To avoid such issues in the future, CrowdStrike should prioritize rigorous testing across all supported configurations.
Bold of them to assume there's a future after a gazillion off incoming lawsuits.
this post was submitted on 22 Jul 2024
390 points (97.8% liked)
Technology
68567 readers
4521 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
They mean after Crowdstrike gets sold, the new company promises a more rigorous QA, and quietly rebrands it.
Slorp is now Bonto!
Cloudstrike, wait no!
What are you doing Counterstrike
I think you mean after they sell their assets to a new company. Leave the lawsuits with the old company who will shut down.
Additionally, organizations should approach CrowdStrike updates with caution
We would if we were able to control their "deployable content".
I read on another thread that an admin was emulating a testing environment by blocking CrowdStrike IPs on their firewall for the whole network before each update, with the exception of a couple machines. It's stupid that he has to do this but hey, his network was unaffected
Serious question, can you not? There isn't an option to...like...set a review system first?
For antivirus definitions? No, and you wouldn’t want to.
But it sounds like this added files / drivers or something, not just antivirus rules?
We would if we were able to control their “deployable content”.
Minimum safe distance.
But I've read so many posts on here about how Linux is flawless!
not sure if you're being sarcastic, but if anything this news paints linux deployment in an even better light.
This is good for Bitcoin
Are you shocked that bad software can crash multiple operating systems or something?
Nah, but there were some Linux evangelists claiming this couldn't possibly happen to Linux and it only happened to Windows because Windows is bad. And it was your own fault for getting this BSOD if you're still running Windows.
And sure, Windows bad and all, but this one wasn't really Microsofts fault.
The sane ones of us know well that a faulty driver is a faulty driver, but! Linux culture is different. Which is why this happened so spectacularly with Windows. EDIT: and not with Linux
Well, ever heard freeBSD?
Yeah, it supports kernel modules, so is also vulnerable to bad third party kernel code.
🤔if nobody makes a third party kernel module, then there is still no risk
Security through apathy!
Also, even if they do, you can choose to not load it.
It amused me that so many people had this installed, but had no idea what it was for.
if they dont know the boot sequence is a thing maybe their opinion on this doesnt really matter 🤷🏼
Companies don't really use Debian or Rocky in widescale production because they have no support.
Now red hat or ubuntu is a different matter.
Honestly though this does point out that this is a pattern of behavior on crowdstrikes part. This should have been the canary in the coalmine.
We actually use rocky and I think Debian at work for servers. We are currently migrating away from EOL centos .
In April, a CrowdStrike update caused all Debian Linux servers in a civic tech lab to crash simultaneously and refuse to boot.
And then, you boot their servers from a Linux Live USB, run TimeShift to restore the last system snapshot, refuse the latest patch from Cloudstrike and they all lived happily ever after.
None of these things are used in actual server operations.
And it's not much more difficult to fix on Windows, except for the scale of the problem.
Because Linux sysadmins know to test a fucking update before applying to the whole company
I recently learned that this is the same company that gave us the bs Russia Gate.
So who do you think hacked the DNC and got their emails, then? Is it the same people who hacked the RNC but didn't leak the emails? What makes you more qualified than CrowdStrike on this?
U.S. intelligence officials cannot make definitive conclusions about the hacking of the Democratic National Committee computer servers because they did not analyze those servers themselves. Instead, they relied on the forensics of CrowdStrike, a private contractor for the DNC that was not a neutral party, much as “Russian dossier” compiler Christopher Steele, also a DNC contractor, was not a neutral party. This puts two Democrat-hired contractors squarely behind underlying allegations in the affair – a key circumstance that Mueller ignores.