Crowdstrike outage: Tech expert explains why it won't be an easy fix
Вставка
- Опубліковано 18 жов 2024
- Computer forensic services expert Mark Lanterman talked about the lingering effects of the Crowdstrike outage and why this isn't going to be an easy fix.
Subscribe to FOX 9 Minneapolis-St. Paul / @fox9
Watch FOX 9 Live: www.fox9.com/live
FOX 9 is your source for breaking news, live events, investigations, politics, entertainment, business news and local stories from Minneapolis-St. Paul, the greater Twin Cities metro, Greater Minnesota, western Wisconsin and across the nation. FOX 9 is the Official Home of the Minnesota Vikings and proud partner of University of Minnesota Golden Gophers Athletics.
Download the FOX 9 News app: fox9.onelink.m...
Download the Weather app
Google Play: play.google.co...
App Store: apps.apple.com...
Follow FOX 9 on Facebook: / fox9kmsp
Follow FOX 9 on Twitter: / fox9
Follow FOX 9 on Instagram: / fox9
Subscribe to the FOX 9 newsletter: www.fox9.com/e...
Mark bringing the brutal honest opinion. Refreshing
An attack of incompetence.
I like this guy.
It’s only going to get worse.
You can slow me down but you can’t stop me
the only reason it is not an easy fix is because microsoft did not learn the lesson when mccaffey did the same thing years ago. just track which driver you are starting, and after the reboot disable it.
for the rest of it, we already know how not to ship broken code, they just did not do what any junior developer knows how to do.
From what I've heard isn't wasn't an untested update but a bad push of an update. An empty file was pushed out in error. Anyway, CrowdStrike is in deep doo-doo.
Crowdstrike blames Fancy Bear
Have to touch every single workstation and server. Brutal.
Who ever signed off on the “update” should at the very least pay a very large lump sum if not prison time millions of people are effected and the fact they didn’t test it before mass sending the update is wild
CI/CD FTW. Biggest DDOS EVAR!
Very interesting and informative video! Although some say it may of been a test, or at the very least, points out the vulnerabilities of the digital society that we are living in
Also he mentions not to let the FOMO get you doing the latest updates, always wait for few days.
he mentioned a solution - perhaps too quickly for people to notice - but many companies have a department that tests updates before they are released company-wide - the vendor Crowdstrike should be doing a similar thing - but obviously didn't
the inarticulate newscaster was hinting at another solution - diversity in software - instead of a single software taking over the vast percentage of the market (eg Windows) - if several products with different architectures were spread over the market - then the damage caused by a failure in one company would be reduced
i disagree with expanding "cyberattack" to reference an accidental developer error too - the distinction is helpful - we need to know if there is an attacker with intent behind a problem - knowing this was not such an attack takes the pressure off IT - when the cause is known - IT can focus on that cause - instead of expending time and energy on widening their efforts to confront potential dangers that aren't there
is there something the ordinary user can do - absolutely nothing - except call IT - or if at personal computer - if you don't have an IT expert to call - get on the internet with another device to see if there's any word about the issue
Your not running CS on a personal machine. It's just infra that requires a DLP solution. So that's company assets mostly.
Funny enough SW airlines is just fine because apparently they're still running on Windows NT. In other words, their extreme incompetence shielded them from CS incompetence.
@@NightFlight1973 - that Crowdstrike is not available for personal machines is good news - i know it isn't on mine - but it might have been mentioned so that people with home computers wouldn't worry - - SW airlines has - believe it or not - Win 3.1 (!!) - strong believers "if it ain't broke - don't replace it"
I got a companies 645 Windows computers back up and running in one hour yesterday from a single terminal. How? Because they were all virtulised running on thin clients in Linux KVM. Most of the problem is bad system administration and not testing or having in place a disaster recovery plan.
Made some serious bank over the last fews days, by simply not being incompetent. Microsoft admins suck and the companies that employ them are stuck in the dark ages.
To be clear you didn't fix 645 windows computers. You fixed 645 windows images that were hosted on a VDI server cluster in a data center somewhere
Those incompetent Microsoft admins? Many Windows computers run on actual seperate pieces of hardware requiring sneaker-net to access them.
The admins are not the incompetent ones, the incompetent ones are those who chose to put Windows on a critical piece of infrastructure that isn't easy to get to.
@@JeanPierreWhite "To be clear you didn't fix 645 windows computers. You fixed 645 windows images that were hosted on a VDI server cluster in a data center somewhere"
Yes, and that's where Windows should remain.
@@notjustforhackers4252 Accessing Windows through a thin client has it advantages, however many endpoints must be able to operate even if isolated from the internet so VDI is not the solution in all cases. In those cases Linux would be a superior choice IMHO.
Every average user should have a VM backup of their physical machine .... I have 100's of VM backups, I don't know why Delta doesnt have VM's backup deployed in situations such as this.
Like always, 99% of computer problems are between monitor and keyboard.
The cure is worse than the disease.
I wonder if there a vulnerability 🤔it sounds like whoever made this knew it could happen ppl got theories
DOS the best OS.
Never ever use Microsoft Servers. Use Linux. Like Microsoft does. Clownstrike's IT boss must be a hack. To not know about Linux.
Linux had similar issues with crowdstrike not too long ago
One faulty update and poof goes your linux server too. Seen many redhat or centos servers getting affected by kernel panics due to such updates. If you understand the core of the issue, this is reproducible in any OS by any trusted software that operates at ring0 ( super privilege ) level.
> Clownstrike's IT boss must be a hack. To not know about Linux.
And guess what, falcon comes for linux too. That was not affected. Only Windows was likely due to bad testing.
Sigh, another "expert" who stammers "it cannot be done remotely, it cannot be automated". CrowdStruck just exposed how bad these critical facilities - hospitals, banks, 911 systems, airlines - are configured. Their IT are as bad as it gets. Why would you let your systems take in automated updates in the first place. It is common sense to try out updates on non-production systems first to flush out any bugs.
The "expert" who stammers "it cannot be done remotely, it cannot be automated"? Common man, think again.
At least he is right about the incompetent fools, but it is not just CrowdStruck. It's all them facilities affected by the outage.
because it wasn’t a sensor update it was a Rapid Response Content configuration update. kind of like a definitions update for an antivirus is the best way to describe that type of update.
Terrible advice. This guy really doesn’t understand the issue
He clearly does. One of the best "experts" interviewed so far.
CS assho