How did the update get through testing, if the bug has an immediately obvious catastrophic effect?
this post was submitted on 19 Jul 2024
171 points (100.0% liked)
Technology
67151 readers
3908 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
Agreed, this seems like a pretty obvious failed smoke test.
Three options seem likely to me: the build was untested, the final package got corrupted after testing, the test environment has some kind of abberant config that hid the defect.
Kernel drivers are "reviewed" and signed by Microsoft for exactly this reason. It's a security risk if any program an administrator runs could load malicious kernel drivers into windows
Something I have heard (take with a grain of salt) is that there was a new windows update that went out just before the crowdstrike update. And the issue happened with the new windows update.
Not the case. I have dozens of servers last updated in May that crashed.
Pretty good test to see how easy it would be to shut the world down. Uninstall CrowdStrike.
I'm sure Russia is taking note. Its computers were unaffected due to having no Crowdstrike installations. China too, apparently.
I’m sure they have their own solution for that, but yes, it would be unwise for a government to install software maintained by a foreign country. Kind of like voting booths.
China and Russia are switching to Linux, too.
Read-only friday, right? Right...?
Poor sysadmins.
And this happens the same week that Kaspersky left the U.S.
They are laughing internally right now.
Every time our IT tells PC users to just leave their computer on for X hours so it gets updates, I wonder how that can be a great system.
No it crashed shitty systems run on Windows lol. Actual computers are fine.
Two quick points, given the massive impact of this eveny it is clear to say many critical systems run windows. Meaning them being windows doesn't make them any less "actual computers".
Also, the OS in this event is irrelevant. They could have botched an update to their Linux version and crashes all the Linux boxes leaving windows untouched. This was not a result of an issue of any OS but a bad update.
Linux stuff generally doesn't crash if a file gets deleted. It'll just fail to boot.
Neither does window. A file deletion did not cause this. A human at Crowdstrike uploaded a bug to production. Bugs in production can happen on any OS, this is just a terrible, terrible look for Crowdstrike because they seriously messed up
I mean, the end result would be the same: Large tracts of infrastructure not loading and causing hell
Have you read anything about this? A file deletion is the workaround for affected hosts, silly!
?
I was just trying to point out that you implied a file deletion is what's causing this, and Linux wouldn't crash. This fault is fixed by deleting a file, ironically
They are less of an actual computers in a sense that they are not running stuff under their owner / operator control. This would happen in Linux with much lower chances, because there are no side update channels to such a critical component of the system used there.
However, to take back what I just wrote :) - I am sure rightly motivated engineers would be able to build such a security hole into Linux too, under enough pressure from bad corporate decisions.
What do you mean “no side update channels”? There are lots of software that update outside of a distro repo and lots of software that pulls metadata from the internet that could cause an error in the parser.
https://www.neowin.net/news/crowdstrike-broke-debian-and-rocky-linux-months-ago-but-no-one-noticed/
Faulty drivers don't discriminate by o/s.