Author Topic: Crowdstrike outage  (Read 6191 times)

Offline PlatinumGuy

  • Dansdeals Lifetime 10K Presidential Platinum Elite
  • *******
  • Join Date: Apr 2011
  • Posts: 15192
  • Total likes: 2493
  • DansDeals.com Hat Tips 11
    • View Profile
Re: Crowdstrike outage
« Reply #20 on: July 19, 2024, 10:10:22 AM »
Aside from the fact the strike was before the outage, the IAF already said they did track the drone but it was human error that issued the No Response.
I don't trust them. They have a strong incentive to mask their IT dependencies.

The timing is not quite right. The crowdstrike outage started after the attack was over.
Could have taken time to cascade downstream
Big (and shameful) if true. The only good news about that is that it wasn’t a cyberattack so they wouldn’t necessarily be able to time it next time.
Everything can be a cyber attack. They could be lying/misdiagnosing, or the human who made the mistake was paid to do so or his files tampered
״וזה כלל גדול: שישנא אדם כל דבר שקר. וכל מה שיוסיף שנאה לדרכי השקר – יוסיף אהבה לתורה.״ - אורחות צדיקים

Offline ah giten

  • Dansdeals Lifetime Platinum Elite
  • *******
  • Join Date: Oct 2015
  • Posts: 2040
  • Total likes: 419
  • DansDeals.com Hat Tips 6
    • View Profile
Re: AA full ground stop?
« Reply #21 on: July 19, 2024, 03:02:05 PM »
Pretty shocking that an update can make it out without smaller waves of testing first. Sounds like a few layers failed here.
DEI?

Online WayBackMachine

  • Dansdeals Platinum Elite + Lifetime Silver Elite
  • *****
  • Join Date: Sep 2022
  • Posts: 712
  • Total likes: 522
  • DansDeals.com Hat Tips 0
    • View Profile
Re: BSOD on startup - CrowdStrike Update mess-up
« Reply #22 on: July 19, 2024, 03:26:07 PM »
Quote
We are aware of a global issue caused by CrowdStrike that is affecting many services worldwide. Please note that this issue is not affecting Techloq or our services. If you are experiencing any disruptions, it is likely due to this external issue and not related to Techloq. We appreciate your understanding. For any Techloq-related inquiries or support, please contact our support team.
Guys stop blaming us for all your problems

Offline HudZ

  • Dansdeals Lifetime Platinum Elite
  • *******
  • Join Date: Nov 2019
  • Posts: 1988
  • Total likes: 1502
  • DansDeals.com Hat Tips 4
  • Gender: Male
    • View Profile
  • Location: Beis Medrash
  • Programs: Torah
Re: BSOD on startup - CrowdStrike Update mess-up
« Reply #23 on: July 19, 2024, 03:36:39 PM »
Guys stop blaming us for all your problems
You work for Techloq?

Online Euclid

  • Dansdeals Lifetime Presidential Platinum Elite
  • *********
  • Join Date: Jun 2010
  • Posts: 5356
  • Total likes: 6771
  • DansDeals.com Hat Tips 6
    • View Profile
Re: Crowdstrike outage
« Reply #24 on: July 19, 2024, 04:25:44 PM »

Online yelped

  • Dansdeals Lifetime 10K Presidential Platinum Elite
  • *******
  • Join Date: Mar 2015
  • Posts: 12504
  • Total likes: 5049
  • DansDeals.com Hat Tips 45
    • View Profile
Re: AA full ground stop?
« Reply #25 on: July 19, 2024, 05:05:55 PM »
DEI?
No lol. Would say summer intern, but no way they would have this kind of access. Most likely multiple failures led to this being released and released so widely.

Offline Dan

  • Administrator
  • Dansdeals Lifetime 50K Diamond Elite
  • **********
  • Join Date: May 2008
  • Posts: 70662
  • Total likes: 20190
  • DansDeals.com Hat Tips 16442
  • Gender: Male
    • View Profile
  • Location: CLE
  • Programs: UA GS, AA EXP, DL Dirt, Hyatt Glob, Fairmont Lifetime Plat, DD Diamond, Blocked By @NeriaKraus
Save your time, I don't answer PM. Post it in the forum and a dedicated DDF'er will get back to you as soon as possible.

Online Chuchum Ainer

  • Dansdeals Platinum Elite + Lifetime Gold Elite
  • ******
  • Join Date: Apr 2020
  • Posts: 764
  • Total likes: 411
  • DansDeals.com Hat Tips 1
    • View Profile
Re: Crowdstrike outage
« Reply #27 on: July 19, 2024, 05:25:26 PM »
The outage was Hashem's way of distracting from today's ICJ ruling.  Change my mind.

Online mevinyavin

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Sep 2022
  • Posts: 2920
  • Total likes: 3490
  • DansDeals.com Hat Tips 5
  • Gender: Male
    • View Profile
    • Laptop help/deal request template
  • Location: Yerushalayim
  • Programs: Windows 10 and 11 Home, Word/Excel/Publisher 2021, Wordweb, McGill English Dictionary of Rhyme, VLC, Torat Emet, 7-Zip, Lightshot, Calibre, FDM, FreeFileSync, Teracopy, Handbrake, Lightshot
Re: Crowdstrike outage
« Reply #28 on: July 21, 2024, 04:56:16 AM »


Quote from: ExGingi
Echo chambers are boring and don't contribute much to deeper thinking and understanding!

Online mevinyavin

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Sep 2022
  • Posts: 2920
  • Total likes: 3490
  • DansDeals.com Hat Tips 5
  • Gender: Male
    • View Profile
    • Laptop help/deal request template
  • Location: Yerushalayim
  • Programs: Windows 10 and 11 Home, Word/Excel/Publisher 2021, Wordweb, McGill English Dictionary of Rhyme, VLC, Torat Emet, 7-Zip, Lightshot, Calibre, FDM, FreeFileSync, Teracopy, Handbrake, Lightshot
Quote from: ExGingi
Echo chambers are boring and don't contribute much to deeper thinking and understanding!

Online mevinyavin

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Sep 2022
  • Posts: 2920
  • Total likes: 3490
  • DansDeals.com Hat Tips 5
  • Gender: Male
    • View Profile
    • Laptop help/deal request template
  • Location: Yerushalayim
  • Programs: Windows 10 and 11 Home, Word/Excel/Publisher 2021, Wordweb, McGill English Dictionary of Rhyme, VLC, Torat Emet, 7-Zip, Lightshot, Calibre, FDM, FreeFileSync, Teracopy, Handbrake, Lightshot
Re: Crowdstrike outage
« Reply #30 on: July 21, 2024, 05:29:37 AM »
https://www.techradar.com/computing/this-is-why-y2k24-was-so-much-worse-than-the-real-y2k

Quote
This is why Y2K24 was so much worse than the real Y2K
Opinion
By Lance Ulanoff published 16 hours ago
After the CloudStrike outage: Are we just one bad bit of code away from disaster?


 
We stockpiled, considered building bunkers, and generally prepared for the first tech apocalypse on January 1, 2000, like it might be the end of the world. But the original Y2K came and went and was nothing compared to Y2K24.

That’s what many have come to call the CrowdStrike outage that sparked a global tech calamity on an unprecedented scale.

The particulars, as we understand them, are this: cybersecurity firm CloudStrike delivered a bad bit of code to Windows host systems around the world that led to those Windows systems and servers crashing and blue screening across the globe. CloudStrike has thousands of customers, many of them in business, enterprise, government, travel, health, and more... the list goes on.

Travel was upended, health providers couldn’t serve patients, banks were unavailable, stock markets closed, and shipments stalled. Everything basically went to hell for most of July 19th, a day that will go down in history as the worst IT outage ever and our Y2K24.

I didn’t make up that term.

I spent most of Friday on TV explaining the outage and answering questions. Most revolved around how this could happen, but TV anchors were equally concerned with how we could prevent this from happening again.

The slow dawning recognition is that the interconnected world we thought we lived in 24 years ago is now real. We thought our globalized system with everything running on computers that had never been programmed to handle the change to the new millennium would doom us, but it turned out that we were missing one key ingredient: the cloud.

In 1999, there was no cloud computing with vast services being delivered to millions over the internet and often updated without knowledge, preparation, or consent.

Most business-level cloud services (sometimes known as Software as a Service or SaaS) do get consent and try to prepare clients. But when you’re trying to stay ahead of ever-changing threat factors, that can be difficult. Zero-day attacks mean you must deliver that update to clients now.

CloudStrike hasn’t fully revealed exactly what happened here and if this possibly bad code was security-related, or just a feature update. But there’s no question that this is the wake-up call we needed.

Our preparation for Y2K seemed almost silly in hindsight because virtually nothing happened. But here we are 24 hours after the biggest tech collapse in memory and some systems are still struggling to recover.

The roots of the global collapse are easy to trace. CloudStrike serves Windows host systems. Windows is still, by a wide margin, the most popular desktop OS (Statcounter has it at 72%). It’s like a global single point of failure. Windows had over 95% market share in 1998. It’s clear the missing component was a dominant cloud service with open-border code delivery to all those Windows systems (that not enough companies had sandboxes for incoming code is another issue).

If we don’t take mitigation steps now, like diversifying cloud-based providers beyond one dominant service, this will happen again. In some ways, we had a warning earlier this year when AT&T went down because of another code mistake. What’s worse is we saw how the knock-on effects can easily spread to other seemingly separate services.

In the case of CloudStrike, it cuts across so many industries that any time it has a significant failure, everything, and all of us are at risk.

Y2K was always real; it just took 24 years to arrive. I didn’t add this when talking to the anchors but maybe I should’ve: I have no idea how we prepare for the inevitable next global tech collapse.
Quote from: ExGingi
Echo chambers are boring and don't contribute much to deeper thinking and understanding!

Offline AsherO

  • Global Moderator
  • Dansdeals Lifetime 25K Presidential Platinum Elite
  • **********
  • Join Date: May 2008
  • Posts: 32093
  • Total likes: 8941
  • DansDeals.com Hat Tips 79
    • View Profile
  • Location: NYC
Re: Crowdstrike outage
« Reply #31 on: July 21, 2024, 08:18:37 AM »
https://www.neowin.net/news/microsoft-crowdstrikes-outage-affected-85-million-windows-pcs-worldwide/
(8.5 million, not 85 million)

A direct impact of 8.5m Windows hosts could indirectly impact many other systems that rely on those 8.5m, and many tens (hundreds?) of millions of people that consume the services of directly and indirectly affected systems.
DDF FFB (Forum From Birth)

Online mevinyavin

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Sep 2022
  • Posts: 2920
  • Total likes: 3490
  • DansDeals.com Hat Tips 5
  • Gender: Male
    • View Profile
    • Laptop help/deal request template
  • Location: Yerushalayim
  • Programs: Windows 10 and 11 Home, Word/Excel/Publisher 2021, Wordweb, McGill English Dictionary of Rhyme, VLC, Torat Emet, 7-Zip, Lightshot, Calibre, FDM, FreeFileSync, Teracopy, Handbrake, Lightshot
Re: Crowdstrike outage
« Reply #32 on: July 21, 2024, 08:46:04 AM »
A direct impact of 8.5m Windows hosts could indirectly impact many other systems that rely on those 8.5m, and many tens (hundreds?) of millions of people that consume the services of directly and indirectly affected systems.
Disproportionally affected corporate because it was a Cloudstrike problem, and only those types needed either Cloudstrike or something similar from the competition.

Quote
the broad economic and societal impacts observed yesterday reflect CrowdStrike's usage in several critical sectors, including 911 operations in the US, mass transit in NYC, banking in several countries, and health services in Israel. According to CrowdStrike's website, it serves over 298 of the Fortune 500 companies, 43 U.S. states, 6 of the top 10 healthcare providers, and 8 of the top 10 financial services firms.
Quote from: ExGingi
Echo chambers are boring and don't contribute much to deeper thinking and understanding!

Offline Alexsei

  • Dansdeals Lifetime Presidential Platinum Elite
  • *********
  • Join Date: Sep 2011
  • Posts: 6578
  • Total likes: 2404
  • DansDeals.com Hat Tips 5
    • View Profile
    • Travel & Kivrei Zadikim
  • Location: Truckistan
  • Programs: COVID-24
Re: Crowdstrike outage
« Reply #33 on: July 21, 2024, 08:57:44 AM »
Crowdstrike, which helped orchestrate the Trump-Russia hoax, is not to be trusted
http://www.dossier.today/p/crowdstrike-which-helped-orchestrate
TRUMP better coverage than 5G!

Offline skyguy918

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Mar 2011
  • Posts: 4113
  • Total likes: 892
  • DansDeals.com Hat Tips 1
  • Gender: Male
    • View Profile
  • Location: Queens, NY
Re: Crowdstrike outage
« Reply #34 on: July 21, 2024, 10:35:15 AM »
Crowdstrike, which helped orchestrate the Trump-Russia hoax, is not to be trusted
http://www.dossier.today/p/crowdstrike-which-helped-orchestrate
Lol. We need to find stupid conspiracy theories to say we can't trust them, instead of the admitted massive screw up they caused here, which is more than enough to not trust them going forward?

Online Euclid

  • Dansdeals Lifetime Presidential Platinum Elite
  • *********
  • Join Date: Jun 2010
  • Posts: 5356
  • Total likes: 6771
  • DansDeals.com Hat Tips 6
    • View Profile
Crowdstrike outage
« Reply #35 on: July 21, 2024, 11:28:52 AM »
Lol. We need to find stupid conspiracy theories to say we can't trust them, instead of the admitted massive screw up they caused here, which is more than enough to not trust them going forward?
Are you new here (or the general frum community)? Many members view everything in the world thru politics/conspiracy colored glasses.

Burnt chulent? DEI.
Traffic on the highway? Antifa.
Clothing doesn't fit? Anti semitism.

Online mevinyavin

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Sep 2022
  • Posts: 2920
  • Total likes: 3490
  • DansDeals.com Hat Tips 5
  • Gender: Male
    • View Profile
    • Laptop help/deal request template
  • Location: Yerushalayim
  • Programs: Windows 10 and 11 Home, Word/Excel/Publisher 2021, Wordweb, McGill English Dictionary of Rhyme, VLC, Torat Emet, 7-Zip, Lightshot, Calibre, FDM, FreeFileSync, Teracopy, Handbrake, Lightshot
Re: Crowdstrike outage
« Reply #36 on: July 21, 2024, 11:57:56 AM »
This is fun.
https://www.neowin.net/news/microsoft-points-finger-at-the-eu-for-not-being-able-to-lock-down-windows/

Quote
Microsoft agreed back in 2009 with the European Commission that it would give makers of security software the same level of access to Windows that Microsoft gets. This decision means security software vendors have a greater ability to muck up systems as CrowdStrike did this week when it crippled 8.5 million Windows PCs worldwide.

Quote
Microsoft is obligated to make available its APIs in its Windows Client and Server operating systems that are used by its security products to third-party security software makers. The document says that Microsoft has to also document the APIs on the Microsoft Developer Network except where they create security risks.

Giving security software vendors access to these APIs, while good for a level playing field, which is what the EU was concerned about, it's not great for security as we saw this week when CrowdStrike knocked very important machines offline causing chaos worldwide.

Ironically, while the EU was aiming to make things fair, Apple and Google which make macOS and ChromeOS are not bound by the same restrictions... yet.
Quote from: ExGingi
Echo chambers are boring and don't contribute much to deeper thinking and understanding!

Online yelped

  • Dansdeals Lifetime 10K Presidential Platinum Elite
  • *******
  • Join Date: Mar 2015
  • Posts: 12504
  • Total likes: 5049
  • DansDeals.com Hat Tips 45
    • View Profile
Re: Crowdstrike outage
« Reply #37 on: July 21, 2024, 01:43:36 PM »
Lol. We need to find stupid conspiracy theories to say we can't trust them, instead of the admitted massive screw up they caused here, which is more than enough to not trust them going forward?
I can't wait to see the post-mortem because I have actually used them in the last, and they are very good. There's a reason they are so commonly used.

Offline smurf

  • Dansdeals Presidential Platinum Elite
  • ********
  • Join Date: Sep 2010
  • Posts: 4588
  • Total likes: 373
  • DansDeals.com Hat Tips 8
    • View Profile
  • Location: NJ
Re: Crowdstrike outage
« Reply #38 on: July 21, 2024, 07:38:08 PM »

Extra credit if you got the sword fighting reference
In case not  https://xkcd.com/303/

Offline Alexsei

  • Dansdeals Lifetime Presidential Platinum Elite
  • *********
  • Join Date: Sep 2011
  • Posts: 6578
  • Total likes: 2404
  • DansDeals.com Hat Tips 5
    • View Profile
    • Travel & Kivrei Zadikim
  • Location: Truckistan
  • Programs: COVID-24
Re: Crowdstrike outage
« Reply #39 on: July 21, 2024, 08:11:16 PM »
Talking about conspiracies, what kind of role will crowdstrike play on Nov 5th 🤔
TRUMP better coverage than 5G!