2020

CrowdStrike effectively bricked windows, Mac and Linux today.

Windows machines won’t boot, and Mac and Linux work is abandoned because all their users are on twitter making memes.

Incredible work.

you are viewing a single comment's thread
view the rest of the comments
[-] captain_aggravated@sh.itjust.works 68 points 3 months ago

Crowdstrike is a cybersecurity company that makes security software for Windows. It apparently operates at the kernel-level, so it's running in the critical path of the OS. So if their software crashes, it takes Windows down with it.

This is very popular software. Many large entities including fortune 500 companies, transport authorities, hospitals etc. use this software.

They pushed a bad update which caused their software to crash, which took Windows down with it on an extremely large number of machines worldwide.

Hilariously bad.

[-] ipkpjersi@lemmy.ml 16 points 3 months ago

Honestly it is kind of hilarious, with how many people I have had make fun of me for using Linux, and now here I am laughing from my Linux desktop lol

[-] Vittelius@feddit.de 9 points 3 months ago* (last edited 3 months ago)

Sure, this time it only affected Windows computers, but Crowdstrike has also broken Linux installs this year:

https://stackdiary.com/crowdstrike-took-down-debian-and-rocky-linux-a-few-months-ago-and-no-one-noticed/

[-] ipkpjersi@lemmy.ml 1 points 3 months ago

Sure but I'm not using their software. I'm careful about what I allow to have kernel access on my machines.

[-] smb@lemmy.ml 1 points 3 months ago

most Linux "Users" would'nt be that stupid. it nearly always takes a noob in a CEO position (okay, just saying CEO is sufficient here) to blindly trust malware distributers and their ads.

[-] danc4498@lemmy.world 9 points 3 months ago

So, do all windows machines use this, or do you have to add this software?

[-] captain_aggravated@sh.itjust.works 19 points 3 months ago

It's separate software; CrowdStrike is independent from Microsoft and it isn't a default component of Windows.

[-] danc4498@lemmy.world 12 points 3 months ago

It’s interesting that Microsoft is getting a lot of flack from this.

[-] AustNerevar@lemmy.world 11 points 3 months ago

Yeah, this isn't really the fault of windows.

[-] cqst@lemmy.blahaj.zone 19 points 3 months ago

Windows normalized running third party software as kernel level code.

[-] rottingleaf@lemmy.world 10 points 3 months ago* (last edited 3 months ago)

Third parties love their trojans just being treated as normal way of life.

"Anti-cheats" instead of not being imbeciles while designing protocols for multiplayer, "anti-viruses" which need to run kernel-level and download databases with executable code, video drivers which just can't be packaged with Windows.

One thing I've realized is that large parts of social structure are dependent on cheating. We all want to cheat, so we all agree to a system where cheating is possible, but pretend it's not happening until someone gets caught and then just behave as if nothing happened.

One necessary part of someone's upbringing is honesty. There's an amazingly deep moment in LOTR where Eomer says that Rohirrim don't lie, so they are not easily deceived.

This is not a poetic device. This is how it works. Ponzi schemes usually target people who think they are smarter and more cunning and will gain something from them. And rigged security systems work because most of participants think they are the ones who may at some point abuse those systems, but most of them are the ones becoming eventually victims of such abuse.

[-] EuroNutellaMan@lemmy.world 2 points 3 months ago

I think it's much simpler: people don't know what they're doing, while CEOs want to make more money so don't do appropriate (expensive) practices.

[-] rottingleaf@lemmy.world 0 points 3 months ago

I know it's not simpler because I've tested it in society a few times.

Also if you'd familiarized yourself with, as I said, the ways large-scale scams work, you'd notice this pattern too.

And propaganda.

And it's a common pattern in movies that the "good guys" can "hack" something or do something the shady way, and normies really do think that they'd be more comfortable with having that possibility. They see good secure systems as some kind of digital police state and don't understand that the existing world is much closer to that.

I'm not impartial, of course, my interest in these parts of human psychology comes from studying Nazi Germany, Armenian Genocide, trying to understand why Russian society is as it is and how to fix it, same for Armenian society, and, ahem, engaging in discussions about corruption with people benefiting from it.

In the latter case I was intentionally disallowing all aggressive emotions from my side and such and pretending to be naive and that we are all interested in a better world, and explaining how one can create systems where corrupt people don't multiply like cockroaches, and also arguing from the position of us all willing to solve problems allowing corruption and bendable rules to exist, and noting how stupid it is that someone absolutely unskilled in anything useful can benefit solely from occupying a right place, and that such critical points should be removed. Made them utterly furious and some other people, whom I considered kinda honest, rather unsympathetic to me.

[-] Dashi@lemmy.world 4 points 3 months ago

If there is any software you want running at kernel though it is your AV. Not saying Spotify has a reason for running at kernel though.... But running AV at kernel in theory is a better way to protect the machine and you.

[-] hondacivic@lem.sabross.xyz 12 points 3 months ago

It seems to be an enterprise product, meaning normal users might not have been affected. I wouldn't personnaly be able to confirm since I usually have 1-2 month uptime on my windows machine.

[-] Gestrid@lemmy.ca 1 points 3 months ago

Their computers may not be affected, but their everyday lives might be. Some of the affected services include 911, stoplights, banks, hospitals, and a whole other smorgasbord of stuff.

[-] tyler@programming.dev 1 points 3 months ago

It’s a general security solution. They run on Mac and Linux as well. It just happened that crowdstrike only released the broken update for windows.

[-] tyler@programming.dev 2 points 3 months ago

They make security software for every OS. My company has it running on our Macs, and Linux servers as well. It just happened to only break windows because that’s what they released the update for.

[-] Abnorc@lemm.ee 1 points 3 months ago

I was puzzled since my work continued on as usual. I guess my company doesn't use it.

[-] smb@lemmy.ml 1 points 3 months ago

This is very popular software.

if that's a "good" argument for you, then i've already heared that, and it nearly never really fits. here is another one for you that is an argument as generic as yours: "maybe try eating poo, trillions of flies cannot be wrong, poo is VERY popular food, much more popular than any human food !!! (as in mass per day as well as in its number of consumers)"

[-] captain_aggravated@sh.itjust.works 2 points 3 months ago

I wasn't making a case for adopting this software. Just pointing out that it is widely used, which is why it had such a wide effect.

I think you'll find most corporations would jump off a bridge if they saw their competitors jump.

[-] smb@lemmy.ml 1 points 3 months ago

so i misunderstood. sry then.

and yes, every company running an alltime-ever-in-news-due-to-critical-exploitable-bugs-in-the-mailclient already IS in freefall after that said jump.

this post was submitted on 19 Jul 2024
2020 points (99.1% liked)

linuxmemes

21222 readers
84 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.

  • Please report posts and comments that break these rules!

    founded 1 year ago
    MODERATORS