web analytics
Categories
Uncategorized

CrowdStrike

On July 19 at 04:09 UTC, 10:09 CST Less Than Half A Day After TRUMP ACCEPTED THE NOMINATION AT THE MILWAUKEE RNC, CrowdStrike distributed a faulty configuration update. If say, they had released it at Midnight, far fewer computers would have been affected as the problem would have been identified and the “update” would have been halted in the middle of the night.

A computer coder verifies my hypothesis that if computers were not on, they could have avoided infection with this flawed code….


Artex

Artexยท4 days ago

Dwoods44 It affected everything back to Server 2012 R1. Server 2008 R2 and older were unaffected. Southwest Airlines was unaffected and it is rumored they are running a custom version of Windows 3.1.

The file was C-00000291–*26.sys. It affected every machine using the Crowdstrike Falcon sensor which received the update. If a machine was powered off – like my work laptop – the update was pushed and would have been copied to my machine on boot causing the blue screen, except my org got the message and was able to recall that update before I logged in for the morning on Friday. I personally spent 18 hours fixing computers and touched about 60 of them (some of them were real buggers to fix). My team fixed around 1200 servers total. I have no idea how many user endpoints (work laptops) were affected, because thank goodness, I don’t touch those.

Something to keep in mind is that this is likely to destroy Crowdstrike. Even if every company decided to keep using Crowdstrike, everyone who lost money is going to sue them, and even Google doesn’t have the money to pay a class-action of this magnitude.

While it’s difficult to imagine this was a mistake, it’s still a possibility.

Now, if Pelosi and half of congress dumped Crowdstrike stock before this last week, I’d sing a different tune. But while I fixed server after server this weekend and watched the stock price, it dropped 12% before opening on Friday (once everyone knew it was going on) and had bounced back quite a bit by closing Friday. It’s currently down 26% from Wednesday evening.

These companies have strict policies and processes, but you’d be surprised just how often folks cut corners.

We had a discussion on our team earlier this year where our top-level manager for all things Windows related said we needed to get more changes done per week on the one hand while reducing incidents on the other, then telling us most of our incidents were caused by changes. We’ve face staff cutbacks of about 75% over the last 3 years. You can infer (accurately) a lot about corporate jobs from that.

This is how it works at Fortune companies. Management looks at metrics and then makes all their decisions based on those metrics, much like the political parties make decisions based on polls. And the problem with that is poll and metrics alike often miss key information.

—————————————————————————–

The update was for it’s Falcon sensor software running on Windows PCs and servers. The update caused machines to go into either a boot loop or boot recovery mode.[16][17]

Almost immediately, Windows Virtual machines on the Microsoft Azure cloud platform began rebooting and crashing,[18] and at 06:48 UTC, Google Compute Engine also reported the problem. The problem affected systems running Windows 10 and Windows 11 running the CrowdStrike Falcon software.[19][16] Computers running macOS and Linux were unaffected, as were most personal Windows PCs.[19] However, similar problems affected Linux distributions in April 2024.[20][21]

Business was already open in Milwaukee and Washington DC, and had just opened in the West Coast when this “update” was released at 10:09 CST Friday morning the 19th of July.   Am I to believe that they globally release an “update” without testing it first in a sequestered batch of Microsoft, Linux, and Apple computers?

The timing of this “update” could not have been more perfectly timed to affect the USA the worst,  And this is the morning after Trump’s acceptance speech.   Look man, this guy Trump is just all about chaos <sarc>, or maybe they mean to say if they keep “missing” on Trump and he gets in, they can crash the whole world, including all  the Linux and Apple products, as they have 4 months for Gain of Function “coding research”

Crowdstrike is the same group that proved in 2016 that Trump was wrong <without providing any proof>, that it was indeed the Russians <and not the Ukrainians> that hacked the DNC and thus (will no support for the theory) influenced the election in Trump’s favor.    

4 weeks prior to “the Strike” on Jun 24th 2024 Crowdstrike was brought into the S&P500, which will undoubtedly help their long term success and value.    Color me skeptical.

This also provided distraction from the Biden Debacle.

Does One Try to “Catch a falling Knife”?

Leave a Reply

Your email address will not be published. Required fields are marked *