The internet reacts to the CrowdStrike IT disaster that crashed computers worldwide

thehacker said:
Both Windows and Linux have drivers some of which runs in kernel mode and others in user mode. It depends on the level of access required by the driver. If I am not wrong, Linux has most device drivers baked into the kernel itself.
Click to expand...
Aren't Linux drivers baked into the kernel, and therefore better controlled than Windows drivers, some of which apparently can slip into the kernel? I don't code. So, any education would be appreciated.
 
  • Like
Reactions: zamroni111
seeprime said:
As long as Microsoft allows drivers to run in kernal mode Windows will have issues. Linux doesn't do it.
Click to expand...
Of course it does. Linux is actually worse, because it has a monolithic kernel, which means there are no boundaries between components in the kernel, and everything can corrupt everything else. Windows on the other side is using a microkernel inspired hybrid kernel, which offers a lot higher protection against random corruption of the things living inside the kernel.

Then again, once there's a kernel level fault, there's no recovery from that (unless you're using a true microkernel, which is however very expensive in terms of processing overhead), and the fault lies with the component that caused the kernel fault, which in this case is CrowdStrike's software, not with the system, and not with the vendor of the system, who can do nothing to prevent this.
 
  • Like
Reactions: thehacker, zamroni111 and seeprime
I have to laugh at the title "the internet reacts..." and then proceeds to list a bunch of twitter/X posts. You do know there's more to the internet than twitter/X? This is really low quality "journalism".
 
  • Like
Reactions: PurpaFur and seeprime
Uncle Al said:
Until the Govt. makes these security providers 100% responsible for testing and accuracy by making them 100% responsible for every dollar lost because of their negligence, it will continue again and again ....
Click to expand...

In which case, because of the potential liabilities, they'll just abandon all security rather then risk the potential financial penalties.
 
Maybe Nuclearstrike would be a better name for the company.

Yet again we allow a single company to dominate a tech sector and lazy arsed CEO's and boards of companies swallow the BS spiel by Crowdstrike promising them the world and blindly sign up and don't ever ask about contingency plans or what are worst case scenarios. Also most of these companies have sacked or greatly reduced their IT staff support.

We just keep making the same mistakes over and over bit the consequences of allowing a few companies to run the world keep getting worse and worse. Let's not forget the recent epic cluster fcuk by Google in nearly destroying UniSuper in Australia which looks after the superannuation of over 600000 people.
 
  • Like
Reactions: zamroni111
Watzupken said:
I don't think Microsoft can slip out of this mess even though Crowd Strike is the one that is mainly responsible. Anyone with any tech common sense will know that any change should be tested before deployment, regardless of how immaterial they think the change is. The problem is that any change in the codes may have a knock on impact. In this case, this should have been detected if they had tested it. The fact that MS allow a straight through update for Crowd Strike is already a red flag.
Click to expand...
tell me how Microsoft can prevent that?
crowd strike update doesn't use windows update system.
 
FF222 said:
"The questionable channel file is called "C-00000291*.sys""
Yeah, no. C-00000291*.sys is not a valid filename.
Click to expand...
It has a wildcard because you are searching for a file to delete in File Explorer. Like you said, it is not the actual filename, but the wildcard still works for the instructions.
 
themastergoose said:
Two things:

1) Microsoft wasn't responsible for this issue
2) Windows Server doesn't automatically install updates or self re-boot unless you tell it to (or change the default security policy surrounding update behaviour).

If you read the article or had ever used Windows Server, you'd know.
Click to expand...
MS designed Windows to be that restrictive and invasive for such event to occurs eventually.

They are sharing a big part of the blame by letting external software able to impact the kernel to that level.

If you knew about Anti-Virus under Windows, you would know.
 
redgarl said:
MS designed Windows to be that restrictive and invasive for such event to occurs eventually.

They are sharing a big part of the blame by letting external software able to impact the kernel to that level.

If you knew about Anti-Virus under Windows, you would know.
Click to expand...
Not that all your statements wouldn't be false on their own anyway, but the fact that CrowdStrike actually had the very same issue a month ago on Linux systems, where their very same software (Falcon Sensor) caused the very same kind of kernel fault (which is called kernel panic under Linux, but it's the same thing as a BSOD) completely obliterates any claims that tries to push the blame on Microsoft, who in reality
1. was not a tiny bit responsible for this issue
2. couldn't have done anything better to prevent it
3. was the first to offer a remedy for its users, providing not only detailed instructions on how to recover, but also a bootable image that does the repair automatically.
 
  • Like
Reactions: thehacker and themastergoose
FF222 said:
Not that all your statements wouldn't be false on their own anyway, but the fact that CrowdStrike actually had the very same issue a month ago on Linux systems, where their very same software (Falcon Sensor) caused the very same kind of kernel fault (which is called kernel panic under Linux, but it's the same thing as a BSOD) completely obliterates any claims that tries to push the blame on Microsoft, who in reality
1. was not a tiny bit responsible for this issue
2. couldn't have done anything better to prevent it
3. was the first to offer a remedy for its users, providing not only detailed instructions on how to recover, but also a bootable image that does the repair automatically.
Click to expand...
CrowdStrike has terrible QA since updates did indeed take down both Linux and Windows systems weeks apart. They seriously need to hire many more QA engineers. They're just cheap, using Agile, which is not ideal for public facing software. Maybe the recent publicity will shake things up.
 
You must log in or register to reply here.

Similar threads

midian182
Businesses around the world hit by 'Blue Screen of Death' following faulty CrowdStrike update
Replies
12
Views
263
zamroni111
Z
midian182
CrowdStrike apologizes for worldwide systems outage, offers vendors a $10 UberEats voucher
Replies
4
Views
117
VitalyT
VitalyT
Jimmy2x
CrowdStrike president accepts "Most Epic Fail" award at this year's Pwnies
Replies
0
Views
22
Jimmy2x
Jimmy2x

Latest posts

Back