163 points

To avoid such issues in the future, CrowdStrike should prioritize rigorous testing across all supported configurations.

Bold of them to assume there’s a future after a gazillion off incoming lawsuits.

permalink
report
reply
79 points
*

I was listening to a podcast earlier, and they mentioned the fact that their legal liability may, in fact, be limited because of specific wording in most of their contracts.

In other words, they may actually get away with this in the short term. In the long-term, however, a lot of organizations and governments that were hit by this will be reevaluating their reliance on such monolithic tech solutions as crowdstrike, and even Microsoft.

So you may be right, but not for the reasons you think.

permalink
report
parent
reply
88 points

and even Microsoft

(x) doubt

They had decades to consider Microsoft a liability. Why start doing something about it now?

permalink
report
parent
reply
21 points

Because cybersecurity is becoming more of a priority. The US government has really put their attention on it in the last few years.

permalink
report
parent
reply
3 points

Literally lol’d. Thanks for that!

permalink
report
parent
reply
12 points

Contracts aren’t set in stone. Not only are those contracts modified before they are accepted by both parties, it’s difficult to limit liability when negligence is involved. CS is at worst going to be defending against those, at best defending against people dumping them ahead of schedule against their contracted term length.

permalink
report
parent
reply
-2 points

Oh so you can fire QA department, get absolutely destructive update to millions of systems across the globe and this gross negligence doesn’t matter because of magic words in a contract? I don’t think so.

permalink
report
parent
reply
4 points
*

That’s not what I said

permalink
report
parent
reply
35 points

They mean after Crowdstrike gets sold, the new company promises a more rigorous QA, and quietly rebrands it.

permalink
report
parent
reply
22 points

Slorp is now Bonto!

permalink
report
parent
reply
7 points

I think you mean after they sell their assets to a new company. Leave the lawsuits with the old company who will shut down.

permalink
report
parent
reply
6 points

Cloudstrike, wait no!

permalink
report
parent
reply
7 points

What are you doing Counterstrike

permalink
report
parent
reply
82 points

Additionally, organizations should approach CrowdStrike updates with caution

We would if we were able to control their “deployable content”.

permalink
report
reply
46 points
*

I read on another thread that an admin was emulating a testing environment by blocking CrowdStrike IPs on their firewall for the whole network before each update, with the exception of a couple machines. It’s stupid that he has to do this but hey, his network was unaffected

permalink
report
parent
reply
8 points

Serious question, can you not? There isn’t an option to…like…set a review system first?

permalink
report
parent
reply
16 points

For antivirus definitions? No, and you wouldn’t want to.

permalink
report
parent
reply
6 points

But it sounds like this added files / drivers or something, not just antivirus rules?

permalink
report
parent
reply
3 points

We would if we were able to control their “deployable content”.

Minimum safe distance.

permalink
report
parent
reply
78 points

But I’ve read so many posts on here about how Linux is flawless!

permalink
report
reply
50 points

not sure if you’re being sarcastic, but if anything this news paints linux deployment in an even better light.

permalink
report
parent
reply
14 points

This is good for Bitcoin

permalink
report
parent
reply
24 points

Are you shocked that bad software can crash multiple operating systems or something?

permalink
report
parent
reply

Nah, but there were some Linux evangelists claiming this couldn’t possibly happen to Linux and it only happened to Windows because Windows is bad. And it was your own fault for getting this BSOD if you’re still running Windows.

And sure, Windows bad and all, but this one wasn’t really Microsofts fault.

permalink
report
parent
reply
10 points
*

The sane ones of us know well that a faulty driver is a faulty driver, but! Linux culture is different. Which is why this happened so spectacularly with Windows. EDIT: and not with Linux

permalink
report
parent
reply
0 points

Well, ever heard freeBSD?

permalink
report
parent
reply
-6 points

if they dont know the boot sequence is a thing maybe their opinion on this doesnt really matter 🤷🏼

permalink
report
parent
reply
7 points

I’m not shocked at all, but there seems to be a very sizable number of people on Lemmy who think if people just used Linux there’d never be another problem or exploit again, which is ridiculous. Mac users used to feel the same way until the market share started to grow and all of the sudden you’re seeing news of serious exploits.

permalink
report
parent
reply
1 point
permalink
report
parent
reply
0 points

Haven’t you heard 4% market is captured by Linux , it’s the ONLY saviour os out there , windows users and macos users are idiots and all Lemmy Linux dudebros grandpa’s are using Linux without single problem. Despite the fact that each Linux had it’s own shell and there is no escape from terminal ( in 2024) if you even as try to use something more complicated. ;)

permalink
report
parent
reply
3 points

For almost every use case a normal user needs, there is a gui. You do not need the terminal.

permalink
report
parent
reply
-1 points
*

Tell me where to find executables for programs installed without using Terminal , a very very clickable task in windows

permalink
report
parent
reply
45 points

Companies don’t really use Debian or Rocky in widescale production because they have no support.

Now red hat or ubuntu is a different matter.

Honestly though this does point out that this is a pattern of behavior on crowdstrikes part. This should have been the canary in the coalmine.

permalink
report
reply
26 points

We actually use rocky and I think Debian at work for servers. We are currently migrating away from EOL centos .

permalink
report
parent
reply
22 points

A lot of companies use debian

permalink
report
parent
reply
8 points

We use Alma, which is basically Rocky. Before that, CentOS. Lots of people don’t need or want the expensive support contracts.

OSS support though donations and commits is the way to go unless you get value out of those contracts (we would not).

permalink
report
parent
reply
6 points
*

I don’t know about that. In the HPC space we use a lot of EL distros. Mainly Centos & now Rocky. Most of the nodes run the os in ram too. Though almost all those kind of systems have no internet connection and don’t use things like crowdstrike. I’ve worked for a few places where the only part of the company that used windows was the office staff eg accounting, hr, etc. everything else is/was using an EL distro or upstream of one eg Fedora. Those type of places usually don’t mess things like crowdstrike for a lot of different reasons eg the kind of data they’re processing and security requirements on that data.

permalink
report
parent
reply
11 points

In April, a CrowdStrike update caused all Debian Linux servers in a civic tech lab to crash simultaneously and refuse to boot.

And then, you boot their servers from a Linux Live USB, run TimeShift to restore the last system snapshot, refuse the latest patch from Cloudstrike and they all lived happily ever after.

permalink
report
reply
23 points

None of these things are used in actual server operations.

permalink
report
parent
reply
22 points

And it’s not much more difficult to fix on Windows, except for the scale of the problem.

permalink
report
parent
reply
12 points

Good luck doing that remotely. Which is the sole problem with this most recent CrowdStrike bug.

permalink
report
parent
reply
1 point

Anybody who doesn’t already have ipmi serial console access set up needs to put that on their list of acceptance criteria for remediation of this incident.

permalink
report
parent
reply
4 points

And on Windows you booted in safe mode and removed one file. What’s the point of your post?

permalink
report
parent
reply
2 points

boot their servers from a Linux live usb

If I ran a computer lab that wasn’t already net booted, I’d use this as the motivating factor to put that in place. Net booting to a repair image, or just reinstalling the whole OS either from scratch or a known good disk image, is where anybody who manages a fleet of computers should be.

There was a point in time where I had a pxe boot server vm set up on my laptop that I used to reload servers in our little row of racks at 365 main, because it let me quickly swap out the boot iso, and was faster than usb sticks were at the time.

permalink
report
parent
reply

Technology

!technology@lemmy.world

Create post

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


Community stats

  • 18K

    Monthly active users

  • 12K

    Posts

  • 553K

    Comments