New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
CrowdStrike update caused BSOD on hospitals, banks, servers worldwide
This discussion has been closed.
Comments
Not crashing when reading a malformed av definitions file would've prevented it all amusingly. Seeing reports that the actual definitions update file was all zeros
noob intern.
Doubt it, I'd guess something went wrong writing the definitions file (or whatever you want to call it) and there's no check before pushing that out. Combine that with the fact that you want your av to always be on top of the latest threats so you corporations can't stage the new updates in their environment and the fact that it's all so low level, it's quite unfortunate.
I love that some of the bad things that I know I sometimes do as a dev for a small company, a leading IT security firm with thousands of employees do too😆
We're all human
Pressure to move fast with ever growing complexity and stagnating team sizes doesn't help
Code and data should be separate.
Updating data (virus pattern strings) - minimal scrutiny.
Updating code (engine executable, systemd unit, kmods) - must test in staging.
Bloat? Wtf? You don't appear to have any understanding of the issue. This has absolutely nothing to do with bloat.
The real problem are fuck face virus makers and malicious actors. Without them, we could all run without antivirus scanning eating up CPU performance. Every antivirus maker has had BSOD issues as they try and make sure nothing can slip by them. Malware Bytes have had at least two hardcore BSOD fuckups over the years. Same with all the major vendors.
Secondly, this is a QA process fuckup by CrowdStrike. Not just because of the lack of testing, or the Friday forced roll-out, but also the driver wasn't even proper so they really skipped some important QA steps. Anyone in QA is cringing on how bad this didn't follow basic QA processes. If you work in QA, you're well aware your goal in life is to prevent bricking devices and causing truck rolls.
People who don't have a fucking clue should stop posting about shit they know nothing about.
Indeed, they are separate in this case. The data update triggered the bug in the code. Gaps in testing with broken data it seems
... says the clueless know-everything in charge - as usual.
Well, I have some decades in software development under the belt, small projects to large projects, small companies to international corporations, diverse languages, C, Ada, Python, and others.
How about you?
Just one typical clueless idiot statement as an example:
Do yourself a favour and shut up when adults talk.
Sadly that's not just funny. One very major reason: Remember the times (not that long ago) when companies did their best to design and build the best product they were capable of and workers, engineers, etc. refused to build crap? Nowadays pretty much all mid-size and large companies/corporations are but "shareholder value" profit maximizing shitholes. The products they build are but a cumbersome necessity in order to create revenue and their main focus is on saving 2 cents here and another cent there. The result: shabby products. And in IT, ask developers in pretty much any software company, the pressure almost never is quality and safety but new features in order to get upgrade orders in and to keep the money wheel turning. Add to that the fact that development, especially with the younger generations, more often than not means "grab some code from github or, if needed from another shitty company and write glue code".
For the sake of fairness: we (as in "we the people") are guilty too because we "eat" the crap they serve and sadly the majority even wants ever new features and values that higher than quality.
I'm sorry to say that, I really am, but they managed and succeeded in dumbing the people down and now they do not even understand that, just one but an important example, the media does not work for the readers/viewers but rather for the advertisers.
Your countries make bad thing yourselves very successfully. Just recall "dieselgate" or now "boeinggate". Russians not involved into your internal problems.
Manipulating facts to incite hatred is illegal in all civilized countries. You're doing exactly that, so you're a criminal under all laws.
https://x.com/christian_tail/status/1814299095261147448
I've said this elsewhere.. Efficient code is long dead.. Computer systems are faster and have more memory than they used to, which does a good job at hiding bloated, inefficient code. When the code is bad enough it becomes very obvious, the 'solution' is to get faster computers with more memory, not to actually fix the code..
No company company wants good, they want cheap and they want now. Plus, more bugs means more money on service contracts fixing bugs. AKA companies don't pay for "good".
Writing good, efficient code stopped a long time ago.
Nope. USA legal standard is incitement of imminent violence, not hatred (whatever that means).
Happy International Blue Screen Day 😀
It affected us at Microsoft Hard.
(On-site critical dc tech here)
I wonder why so many Windows users have CrowdStrike things installed, or it's pre-installed with Windows itself? (I didn't use Windows for a long time)
What purpose that sys file (sounds like a kernel module in Windows world) causing BSOD for?
Perhaps the newbie intern is a hacker in disguise. Just to create some motions in global stock markets.
Because they pay for it...
Groups that pay for CrowdStrike, will have it installed. Unfortunately the groups that pay for it, pay for it to 'protect' expensive systems.
I'm losing millionsss
Crazy. A supermarket chain here also just closed for the day due to this, since their cash system didn't work.
My dentist is still rocking Windows XP, so he's safe I guess lol
Users (as private individuals) don't have CrowdStrike's Falcon platform installed. The company primarily serves the corporate world.
What is stunning, that cs probably will give 10% one time discount for renewal for this shot and that’s it. Because there is no better alternative. Monopoly. Enjoy!
For the sake of fairness: we (as in "we the people") are guilty too because we "eat" the crap they serve and sadly the majority even wants ever new features and values that higher than quality.
I'm sorry to say that, I really am, but they managed and succeeded in dumbing the people down and now they do not even understand that, just one but an important example, the media does not work for the readers/viewers but rather for the advertisers.
Yes, true, we share the same thoughts on the matter.
No company company wants good, they want cheap and they want now. Plus, more bugs means more money on service contracts fixing bugs. AKA companies don't pay for "good".
Writing good, efficient code stopped a long time ago.
Also true, who the heck wants to optimize now days? rather then spending 3 more MO on a code / product all just rush it out so they can beat the competition. It is a game of Speed rather then a game of Quality.
It's still going strong in some places, but it's not something you'll see in some SaaS start up. But I'm not convinced it's as awful as you make out. Efficient code3 isn't always good code and in a lot of places you can afford to take a couple ms hit or use a little bit more memory in favour of a simpler easier to understand solution. Developers who prematurely optimise code in cold paths, are a nightmare to work with, just have the discipline to test the performance of your code and optimise where you need to.
Crazy efficient services survive, they have to in things like HFT trading systems, FIX gateways etc, but it's also not the be all and end all it once was when resources were so scarce.
You're right though, pressure from above is one of the greatest impacts on code quality. Speed is killing discipline and leads to corners being cut. Move fast and break things became a bit too popular
What if there is a latency problem that is pushing the boundary of hardware limits?
We already have the best hardware and we need to shave off 0.5ms of latency in an industrial control / remote driving / safety critical application.
The only way is to write more efficient code.
A lot of interruption for the business and corporate systems!
Sounds so ridiculous
Interesting that most of groups in "the corporate world" just stop thinking (rich but stupid? I doubt if they really know what is "security") and brain-washed by these so-called big company / brand, mostly these "security" softwares never protect anything, on the contrary I can image that they hook bunch of Ring0 API inside your system only for monitoring meaningless thing, reducing performance and attracting bad unstable factor and risk. It brings much more trouble than protects something.
They are just rich and stupid
Not necessarily, large corporations have to satisfy many stakeholders, which could be the board, shareholders, regulators, employees, and clients. Especially in finance, you often have to meet the requirements of multiple regulators simultaneously, which may include using this type of endpoint protection.
These solutions indeed cause performance issues and can create more problems than they solve, but if you want a government contract, you might not have any choice. A lot of these companies certainly know security and aren't stupid but there's a lot more to it than that.