Forwarded from HN Best Comments
Re: Crowdstrike Update: Windows Bluescreen and Boot Lo...
Took down our entire emergency department as we were treating a heart attack. 911 down for our state too. Nowhere for people to be diverted to because the other nearby hospitals are down. Hard to imagine how many millions of not billions of dollars this one bad update caused.
jmcgough, 2 hours ago
Took down our entire emergency department as we were treating a heart attack. 911 down for our state too. Nowhere for people to be diverted to because the other nearby hospitals are down. Hard to imagine how many millions of not billions of dollars this one bad update caused.
jmcgough, 2 hours ago
👍2🤡1
Forwarded from HN Best Comments
Re: Crowdstrike Update: Windows Bluescreen and Boot Lo...
The details (the particular companies / systems etc) of this global incident don't really matter.
When the entire society and economy are being digitized AND that digitisation is controlled and passes through a handful of choke points its an invitation to major disaster.
It is risk management 101, never put all your digital eggs in one (or even a few) baskets.
The love affair with oligopoly, cornered markets and power concentration (which creates abnormal returns for a select few) is priming the rest of us for major disasters.
As a rule of thumb there should be at least ten alternatives in any diversified set of critical infrastructure service providers, all of them instantly replaceable / forced to provide interoperability...
Some truths will hit you in the face again and again until you acknowledge the nature of reality.
openrisk, 1 hour ago
The details (the particular companies / systems etc) of this global incident don't really matter.
When the entire society and economy are being digitized AND that digitisation is controlled and passes through a handful of choke points its an invitation to major disaster.
It is risk management 101, never put all your digital eggs in one (or even a few) baskets.
The love affair with oligopoly, cornered markets and power concentration (which creates abnormal returns for a select few) is priming the rest of us for major disasters.
As a rule of thumb there should be at least ten alternatives in any diversified set of critical infrastructure service providers, all of them instantly replaceable / forced to provide interoperability...
Some truths will hit you in the face again and again until you acknowledge the nature of reality.
openrisk, 1 hour ago
👍6👎1
Forwarded from HN Best Comments
Re: Crowdstrike Update: Windows Bluescreen and Boot Lo...
So CrowdStrike is deployed as third party software into the critical path of mission critical systems and then left to update itself. It's easy to blame CrowdStrike but that seems too easy on both the orgs that do this but also the upstream forces that compel them to do it.
My org which does mission critical healthcare just deployed ZScaler on every computer which is now in the critical path of every computer starting up and then in the critical path of every network connection the computer makes. The risk of ZScaler being a central point of failure is not considered. But - the risk of failing the compliance checkbox it satisfies is paramount.
All over the place I'm seeing checkbox compliance being prioritised above actual real risks from how the compliance is implemented. Orgs are doing this because they are more scared of failing an audit than they are of the consequences failure of the underlying systems the audits are supposed to be protecting. So we need to hold regulatory bodies accountable as well - when they frame regulation such that organisations are cornered into this they get to be part of the culpability here too.
zmmmmm, 58 minutes ago
So CrowdStrike is deployed as third party software into the critical path of mission critical systems and then left to update itself. It's easy to blame CrowdStrike but that seems too easy on both the orgs that do this but also the upstream forces that compel them to do it.
My org which does mission critical healthcare just deployed ZScaler on every computer which is now in the critical path of every computer starting up and then in the critical path of every network connection the computer makes. The risk of ZScaler being a central point of failure is not considered. But - the risk of failing the compliance checkbox it satisfies is paramount.
All over the place I'm seeing checkbox compliance being prioritised above actual real risks from how the compliance is implemented. Orgs are doing this because they are more scared of failing an audit than they are of the consequences failure of the underlying systems the audits are supposed to be protecting. So we need to hold regulatory bodies accountable as well - when they frame regulation such that organisations are cornered into this they get to be part of the culpability here too.
zmmmmm, 58 minutes ago
👍7
Forwarded from HN Best Comments
Re: Crowdstrike Update: Windows Bluescreen and Boot Lo...
Crowdstrike did this to our production linux fleet back on April 19th, and I've been dying to rant about it.
The short version was: we're a civic tech lab, so we have a bunch of different production websites made at different times on different infrastructure. We run Crowdstrike provided by our enterprise. Crowdstrike pushed an update on a Friday evening that was incompatible with up-to-date Debian stable. So we patched Debian as usual, everything was fine for a week, and then all of our servers across multiple websites and cloud hosts simultaneously hard crashed and refused to boot.
When we connected one of the disks to a new machine and checked the logs, Crowdstrike looked like a culprit, so we manually deleted it, the machine booted, tried reinstalling it and the machine immediately crashes again. OK, let's file a support ticket and get an engineer on the line.
Crowdstrike took a day to respond, and then asked for a bunch more proof (beyond the above) that it was their fault. They acknowledged the bug a day later, and weeks later had a root cause analysis that they didn't cover our scenario (Debian stable running version n-1, I think, which is a supported configuration) in their test matrix. In our own post mortem there was no real ability to prevent the same thing from happening again -- "we push software to your machines any time we want, whether or not it's urgent, without testing it" seems to be core to the model, particularly if you're a small IT part of a large enterprise. What they're selling to the enterprise is exactly that they'll do that.
JackC, 1 hour ago
Crowdstrike did this to our production linux fleet back on April 19th, and I've been dying to rant about it.
The short version was: we're a civic tech lab, so we have a bunch of different production websites made at different times on different infrastructure. We run Crowdstrike provided by our enterprise. Crowdstrike pushed an update on a Friday evening that was incompatible with up-to-date Debian stable. So we patched Debian as usual, everything was fine for a week, and then all of our servers across multiple websites and cloud hosts simultaneously hard crashed and refused to boot.
When we connected one of the disks to a new machine and checked the logs, Crowdstrike looked like a culprit, so we manually deleted it, the machine booted, tried reinstalling it and the machine immediately crashes again. OK, let's file a support ticket and get an engineer on the line.
Crowdstrike took a day to respond, and then asked for a bunch more proof (beyond the above) that it was their fault. They acknowledged the bug a day later, and weeks later had a root cause analysis that they didn't cover our scenario (Debian stable running version n-1, I think, which is a supported configuration) in their test matrix. In our own post mortem there was no real ability to prevent the same thing from happening again -- "we push software to your machines any time we want, whether or not it's urgent, without testing it" seems to be core to the model, particularly if you're a small IT part of a large enterprise. What they're selling to the enterprise is exactly that they'll do that.
JackC, 1 hour ago
👍3
Forwarded from HN Best Comments
Re: Crowdstrike Update: Windows Bluescreen and Boot Lo...
Read on Mastodon: https://infosec.exchange/@littlealex/112813425122476301
The CEO of Crowdstrike, George Kurtz, was the CTO of McAfee back in 2010 when it sent out a bad update and caused similar issues worldwide.
If at first you don't succeed, .... ;-) j/k
1024core, 4 hours ago
Read on Mastodon: https://infosec.exchange/@littlealex/112813425122476301
The CEO of Crowdstrike, George Kurtz, was the CTO of McAfee back in 2010 when it sent out a bad update and caused similar issues worldwide.
If at first you don't succeed, .... ;-) j/k
1024core, 4 hours ago
Infosec Exchange
LittleAlex (@littlealex@infosec.exchange)
Too funny: In 2010 McAffe caused a global IT meltdown due to a faulty update. CTO at this time was George Kurtz. Now he is CEO of #crowdstrike
https://www.zdnet.com/article/defective-mcafee-update-causes-worldwide-meltdown-of-xp-pcs/
https://www.zdnet.com/article/defective-mcafee-update-causes-worldwide-meltdown-of-xp-pcs/
😁8👍1
https://dev.ua/news/lift-1721227854
Ух сукаааа
Ух сукаааа
dev.ua
Айтівці розробили рішення вартістю від 5000 грн, щоби мешканці одного з київських ЖК більше не застрягали в ліфтах. Як працює ноу…
Під час знеструмлень висотних житлових будинків однією з найпоширеніших проблем є застрягання їхніх мешканців у ліфтах. Хтось намагається користуватися ліфтами лише в ті періоди, коли відключення не прогнозуються. Хтось відмовився від користування ліфтами…
🤡5👍3😁1
>Небінарні айтівці розробили рішення вартістю від 5000 грн, щоби мешканці одного з київських ЖК більше не застрягали в ліфтах
>Андрій, які працюють фрилансерами в ІТ із 17 років, розповіли, що прийшли до цього рішення, коли спостерігали за відключеннями в будинку своїх знайомих
>Андрій, які працюють фрилансерами в ІТ із 17 років, розповіли, що прийшли до цього рішення, коли спостерігали за відключеннями в будинку своїх знайомих
🤡5🤣3🤪1
Forwarded from In Factum
Media is too big
VIEW IN TELEGRAM
Бійці РУБпАК "Khorne Group" закустарили вибухівку з 200 кілограм пластиду та водню і доставили її наземним дроном до позицій росіян на Агрегатному заводі у Вовчанську.
ℹ️ В нещодавньому інтерв'ю командувач Сил безпілотних систем Вадим Сухаревський казав про так званий "феномен українства", коли український солдат з підручних засобів може створити зброю, яка вбиває ворога.
На відео це воно і є.
Фактично підрозділ аеророзвідки власними силами зміг провести операцію, для забезпечення якої в західних арміях знадобилося використати авіаційну бомбу або ракету.
Що таке скинути бомбу на позицію, крім економічної вартості самої бомби?
Додайте сюди технічні моменти включно з обслуговуванням літака + паливо, + потенційний ризик втрати літака разом з пілотом.
І ви зрозумієте, що я маю на увазі.
In Factum | Support channel | Чат
На відео це воно і є.
Фактично підрозділ аеророзвідки власними силами зміг провести операцію, для забезпечення якої в західних арміях знадобилося використати авіаційну бомбу або ракету.
Що таке скинути бомбу на позицію, крім економічної вартості самої бомби?
Додайте сюди технічні моменти включно з обслуговуванням літака + паливо, + потенційний ризик втрати літака разом з пілотом.
І ви зрозумієте, що я маю на увазі.
In Factum | Support channel | Чат
Please open Telegram to view this post
VIEW IN TELEGRAM
👍8