Technology

59063 readers

3470 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

389

Some bad code just broke a billion Windows machines (www.youtube.com)

submitted 3 months ago by [email protected] to c/technology

121 comments fedilink hide all child comments

Cybersecurity firm Crowdstrike pushed an update that caused millions of Windows computers to enter recovery mode, triggering the blue screen of death. Learn ...

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 68 points 3 months ago (2 children)

Many compliance frameworks require security utilities to receive automatic updates. It's pretty essential for effective endpoint protection considering how fast new threats spread.

The problem is not the automated update, it's why it wasn't caught in testing and how the update managed to break the entire OS.

[–] [email protected] 7 points 3 months ago* (last edited 3 months ago) (1 children)

It is pretty easy to imagine separate streams of updates that affect each other negatively.

CrowdStrike does its own 0-day updates, Microsoft does its own 0-day updates. There is probably limited if any testing at that critical intersection.

If Microsoft 100% controlled the release stream, otoh, there'd be a much better chance to have caught it. The responsibility would probably lie with MS in such a case.

(edit: not saying that this is what happened, hence the conditionals)

[–] [email protected] 13 points 3 months ago (1 children)

I don't think that is what happened here in this situation though, I think the issue was caused exclusively by a Crowdstrike update but I haven't read anything official that really breaks this down.

[–] barsquid 15 points 3 months ago (1 children)

Some comments yesterday were claiming the offending file was several kb of just 0s. All signs are pointing to a massive fuckup from an individual company.

[–] [email protected] 4 points 3 months ago

Which makes me wonder, did the company even test it at all on their own machines first?

[+] [email protected] -18 points 3 months ago (2 children)

Nah EDR is pointless like all of cybersecurity. All these compliance frameworks are just a further grift to get a slice of B2B procurement budgets. The practice of cybersecurity has caused a more severe widespread outage than any malware ever could.

[–] mriormro 11 points 3 months ago (1 children)

lol, ok

[–] fishpen0 -2 points 3 months ago

OP is not entirely wrong. At least in Linux land you can now implement EDR like functionality entirely with EBPF without installing a fucking rootkit. So traditional EDR products are a grift if you are on the bleeding edge.

[–] jumjummy 5 points 3 months ago* (last edited 3 months ago) (1 children)

Ok Russian comrade. Security in companies is terrible. You’re right. It’s just a giant grift.

Now, go buy some limited time offer fight fight fight shoes from agent orange.

[–] [email protected] 0 points 3 months ago* (last edited 3 months ago)

Genuinely, what? What is "fight fight fight shoes" and "agent orange" like the chemical? What does me being Russian have to do with it? Is this some kind of twitter lingo I've touched grass too much to understand?

EDIT: Figured out it's probably a trump reference. Idk I'm not a trump fan so idunno.