CrowdStrike effectively bricked windows, Mac and Linux today.
Windows machines won’t boot, and Mac and Linux work is abandoned because all their users are on twitter making memes.
Incredible work.
this post was submitted on 19 Jul 2024
2032 points (100.0% liked)
linuxmemes
23939 readers
1039 users here now
Hint: :q!
Sister communities:
Community rules (click to expand)
1. Follow the site-wide rules
- Instance-wide TOS: https://legal.lemmy.world/tos/
- Lemmy code of conduct: https://join-lemmy.org/docs/code_of_conduct.html
2. Be civil
- Understand the difference between a joke and an insult.
- Do not harrass or attack users for any reason. This includes using blanket terms, like "every user of thing".
- Don't get baited into back-and-forth insults. We are not animals.
- Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
- Bigotry will not be tolerated.
3. Post Linux-related content
- Including Unix and BSD.
- Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of
sudoin Windows. - No porn. Even if you watch it on a Linux machine.
4. No recent reposts
- Everybody uses Arch btw, can't quit Vim, <loves/tolerates/hates> systemd, and wants to interject for a moment. You can stop now.
5. 🇬🇧 Language/язык/Sprache
- This is primarily an English-speaking community. 🇬🇧🇦🇺🇺🇸
- Comments written in other languages are allowed.
- The substance of a post should be comprehensible for people who only speak English.
- Titles and post bodies written in other languages will be allowed, but only as long as the above rule is observed.
6. (NEW!) Regarding public figures
We all have our opinions, and certain public figures can be divisive. Keep in mind that this is a community for memes and light-hearted fun, not for airing grievances or leveling accusations. - Keep discussions polite and free of disparagement.
- We are never in possession of all of the facts. Defamatory comments will not be tolerated.
- Discussions that get too heated will be locked and offending comments removed.
Please report posts and comments that break these rules!
Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't remove France.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
They make software for both of them also though, IMO they're at fault for sure but so should be Microsoft for making a trash operating system.
Not saying Windows isn't trash, but considering what CrowdStrike's software is, they could have bricked Mac or Linux just as hard. The CrowdStrike agent has pretty broad access to modify and block execution of system files. Nuke a few of the wrong files, and any OS is going to grind to a halt.
Probably would have been worse if this was on Linux. That's like 90% of the internet.
Good thing is the kind of people making decisions based on buzzword-bongo filled PR campaigns like Crowdstrike's are already forcing their IT to use Windows anyway.
It was a serious ask to install it from auditors that don't know what the fuck they are doing. On all ec2 machines for "reasons" I'm sure there are companies out there pushed into doing this because they don't have people willing to die on those hills.
Oddly, one of CrowdStrike's selling point is that it provides pretty good EDR for Linux and Mac. If you want crap EDR, which pushes you towards Windows, Microsoft Defender for Endpoint is the ticket.
I'm sure the three people that use Linux and Crowdstrike together would have been very upset. 🤣
Always has been. I've clean Symantec A/V off way too many systems in my time, post BSOD. That crap came pre-loaded on so many systems, and then borked them. The problem is, that in order to actually protect system from malware, the A/V has to have full, kernel level access. So, when it goes sideways, it usually takes the system down. I've seen BSODs caused by just about every vendor's A/V or EDR product. Shit happens. Everyone makes mistakes, but when that mistake is in A/V or EDR, it usually means a BSOD.
It's tough. The Internet and access to networks provides some pretty good advantages to users. But, it also means users making mistakes and executing malware. And much of the malware now is targeted at user level access; so, you can't even prevent malware by denying local admin/root. Ransomware and infostealers don't need it. A/V ends up being a bit of a backstop to some of that. Sure, it mostly is a waste of resources and can break stuff when things go bad. But, it can also catch ransomware or alert network defenders to infostealers. And either of those can result in a really, really bad day. A ransomed network is a nightmare. And credentials being stolen and not known about can lead to all kinds of bad stuff. If A/V catches or alerts you to just one or two of those events and lets you take action early, it may pay for itself (even with this sort of FUBAR situation) several times over.
When a kernel fails to boot in Linux it rollback to a previous working version so there is a chance it might recover from CrowdStrike update.
That really depends on the distro, most of them, no.
It was a kernel module, there's nothing Microsoft could have done
Except not make an OS so shitty and vulnerable that it needs millions of hours and billions of dollars pumped into keeping it from being hacked in a split second. But yes nothing besides that one minor thing.
Companies use the same software on Linux and Mac systems, and it's a kernel module there as well; this could have happened to any OS that companies are using it on, it just happened to happen on Windows.
Giving kernel access to outside software is always a risk; these companies chose to take that risk
They make plastic pocket protectors too but that doesn't mean we need to use them. Sounds you missed my point
The reason Windows gets attacked so much to begin with is because of its market share, not necessarily how vulnerable it is. If you want to cast as wide a net as possible while wasting as little effort as possible, why the fuck would you target the lesser used OSes? In the same vein, why would you invest so much in protecting OSes that aren’t as big of targets as Windows? Your comment sounds as ill informed as those people that think Macs can’t get viruses.
It's well known that windows is chocked full of security issues and ALWAYS has been. Never once implied other OSes are perfect, just better. You sound ill informed yourself, and simping for a corporation
Why do I get the feeling that you're a flat earther?
My guess would be you have instincts opposite reality
Given that I'm not even close to that, and it has zero relationship to talking about how shitty windows is.
I'd say the issue isn't that Windows is a trash OS, but everyone using the exact same trash OS and same trash security program.