OT: Hurricanes Lounge XLV: Y2K Twenty-Four Years Later

Status
Not open for further replies.

Navin R Slavin

Fifth line center
Jan 1, 2011
16,384
64,891
Durrm NC
Anyone get caught in this Crowdstrike/Bluescreen of Death situation today?
I was at LaGuardia. Am finally on a plane, 5 hours late.

Here's a pic I took of the IT guys with the crash cart at our gate:
 

Attachments

  • IMG_20240719_123413.jpg
    IMG_20240719_123413.jpg
    232.8 KB · Views: 5

Boom Boom Apathy

I am the Professor. Deal with it!
Sep 6, 2006
49,584
103,174
Anyone get caught in this Crowdstrike/Bluescreen of Death situation today?
As a side note, I was at Watkins Glen International Race Track for the IMSA 6 hours at the Glen. George Kurtz (Crowdstrike CEO) was driving one of the cars in the race and basically punted a car in front of him into the wall.

Not sure it was George's fault though as the other guy (in a lower class) seemed to be purposely blocking him and when they have 4 classes of cars, usually the slower cars don't block the faster cars.
 
  • Like
Reactions: VaCaps Fan

Blueline Bomber

AI Generated Minnesota Wild
Sponsor
Oct 31, 2007
41,200
49,140
I’m on vacation in the Caribbean watching all the group Teams messages coming through about how all my colleagues machines are bricked.

Now ask them how many were actually bricked and how many just took the opportunity to not work for a day. Because I know a lot of people just found a picture of a blue-screened PC online, sent it to their boss and said “Whelp, guess I got caught in this mess too!”
 

Navin R Slavin

Fifth line center
Jan 1, 2011
16,384
64,891
Durrm NC
After spending 34 years in the tech industry, today makes me glad I'm retired.

Although I think Hank is retired as well and still had to deal with it at the airport.
Well, I had nothing better to do, so I learned all about it as I sat watching our flight time slip later and later.

The basic problem is that no one, ever, should allow a third party vendor to update the OS kernel directly without first testing the update in a staging environment. It's absurdly bad practice, especially for mission critical environments.

Unfortunately, Crowdstrike succeeded in not only convincing enterprise customers the world over that they could be trusted with this power, but also scaring those same customers into thinking that if they ever got a virus and didn't have Crowdstrike, they'd be fired for it. So they basically managed to achieve regulatory capture for their shitty rootkit kernel extension.

On top of all that, it turns out that there have been suspiciously familiar kernel panics around Falcon for the past couple of months in Linux land -- but because Linux admins as a rule don't just let third parties roll shit out randomly to their systems, and because no one really gives a shit about Crowdstrike on the Linux side anyway because it's basically a checkbox and not actually useful, no one ever noticed and raised the alarm on the Windows side.

The fact that a Crowdstrike kernel developer could introduce a memory paging error that completely breaks the boot loader, and have that error go through AN ENTIRE QA ORGANIZATION without being caught, not once, but multiple times on multiple OSes, and then be deployed, not in any kind of rolling green/blue deployment, but ALL AT ONCE, ALL OVER THE GLOBE, ON A FRIDAY, is an *absolute f***ing travesty*. Astonishing incompetence.

The CEO, the CIO, and the entire engineering management team should be sacked. I'm shocked that their stock only took an 11% haircut.

Some idiots on the street are saying "Crowdstrike is a great buy opportunity!" Maybe, but only if they clean house. They did years of damage to their brand today.

People will die because of this.
 

Unhinged Finn

Skunk is my spirit animal
May 1, 2022
893
3,529
Well, I had nothing better to do, so I learned all about it as I sat watching our flight time slip later and later.

The basic problem is that no one, ever, should allow a third party vendor to update the OS kernel directly without first testing the update in a staging environment. It's absurdly bad practice, especially for mission critical environments.

Unfortunately, Crowdstrike succeeded in not only convincing enterprise customers the world over that they could be trusted with this power, but also scaring those same customers into thinking that if they ever got a virus and didn't have Crowdstrike, they'd be fired for it. So they basically managed to achieve regulatory capture for their shitty rootkit kernel extension.

On top of all that, it turns out that there have been suspiciously familiar kernel panics around Falcon for the past couple of months in Linux land -- but because Linux admins as a rule don't just let third parties roll shit out randomly to their systems, and because no one really gives a shit about Crowdstrike on the Linux side anyway because it's basically a checkbox and not actually useful, no one ever noticed and raised the alarm on the Windows side.

The fact that a Crowdstrike kernel developer could introduce a memory paging error that completely breaks the boot loader, and have that error go through AN ENTIRE QA ORGANIZATION without being caught, not once, but multiple times on multiple OSes, and then be deployed, not in any kind of rolling green/blue deployment, but ALL AT ONCE, ALL OVER THE GLOBE, ON A FRIDAY, is an *absolute f***ing travesty*. Astonishing incompetence.

The CEO, the CIO, and the entire engineering management team should be sacked. I'm shocked that their stock only took an 11% haircut.

Some idiots on the street are saying "Crowdstrike is a great buy opportunity!" Maybe, but only if they clean house. They did years of damage to their brand today.

People will die because of this.
So basically they pulled a Costa Concordia with computers.
 
  • Like
Reactions: VaCaps Fan

Blueline Bomber

AI Generated Minnesota Wild
Sponsor
Oct 31, 2007
41,200
49,140
So just in the past week alone, a former president (and current nominee for president) faces an assassination attempt, the current president catches a disease that ravaged the planet four years ago, and a good portion of the global infrastructure is shut off temporarily.

What the f***?
 
  • Like
Reactions: geehaad

Surrounded By Ahos

Las Vegas Desert Ducks Official Team Poster
May 24, 2008
27,319
85,257
Koko Miami
So just in the past week alone, a former president (and current nominee for president) faces an assassination attempt, the current president catches a disease that ravaged the planet four years ago, and a good portion of the global infrastructure is shut off temporarily.

What the f***?
As somebody else said in the last thread (I think), I'm tired of living in interesting times.
 

Stickpucker

Playmaka
Jan 18, 2014
16,539
40,248
Well, I had nothing better to do, so I learned all about it as I sat watching our flight time slip later and later.

The basic problem is that no one, ever, should allow a third party vendor to update the OS kernel directly without first testing the update in a staging environment. It's absurdly bad practice, especially for mission critical environments.

Unfortunately, Crowdstrike succeeded in not only convincing enterprise customers the world over that they could be trusted with this power, but also scaring those same customers into thinking that if they ever got a virus and didn't have Crowdstrike, they'd be fired for it. So they basically managed to achieve regulatory capture for their shitty rootkit kernel extension.

On top of all that, it turns out that there have been suspiciously familiar kernel panics around Falcon for the past couple of months in Linux land -- but because Linux admins as a rule don't just let third parties roll shit out randomly to their systems, and because no one really gives a shit about Crowdstrike on the Linux side anyway because it's basically a checkbox and not actually useful, no one ever noticed and raised the alarm on the Windows side.

The fact that a Crowdstrike kernel developer could introduce a memory paging error that completely breaks the boot loader, and have that error go through AN ENTIRE QA ORGANIZATION without being caught, not once, but multiple times on multiple OSes, and then be deployed, not in any kind of rolling green/blue deployment, but ALL AT ONCE, ALL OVER THE GLOBE, ON A FRIDAY, is an *absolute f***ing travesty*. Astonishing incompetence.

The CEO, the CIO, and the entire engineering management team should be sacked. I'm shocked that their stock only took an 11% haircut.

Some idiots on the street are saying "Crowdstrike is a great buy opportunity!" Maybe, but only if they clean house. They did years of damage to their brand today.

People will die because of this.
I work at a fortune 100 company and the sad reality is a point you made somewhere I'm too tired to bold....but audit and security compliance are given tons of power in large enterprises and use that power to scare executives with little knowledge into checking boxes they feel are a cya.

And how these dum dums deployed this...

they didn't even do the most cursory testing.

I don't know how the stock isn't in the shitter.

Off with their heads!!
 
Status
Not open for further replies.

Ad

Upcoming events

Ad

Ad