Latest Crowdstrike Update Issue: The issue seems widespread, affecting machines running various CrowdStrike sensor versions. CrowdStrike has acknowledged the problem and is currently investigating the cause., Technology & Science News - Times Now
This isn't a gloat post. In fact, I was completely oblivious to this massive outage until I tried to check my bank balance and it wouldn't log in.
Apparently Visa Paywave, banks, some TV networks, EFTPOS, etc. have gone down. Flights have had to be cancelled as some airlines systems have also gone down. Gas stations and public transport systems inoperable. As well as numerous Windows systems and Microsoft services affected. (At least according to one of my local MSMs.)
Seems insane to me that one company's messed up update could cause so much global disruption and so many systems gone down :/ This is exactly why centralisation of services and large corporations gobbling up smaller companies and becoming behemoth services is so dangerous.
The annoying aspect from somebody with decades of IT experience is - what should happen is that crowdstrike gets sued into oblivion, and people responsible for buying that shit should have an epihpany and properly look at how they are doing their infra.
But will happen is that they'll just buy a new crwodstrike product that promises to mitigate the fallout of them fucking up again.
I isn't even a Linux vs Windows thing but a competent at your job vs don't know what the fuck you are doing thing. Critical systems are immutable and isolated or as close as reasonably possible. They don't do live updates of third party software and certainly not software that is running privileged and can crash the operating system.
I couldn't face working in corporate IT with this sort of bullshit going on.
Didn't Crowdstrike have a bad update to Debian systems back in April this year that caused a lot of problems? I don't think it was a big thing since not as many companies are using Crowdstrike on Debian.
Sounds like the issue here is Crowdstrike and not Windows.
Crowdstrike already killed some Linux machines. Let's not pretend Windows is at fault here or Linux is magically better in this area. No one is immune from software that can run as a kernel module going bad.
I work in hospitality and our systems are completely down. No POS, no card processing, no reservations, we're completely f'ked.
Our only saving grace is the fact that we are in a remote location and we have power outages frequently. So operating without a POS is semi-normal for us.
I love how everyone understands the issue wrong. It's not about being on Windows or Linux. It's about the ecosystem that is common place and people are used to on Windows or Linux. On windows it's accepted that every stupid anticheat can drop its filthy paws into ring 0 and normies don't mind. Linux has a fostered a less clueless community, but ultimately it's a reminder to keep vigilant and strive for pure and well documented open source with the correct permissions.
I wanted to share the article with friends and copy a part of the text I wanted to draw attention to but the asshole site has selection disabled. Now I will not do that and timesnownews can go fuck themselves
Same here. I was totally busy writing software in a new language and a new framework, and had a gazillion tabs on Google and stackexchange open. I didn't notice any network issues until I was on my way home, and the windows f-up was the one big thing in the radio news. Looks like Windows admins will have a busy weekend.
US and UK flights are grounded because of the issue, banks, media and some businesses not fully functioning. Likely we'll see more effects as the day goes on.
It's proving that POSIX architecture is necessary even if it requires additional computer literacy on the part of users and admins.
The risk of hacking (which is what Crowdstrike essentially does to get so deeply embedded and be so effective at endpoint protection) a monolithic system like Windows OS is if you screw up the whole thing comes tumbling down.
Me too. Additionally, I use guix so if a system update ever broke my machine I can just rollback to a prior system version (either via the command line or grub menu).
From my understanding, they have some ring 0 thing that fucked up. Could that not in theory happen on our beloved Linux systems? Or does the kernel generally not give that option?