July 2024 Crowdstrike fun

AlNipper49

Huge Member
Dope
SoSH Member
Apr 3, 2001
45,439
Mtigawi
So who else's day is made much more fun with Crowdstrike blowing up? We fortunately have limited exposure to Crowdstrike and it's all-hands-on-deck with the trickle-down impact. I can't imagine large firms with large remote workforces are doing.
 

Mugsy's Jock

Eli apologist
Lifetime Member
SoSH Member
Dec 28, 2000
15,497
UWS, NYC
I couldn’t get a key made for my room at the AC Marriott in Worcester this morning.

I’ll get over it.
 

InstaFace

The Ultimate One
SoSH Member
Sep 27, 2016
23,719
Pittsburgh, PA
I'm flying today, so it's been a real hoot. Allegiant flight was cancelled so I rebooked on Southwest immediately. Southwest's people were all smiles, and noted that they were entirely unaffected. I suppose I shouldn't be surprised.

Also, a medical provider I had to swing by had all their systems down, so they couldn't deal with me unless I'd happened to bring paper printouts of the stuff they could've normally just pulled up on the screen.

Good lesson on systems resilience, I guess. But man, how about the Crowdstrike engineering manager who approved the merge that broke everyone's system? He's gonna have to join a Tibetan monastery. Engineers make typos and bad code all the time, that's life, but it's irresponsible management that fails to invest enough in QA processes or code review.
 

TomRicardo

rusty cohlebone
Lifetime Member
SoSH Member
Feb 6, 2006
21,549
Row 14
I'm flying today, so it's been a real hoot. Allegiant flight was cancelled so I rebooked on Southwest immediately. Southwest's people were all smiles, and noted that they were entirely unaffected. I suppose I shouldn't be surprised.

Also, a medical provider I had to swing by had all their systems down, so they couldn't deal with me unless I'd happened to bring paper printouts of the stuff they could've normally just pulled up on the screen.

Good lesson on systems resilience, I guess. But man, how about the Crowdstrike engineering manager who approved the merge that broke everyone's system? He's gonna have to join a Tibetan monastery. Engineers make typos and bad code all the time, that's life, but it's irresponsible management that fails to invest enough in QA processes or code review.
The job was just recommended to me on LinkedIn so I assume he is gone.

My CRO thinks it is a sell opportunity so my next week got jammed. The biggest ;problem is people trusted Crowdstrike implicitly. You should never grab updates automatically from a vendor before running through a test environment. Crowdstrike played into this bullshit by spouting about stopping Day O exploits up until it was the greatest exploit in human history.

I hate cybersecurity vendor marketing ask @John Marzano Olympic Hero
 

cgori

Member
SoSH Member
Oct 2, 2004
4,230
SF, CA
Good lesson on systems resilience, I guess. But man, how about the Crowdstrike engineering manager who approved the merge that broke everyone's system? He's gonna have to join a Tibetan monastery. Engineers make typos and bad code all the time, that's life, but it's irresponsible management that fails to invest enough in QA processes or code review.
Stolen from some previous outage but recycling it here seems appropriate:

85844
 

tonyandpals

Well-Known Member
Lifetime Member
SoSH Member
Mar 18, 2004
7,946
Burlington
Went to Dick's Sporting Goods in Medford at lunch to grab something I needed for tomorrow. Closed as their systems are down.
Play it Again had it in Stoneham. Should have went there first...
 

axx

Member
SoSH Member
Jul 16, 2005
8,212
Pretty scary that people use Windows for anything other than video games and word documents.
 

SumnerH

Malt Liquor Picker
Dope
SoSH Member
Jul 18, 2005
32,596
Asheville, NC
Pretty scary that people use Windows for anything other than video games and word documents.
And even scarier that they run unvetted 3rd-party binary code in kernel mode. That's insane from a stability and security perspective, especially for a product purporting to be security-focused.
 

Bertha

Member
SoSH Member
May 3, 2016
223
For me, annoying but not horrible. Landed at
Logan 15 minutes ago, which was 3 hours late. Was 3 hours late last trip on same route, so at least there was a clear reason today. Crowds in airports all good, everyone polite and no whining. Nice to see.
 

AlNipper49

Huge Member
Dope
SoSH Member
Apr 3, 2001
45,439
Mtigawi
And even scarier that they run unvetted 3rd-party binary code in kernel mode. That's insane from a stability and security perspective, especially for a product purporting to be security-focused.
Add onto that, their public security posture seems to be based around marketing rather than good practices. Every time I've seen them "certify" something as secure it leaves more questions for me. Namely, they never ask (or atleast never publish) what processes that they identified along with tech controls. I could have the least secure machine ever with the best processes ever and it would be more secure than the most secure machine ever surrounded by the worst practices ever.
 

Kenny F'ing Powers

posts way less than 18% useful shit
SoSH Member
Nov 17, 2010
14,756
This shut down Starbucks’ mobile order abilities so it’s personal now.
I drove to Starbucks and they were open but had a canned response prepared about being down. They then offered me free hot or iced coffee. I was happy.
 

TomRicardo

rusty cohlebone
Lifetime Member
SoSH Member
Feb 6, 2006
21,549
Row 14
I got to admit Crowdstrike is doing an amazing job obfuscating how bad they fucked up. I am really worried this is not a wake up call to tighten their QA.
 

TomRicardo

rusty cohlebone
Lifetime Member
SoSH Member
Feb 6, 2006
21,549
Row 14
I got to admit Crowdstrike is doing an amazing job obfuscating how bad they fucked up. I am really worried this is not a wake up call to tighten their QA.
Looks like they have no plans to. Honestly it would be insane to purchase Crowdstrike going forward without them publicly addressing their QA shortcomings instead of blaming Microsoft.