Musk Says He’s Deleted CrowdStrike From Systems After Outage
(www.bloomberg.com)
Comments (61)
sorted by:
There is something strange about the response to CrowdStrike. I've had people defend them and blame the companies for having auto-update.
It's not just an observations but along the lines of they are good and we need to continue doing business with them. It feels very odd and forced.
not defending crowdstrike, but auto updates are a bad idea in my opinion.
I cannot fathom the man who auto updates nor the man who never updates.
He got burned by Microsoft XP's Service Pack 2 update from over a decade ago and decided it was never worth the risk if something's already working.
lol. I stopped updating when every single goddammn update was pushing win10 on me, and my machine literally could not upgrade ( I tried multiple times, and every time, it ended up rolling back).
Then I found out about the crap win10 was phoning home (and their bullshit excuse that it was just "telemetry data," which by the way is a meaningless phrase), and how they were going to force updates, and I said "fukkit, linux it is"
...and now I occasionally remember to update, lol.
Hey thats me!
Has it really been a decade already?
The war has been long, brother.
When it comes to servers and security, you want to update as soon as possible. If updates are frequent, there's no reason not to automatize it.
There is at least one reason to not automatize updating and it just happened.
I disagree. in a business environment, you should be testing updates before you deploy company-wide, and this crowdstrike fiasco is a good reason why.
It's all fun and games until the update somehow manages to break all of the network printer configurations.
...and don't get me started on the stupid shit they "fix" while a certain network glitch seems to climb from one major version to the next...
yeah so I'm not the master of large scale IT, but I do test my code on the h/w it's going to run on before I publish it. I'm not saying it's simple to do so given how many different configurations might be deployed. That's why I'm not the master of IT to tell you how to do that. But the principle is I think the same.
You want to update by choice as soon as possible.
Auto-updating without consent creates downstream disasters, even security vulnerabilities. If I don't see release notes, I ain't updating.
Sure, except for the giant clusterfuck we’re talking about that happened just a couple days ago.
Bad automatization software, I guess.
Sysadmin For DEI hires:
"Install operating system and services with default settings, turn on auto update. Collect paycheck. Point fingers when something does break."
Add in the part about convincing the company to buy every third-party security software suite who's sales guy takes you out to lunch. You should see an average business computer now, there's a stack of random security software, none of which that place nice with anything.
I think you can switch off Microsoft updates? IDK about this Crowd strike thing.
It looks like you're right that they don't make it available with the GUI, but you don't need regedit. Just disable services.msc ... they say. I have had Windows re-enable services before.
sometimes they're even accidental...
I agree is just feels a lot of victim blaming while defending the culprit.
Tell me more
- Microsoft
Auto updates are a good idea for the idiot consumer masses to keep them from shooting themselves in the foot. For anything server or business related, you want managed and vetted updates that roll out in a staggered manner to prevent exactly this.
That's only true if you assume that the updates are always a good thing, and this crowstrike situation proves they are not.
and this was (presumably) an accident. What happens when a malicious actor intentionally puts a backdoor or other nasty surprise into an update?
and I wont even get into the elitism of "the idiot consumers" attitude, lol
For the use case of the clueless consumer, auto updates are better. The instant you start requiring a user to manage their own update process you are requiring a higher level of intelligence and proficiency than the vast majority of the population possesses. Given the choice, the idiot consumer will just never update and leave themselves wide open to malicious actors to do whatever they want with the victim's machine.
I mean, I'll agree on auto-updates being bad. But defending Crowdstrike isn't at all surprising for the usual suspects. After all, they were involved with helping the DNC and investigating the evils of Orange Man so they must be Good Guys.
The usual suspects proving they're nothing more than bots. Since when pushing an update that break systems to the point manual intervention on every affected machine is needed was ever defensible, even if you have a severe case of TDS.
Oh yeah btw I am very suspicious of software that gets deployed this widely that quickly puts this company into the S&P 500. With their stuff running live on so many computers. Someone said it was a dress rehearsal for a cyber attack. but they didn't say who would be making that attack.
Isn't it strange only Musk is the smart one to do this?
Remove Cloudstrike, replace it with a competitor.
As a company you wouldn't exactly scream publicly what security systems you have deployed/removed since hackers can just focus on not being detected by X or Y solution. Musk has the clout to harm Crowdstrike's rep even further by announcing this shit publicly(though the outage already took it to the dumps).
☈: Musk Says He’s Deleted CrowdStrike From Systems After Outage.
☈: Elon Musk Deletes CrowdStrike "From All Systems,"
☈: Outages Explained – Possible Election Implications.
☒: Rolling The Curtains On Cabal.
☈: No coincidences here. Move along folks.
☒: Tech Experts Believe Outage Connected To Theft Of 2024 Election.
☒: The Crowdstrike Story so Far.
☒: An update on the Austin Private Wealth situation.
☈: Pelosi & husband invest up to $1 million in CrowdStrike.
☈: Julian Assange- Crowdstrike was hired by the DNC.
☈: 4Chan /pol/ | What is CrowdStrike.
☈: CROWDSTRIKE CODE INSERT?.
ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ🔎: Communiteis General Search.
-̱͞|͞מ͟͞͞פ͟ו͟͞͞ק͞פ͟͞͞ק͞|̊̆ ‡.̗̀́
Wouldn't want to be part of the crowd on this one. Might be grounds for a tactical strike.
I work with a guy who was previously in the finance sector of IT, one of the odd things that he has informed me of is how cheap they are and their attitude towards IT. It is like IT wasn't earning its way so they weren't getting respect and resources etc.
The very notion seems insane to me in the IT age where your business is heavily dependent on the IT being up all the time no excuses accepted. I have to imagine that this incident is a wake up call for a bunch of industries.
I'm not a IT person but even so I know full well to test before deployment. Heck I won't update the kernel on my PC before I have confirmed that I have a recent Timeshift to draw from if need be. The backups are created automatically but even so I still confirm.
Given that beancounters can't put a price on downtimes until they actually happen or the productivity increases from implementing good IT, this will continue to happen. This is another reason why corporate cybersecurity is just a box ticking exercise giving the illusion everything is going well.
This incident has a convenient scapegoat, everyone will crucify Crowdstrike switch the EDR vendor and continue coasting in neutral. Hell Crowdstrike isn't even on the cheap side so the beancounters will be happy if the new vendor is cheaper.
You imply you're running a Linux distro so you're already a cut above the regular MBAs who have the business awareness of dementia patients.
Consider that the vast majority of their peers, and the end customer's check signatories, would benefit from such dementia.
As always, may the best marketers win.
Firefighter paradox.
No fires: Why are we paying you?
Shit on fire: Why are we paying you?
The reason is probably because IT businesses started gouging companies for their mediocre and lacklustre services and using competition-excluding contracts coupled with extortionate fees in order to get these companies in stranglehold service agreements.
Years later these companies found out what kind of shit-tastic services they received and the costs were so high that they couldn't even get decent IT updates out of the contract. And now they know better than to trust IT businesses and treat them like the bottom-feeding scum that they are. :')
You'd think that business-user support would be better company that you pay $250,000 a year to would be better than the customer support you get from your bank...
But it's not.
It kind of depends on how they're structured. You should get some help for 250k a year. From a guy who gets paid 250k a year. The help is not cheap. On both ends, you really gotta make the time count, ya know cuz of the bean counters. But yeah for that amount you should get some engineering help. In some places you would. If it were my company, I would put you in contact with someone who can help. I don't know that every company is positioned to do that.
I've been dealing with a small services business lately, and they're very responsive to email during the weekday. You know that makes me feel good about doing business with them, so that's why I'd make sure any customers of me had that warm service. As the service provide, it's very easy to let it eat all your time, though.
That's because IT NEVER earns its way. It's a capital investment in efficiency. It does not actually create income. Organization leaders struggle badly to understand (let alone predict) efficiency in a tech upgrade that never brings actual income. It only can make income faster if it works. But then how do you prove that?
Normally, you have to do a cost analysis and identify total work hours in wages spent on things as simple as clicking 2 buttons. Then you have show the development time (in developer wages) for streamlining the process into one button, and add that as a cost. Then you have to go back and find the total work hours in wages spent on clicking one button. Then you present it to the organization as:
"We currently spend $36,000 in labor costs per year, company-wide, to click two buttons. If we use our team of developers to streamline the process into a single button click, it will cost us $950 in man hours to develop, $1200 for testing, and then $325 for training to create a new process. The total development and training Once the new process is complete $2,475 in labor cost. Once implemented, the total cost of clicking one button, per year, company-wide, should be $8,000"
If your IT executive can't make that statement, the business isn't going to know what's good for it.
God help you if you have to try and explain why purchasing a software suite from a vendor will help you, especially as the contract changes each year or so.
I don't find that at all surprising - the simplest explanation for why the finance sector encourages shortsighted behaviour in the companies they invest in is that the finance sector is full of shortsighted people.
tl;dr need to make sale
Inb4 X-strike.
To be replaced with CrowderStrike?
To be replaced with the Chinese knock-off, CloudSlike.
Just did some digging, and would you know it, the EU that normie-baiters (such as Asmongold) love is partially responsible. And yes, not grasping that 99% of anti-trust is fundamentally capricous and arbitrary (aka fake and gay) indicates deficient higher-order reasoning. Anti-trust is oft about two big competitors undergoing regulatory capture, and bureaucrats self-justifying jobs rather than the general welfare.
Just because a complaint was filed doesn't actually mean eurocrats would have sided with Symantec. Though Microsoft certainly wouldn't have helped their case given Live OneCare was advertised within windows.
And that YCombinator poster is sorta wrong, what Microsoft intended to prevent was AV makers from patching(or rather brain surgery while being awake) the Windows kernel(yes they were THAT intrusive) not remove kernel drivers altogether. Instead after the complaint MS just extended the filtering APIs(which are more useful in kernel mode rather than user mode if accessible and are a more cooperative way of doing things) and maintained KPP(hell VBS is an offshoot of it by using virtualization to further prevent unauthorized patching)
Thanks, I'm not that intimately knowledgeable about Windows or malware, and only use it for some games. What I found interesting from HN is that some company had crowdstrike on a Debian machine and that it hosed that system (not recently) due to a specific version and configuration crowdstrike didn't test. To me crowdstrike seems irrelevant for linux land, as opposed to other enterprise practices such as apparmor/selinux and app sandboxing, but I'm not a corporate sysadmin. I originally was on hacker news to skim how newsworthy crowdstrike was before this incident.
I've heard about those issues, but it wasn't exactly caused by Crowdstrike itself(though having it would trigger it). Rather it was caused by a Linux kernel patch that broke something in eBPF(the module responsible with providing filtering capabilities in Linux) which Crowdstrike uses in lieu of a kernel driver(though you can switch if you want, and a temporary workaround was exactly that). A similar system is available on macOS too, and Apple actively discourages kernel drivers(or kexts as they're called).
Windows unfortunately is rather limited with regard security applications that don't use a kernel driver.
Bit late unless he's going to scrub and rebuild from source and bare metal. Anyone else think this whole crowdstrike thing was just cover for an epic cleanup operation?