DOS-based) Windows 98/ME and did the bare minimum to make it run on NT. This only reinforced users to run everything as admin, because all sorts of things would break otherwise (admittedly, mostly games and retail shit, but a lot of third-rate enterprise software and harebrained in-house solutions also carried these assumptions forward).
This has all been pretty much remedied by year 2024, but a lot of these virus scanners and "security" apps still bear the marks of history, running in ring 0 as kernel modules and root-kits to one-up the end-user who is running everything as an admin. The fact that we're even doing third-party security apps in 2024 is the real failure. This stuff should be (and is, to a large degree) built directly into the OS. This stuff only exists because redundant middle-managers throughout corporate America cannot resist being conned by vendors.
Definitely not nothing to do with windows, but you're right that that's the main problem.
ironically crowdstrike did a similar thing with their linux product a couple months ago but it wasn't a big deal because 1) nobody uses that shit on linux 2) linux isn't as homogenous of a target as windows, so only certain kernels from certain distros were affected.
Because they outsourced and fired their QA, allegedly.
Nooo haha don't monopolize key sectors of your economy making it easier to hijack the whole thing and takeover after the revolution haha nooo
(This goes both ways, I wouldn't like this happening to China)
I hadn't considered speciation and natural seelction as a mode of hardening your systems against attack, honeslty, but i guess that's exactly how it functions in nature.
Ey cuz I'm an RNAi hehe. Funniest thing is that all happened because of an antivirus
In the ridiculous evolution arms race there are pathogens that hijack precisely the antipathogen systems to do their thing, and then later defense systems which attack exactly that, the whole thing is filled with (i couldn't find the non-trans uno reverse card emote)
The trans uno reversal seems appropriate because so many women are going to spend the next few days cursing and swearing as they have to travel from department to department manually deploying fixes.
pull on your programming socks, it’s going to be a long fucking day
Please be related to them pushing out some AI bullshit that would be so fucking funny
Imagine revealing you've never worked for a company whose IT infrastructure is older than you
The nice thing about FORTRAN is there's hardly anyone left who speaks the deep magic so network attacks aren't much of a concern.
These issues are not in windows 98 PCs, these issues are almost entirely on up to date hardware.
linux isn't new, at all
And the companies with that type of infrastructure are still like 50/50 on DOS not windows
The fact that your infrastructure is old is not an excuse and something to brag about
The wallstreetbets post having been created a few hours before the shortage is wild
I'm wondering this: If they were associated with it, why would they bother posting about it publicly? Unless it was a coincidence.
It's not insider trading if you're reacting to news from an outsider.
Oh yeah, post from like a third-party TOR Reddit account this info and then say you reacted to that info yourself.
Crowdstrike got their overly valued IPO off planting Russian Bear signatures in the DNC servers.
Infamously being handed the DNC servers after the party denied the FBI access to investigate.
They admit there was no evidence of Russians after the fact
But it was critical to plant in the news and aided the Empire to stroke up a new Red Scare to justify sanctions.
Crowdstrike was founded by a group of s connected to the Atlantic Council and
Cybersecurity Firm That Attributed DNC Hacks to Russia May Have Fabricated Russia Hacking in Ukraine
The firm’s CTO and co-founder, Dmitri Alperovitch, is a senior fellow at the Atlantic Council, a think tank with openly anti-Russian sentiments that is funded by Ukrainian billionaire Victor Pinchuk, who also happened to donate at least $10 million to the Clinton Foundation."
They rode this fake claim to fame on an IPO that valued the company at $7 billion
CrowdStrike Holdings Inc. shares soared nearly 100% at times in their trading debut Wednesday, and the chief executive compared the cybersecurity company to cloud-software giants like Salesforce.com Inc. and ServiceNow Inc. while watching the stock’s huge first-day pop....CrowdStrike CRWD priced an initial public offering Tuesday evening at $34, higher than the expected range. CrowdStrike sold at least 18 million shares at that price to raise more than $610 million at an initial valuation of about $6.7 billion. Underwriters — led by Goldman Sachs, JP Morgan, BofA Merrill Lynch and Barclays — had access to another 2.7 million shares, which could push the total raised to more than $700 million.
Shares gained as much as 97% in Wednesday’s session, though they pulled back to trade lower than the opening price of $63.50.
So not sorry for a bit a schadenfreude that this happens the night is formally nominated.
My other half watched it and said the family was there.....but Barron was missing
Russians hacked into a Ukrainian artillery app, resulting in heavy losses of howitzers
Why does Ukrainian Artillery have an app which can be connected to the internet?
The more I read about it the worse it becomes holy shit. The economic hit would be wild.
Lmao, my company uses that. Let see if I'm going to be able to work today.
Bad news: looks like it was fixed 😕
We got emergency emails and texts about the outage. I seem to be able to login and work just fine for now
My work computer isn't working and I actually need to do shit today :(
On a scale of 10 (10 being the 2008 crash) how big is this?
Enlightenment me oh computor mages
I was thinking about this the other day about how so many functions and internal services for firms, especially IT, were outsourced and centralized. For my company this meant that so many means of internal communication and online storage went from in-house servers to the cloud. Security is fucked because my company depends on another for our private info. Like you can’t have a system that is disconnected from the internet anymore.
Outsourcing makes sense because smaller companies don't have resources or expertise to have their own Cybersecurity Operations running.
Yeah mine too. One of our main services is Cybersecurity Consulting yet here we are.
A 3, probably. The fix is simple, if annoyingly manual. It is funny though.
Not very big. The preppers will feel very smug eating their tinned beans tonight before everything is normal again tomorrow
You mean the financial crash of 2008? Idk about that, but there will be financial fallout.
An industry leading antivirus software pushed and update that crashed any windows machine its on. BSOD=blue-screen of death. The devices aren't bricked. The update just needs to be reverted. But applying the update is difficult because the devices are BSOD.
To get an idea of how wide spread crowd strike is: my employer's clients are requiring all of my employer's computers to have this antivirus software installed.
Lol this is not the "something finally happened" that I hoped to wake up to, but I'll take it.
A world-wide disruption like this does create plenty of options for things to happen.
"Mac and Linux hosts are not impacted"
and a lot of Linux computers wouldn't be using a solution like this, regardless
https://www.crowdstrike.com/wp-content/uploads/2020/06/linux-solution-brief.pdf
yeah, I know they support Linux, why else would they make a statement about Linux not being impacted?
it doesn't change that Linux wasn't impacted, or that crowdstrike is used primarily on Windows (a little hard to prove, but pre-incident there was substantially more "crowdstrike" "windows" than "crowdstrike" "linux", a pattern that holds true on their subreddit. also, anecdotal experience).
My point is the OS has nothing to do with this issue. whatever desktop or server OS you're using makes no difference if you're going to have third party management utilities on your infrastructure the vendor can push updates to without your knowledge.
how long is this gonna last before it's fixed and back to normal?
Death to America
There is no automated solution so every device has to be fixed manually. Plus with Bitlocker it becomes more difficult if the keys are stored on a server that can't start anymore. It'll be a pain and will probably last a month or two because of how big the scale is.
every device has to be fixed manually
Depends, if you have a PXE boot setup, then you can use that to fix the machines. But I most people will be out of luck and do the manual route like you said
Call me crazy, but if I were to look back at the history of cybersecurity in, oh I dunno, 20 years? And I read about the “Crowdstrike Outage” long after this company is gone, I’m immediately gonna assume “Crowdstrike” is the name of a piece of malware