I would honestly think freezing airports, hospitals and other services for days would cause a lot of legal trouble.
At least that's what would happen if an experienced hacker did the same thing.
These kinds of discussions are between corporations who have defined SLA's that specify things like reliability, uptime, etc. It's likely this outage breached this agreement so the lawyers of the companies are discussing internally and behind closed doors. This kind of thing doesn't get reported on in general.
There are lawsuits: https://techcrunch.com/2024/09/02/crowdstrike-faces-onslaught-of-legal-action-from-faulty-software-update/
These things will probably take years to play out.
Well, for one, it's not known as "BSOD day" by any other customers that I know of. For two, there are contractual obligations, which prevents businesses from immediately pulling the plug and depriving them of funds, or from having knee jerk reactions, depending on your perspective. And finally, in just my own opinion, no other alternative solution provides a more compelling case for risk reduction without the same potential compromises even given the faulty deployment methodology that CS used. Sad, but true in my experience.
Needing kernel code for security sucks, don't have better options right now, encourage startups and take risks on them instead.
They have a shitload of big contracts with a great many companies across the world. Money keeps coming in.
Legal actions take time. Years. Sometimes decades.
The software, when it isn't bricking computers, is actually pretty good.
This could equally have been caused by any other software running at ring 0. That's most antivirus software and most drivers. Drivers caused BSODs all the time - the difference here is only one of scale and timing. And, as it turns out, some pretty terrible quality control, test processes and release scheduling - and that is likely to be the focus of many of the legal actions.
Your reference to a hacker is spurious - deliberate vs accidental is a major distinction. As is cause and effect - Microsoft can be seen as equally to blame for allowing software to run at ring 0 and allowing this to happen.
Plenty of people are talking about how they did get sued and it’s working itself out.
If you believe that crowdstrike is a normal company doing security then the fact that most of their customers stuck with them after the event shows they’re doing something right.
If you believe crowdstrike is a natsec cutout then it won’t matter if they get sued.
Crowdstrike: If you sue us, we won't provide you with security anymore
Big companies: :(
(This is just satire)
