This global internet outage is insane! All airlines grounded and i was stock the airport and even banks, media, and offices from the U.S. to Australia. How can CrowdStrike have such a monopoly that could help restore such a massive amount of tech?
@LeahLewis-ny9iu2 ай бұрын
It's pretty concerning. If they can fix this, what other control do they have over our infrastructure? or are we truly in the matrix?
@EricaWaters-lr6zw2 ай бұрын
Right? It makes you think about the stability of our systems. But hey, I barely spend time online. When I checked my portfolio with Desiree Ruth Hoffman, we were still in the greens. That’s been the case for 16 months straight!
@OliverLiam-px3vx2 ай бұрын
Wow, really? I've seen the name Desiree Ruth Hoffman before but can't figure out where.
@LeahLewis-ny9iu2 ай бұрын
Probably from her forecast on Nvidia before the pump. But how are you in the greens with all the fluctuations due to the election and everything else? Can you share her strategy?
@EricaWaters-lr6zw2 ай бұрын
Honestly, just schedule a call with her. She has vast knowledge in finance and really knows how to navigate these times. I handed over my portfolio to her so I can focus on my family. These days, things just get scarier and scarier.
@JayJames2 ай бұрын
Crowdstrikes new ad: Now you all know who we are
@qzy-179SanTzxkW2 ай бұрын
And here i was thinking it was "we are many. we are crowd."😂😂😂
@brine37222 ай бұрын
I like how the company name is "CrowdStrike" and quite literally did what their company name means.
@cheungch19902 ай бұрын
@@qzy-179SanTzxkW "We strike crowd."
@DavidMapola-q3l2 ай бұрын
Rhaenyra i know youre there! 😂
@sandwichman1002 ай бұрын
new name shitstorm
@FritzTheCat_10302 ай бұрын
"Some experts have speculated that perhaps it was a lack of testing"...LOL! It was not a "lack of" testing, it was the "complete and total absence" of testing! They pushed out an update...to every, single one of their customers at the same time, that broke every machine. It clearly was not tested AT ALL. Also, this is the reason that you DO NOT push out an update to everyone at once! You roll out to a small number of customers and make sure there are no problems before expanding. This is BASIC operating procedure. The fact that a "SECURITY" company failed this so spectacularly says everything you need to know about them as a company. Any organization that continues to use this product after this fiasco is run by complete and utter morons.
@teyemanon19702 ай бұрын
Well FrtizTheCat_1030, you certainly deserve your pack of rabbit flavoured Whiskas this evening for this comment. Cats today!
@nothingisreal63452 ай бұрын
In principal a field test for a system software is mandatory. But with AV software it is a race between viruses that spread with crazy speed and the AV updates. And many companies have a paranoia when it comes to virus attacks. So they blindly trust into the services of AV companies. In the end it is the good ol' blame game. If the AV company fails - not my fault. If a virus causes harm and the Admin did not rollout at max speed - his fault. Now you know what responsible managers choose.
@JaneNothingmore2 ай бұрын
We don't usually test our codes. But when we do, it's in production. - Crowdstrike
@RockChalk2632 ай бұрын
@@JaneNothingmore On a Friday....
@xxLunaMoonx2 ай бұрын
And we are all also morons to rely on them, we come first
@bird2718282 ай бұрын
I studied cybersecurity. I applied to Crowdstike and was turned down because other applicants were "more qualified". Little did I know that Crowdstrike pushes untested software to production which is something I would have never done.
@Hans-gb4mv2 ай бұрын
It is not because they have a flawed procedure somewhere, that they do not test their software.
@unkannyunkanny92322 ай бұрын
I never studied cybersecurity. In my day as a software tester, I was blackbox because anyone who could actually code, would actually code and get paid a lot more money. I'm gonna guess that the code itself was not 'untested'. It was the implementation of the patch that was not tested. Crowdstrike, having tested the fixes, trusted a process of rolling the updates out. It would say the very fact it has customers, has proven that process works, so why question it? Crowdstrike probably didn't see the value in further delay by rolling the patches out to itself first and do yet another test to see that what it thought it rolled out, actually rolled out.
@PatrickBaptist2 ай бұрын
@@unkannyunkanny9232 They could probably quickly tell you are full of shite and excused you.
@JohnDoe-vh4rt2 ай бұрын
More qualified to achieve the “not-white-male” quotas.
@neverhomepnw2 ай бұрын
Updates can be rushed to customers due to zero day attacks, but I agree. I work in IT and they are supposed to test updates in a sandbox environment before being deployed to customers. Its IT security fundamentals.
@lucasalister38822 ай бұрын
To everyone who works IT, thank you for all the work you do and we appreciate you during these trying times
@potluckfishing2 ай бұрын
You're welcome. It has not been easy.
@joelrobert40532 ай бұрын
thank you 😊
@Will-nq9yt2 ай бұрын
pain
@Greendevil12122 ай бұрын
Cheers mate
@BryanK-y5y2 ай бұрын
@@lucasalister3882 it's a thankless job
@tfozo2 ай бұрын
How ironic the name is crowd strike
@gagahusband2 ай бұрын
It's no mistake
@msnhao2 ай бұрын
The writers are cookin
@BadByte2 ай бұрын
What is more ironic is the CEO is a former CTO of mcafee antivirus, and this happened on his watch "Defective McAfee update causes worldwide meltdown of XP PCs" so dude has not learned from past mistakes.
@supercoolmunkee2 ай бұрын
The crowd has been stricken 😂
@A_ARAFAT2 ай бұрын
They striked the crowd
@TheRumblewagon2 ай бұрын
Now consider if a malicious actor could gain access (ie. employment) into a company such as Crowdstrike and do something similar from the inside.
@HaxxorElite2 ай бұрын
Whos to say that's not what happened lol
@Banor2 ай бұрын
Senior managers pushing untested software to release is, arguably, malicious behaviour
@everychordever43392 ай бұрын
So, let's give them the benefit of the doubt and say they were totally incompetent. BUT, if you wanted to cause the max trouble, could you choose a better inside job in a better company, a better OS, a better file...to attack? I'm not a conspiracy theorist, I'm just saying a competent risk manager would have exactly this scenario at the top of their list.
@berendharmsen2 ай бұрын
6:52 - what an unnecessarily rude interruption of a reporter giving a pretty good analysis of the situation.
@Kaiyats2 ай бұрын
Censored
@chilled992 ай бұрын
There are time limits on TV programs. Likely the shows producer encouraged the presenter to make the reporter wrap it up
@bunbox2 ай бұрын
I read people for a living as a counsellor. Her face spoke ALOT more than her words did there. I noticed the way she was smiling alot as she said it, and then she took her answer and directed down a totally unrelated path. She was quick to jump in, and then quickly ask "Does this mean technology is advancing too much and we should go backwards, or are you saying the march of technology and AI must continue no matter what". She strongly gives the impression of someone who hates technology, (she's an older woman, you can tell beneath the makeup with how some parts of her face move), so I'm going to guess she feels left behind by tech or finds it frustrating having to use it, and wanted to make a point about "LOOK HOW BAD THIS IS, WE SHOULD HAVE LESS OF THIS" and was smiling because she saw a chance to say it.
@everychordever43392 ай бұрын
@@chilled99 Nope. The reporter was given more time after the interruption.
@WistrelChianti2 ай бұрын
yeh she clearly understood something of the situation and the other just wanted to push a sensationalist narative. Lame move BBC
@amyskippy2 ай бұрын
CrowdStrike was the cause of the major outage, not Microsoft. Despite mentioning Microsoft Windows in the first 30 seconds, it takes until 2 minutes 20 seconds to mention the actual company responsible.
@boskee2 ай бұрын
@@mainStream-user Rollback of what exactly? Windows has System Restore.
@valdragu1072 ай бұрын
When a faulty driver can kill the OS, it's a bad OS. Microsoft expertise :))
@boskee2 ай бұрын
@@valdragu107 You do know that pretty much the same thing happened on Linux just a month or so ago? Debian 12 + crowdstrike caused kernel panics in April RedHat + crowdstrike caused kernel panics in June
@halosam29632 ай бұрын
@valdragu107 This isn't a driver, this is a kernel level software. I hate MS as much as the next Linux-user, but you can't blame Windows for failing when the core of its OS is messed with
@chris6ix.2 ай бұрын
I agree. The news anchor said in the first 15 secs "The crisis was caused by a fault software update, which affected Microsoft Windows systems", which makes non-tech-savvy people (So the vast majority of humanity) to believe that Microsoft is at fault. Granted, Windows should have fallback systems in place that detect if a recent software update (especially kernel level) causes crashes and then revert the update and tell the user, but it's not fair that some news sources make it sound like Microsoft caused this issue.
@Medicbobs2 ай бұрын
As a paramedic our report writing software went down all night and it sucked
@MatthewMcIntyre-ee5rp2 ай бұрын
Yes because you running on a similar algorithm as financial institutions are , medical billing and medical coding will be the next big thing once AI is becoming integral,good luck and lots of patience.
@RB-wu4us2 ай бұрын
A pencil and paper works
@punkinhoot2 ай бұрын
@@RB-wu4ustell that to accounting.
@AccountFour-w2o2 ай бұрын
@@punkinhoot you'd be surprised how ineffective people are without their computer...
@Medicbobs2 ай бұрын
@@RB-wu4us Oh lord don't jinx me haha.
@synchronistory2 ай бұрын
Monopolies aren't going to work anymore in a complex world like today's. Competition is healthy - and so are backup systems from across multiple global sectors.
@baltakatei2 ай бұрын
CrowdStrike's Wikipedia page has an entire section dedicated to mergers and acquisitions. The root cause is not kernel architecture or even testing procedures but anti-trust law.
@vullord6662 ай бұрын
The problem is that digital markets have completely failed competition and pushed us toward a handful of companies for each general need. There are only 3 computer operating systems and only Linux is open source. Google dominants with over 90% of the search engine market and Bing trails at like less than 5% and all the many other options are far far less than that. These systems don't work well with each other or communicate well between each other making it difficult to switch or use alternatives. Developers also just don't want to develop for too many and it's expensive to support everything. On top of all this governments have largely ignored the issue (and granted these few tech companies are purposefully making it difficult to understand and see the problem). The best we see is the EU and they still aren't really getting to the heart of it. We've just become so complacent. In theory overreliance on technology shouldn't even be an issue, but we've allowed ourselves to all depend so greatly on a handful of systems, platforms, and services. No one even thinks about it. It's just, "hey crowdstrike is like the number one cybersecurity option got windows enterprise systems and cloud computing. Everyone's using them. So why don't you?" then over time they become so stubborn and think they're above simple mistakes or needing to follow basic procedures. And eventually you get a situation like this.
@teevee34072 ай бұрын
I highly agree with this! we can't all depend on some singular mega corp
@monty33222 ай бұрын
And with a name like CrowdStrike??
@briancarno88372 ай бұрын
Competition is healhy?..you never noticed whatever you want to buy today you only have 5 options?
@teyemanon19702 ай бұрын
Anyone here working in IT, spare a thought for our brothers and sisters who had to work through the night and are still at it over the weekend.
@JohnDoe-mx9ut2 ай бұрын
It's an issue for all the shops outsourcing their IT that can't come in person lol
@potluckfishing2 ай бұрын
@@teyemanon1970 yep
@ladhibidda2 ай бұрын
@@philliam111 they're not talking about you lil bro. all the hardworking engineers in this moment of chaos
@ThatOne52 ай бұрын
AMAZON AWS works with servers based on LINUX systems how convenient they are also funded by the same shareholders as CrowdStrike
@cherylT3212 ай бұрын
And who might get fired at the drop of a hat!
@user-dd4bw3yu9j2 ай бұрын
crowdstrike committed criminal negligence, "sorry" does not work here.
@jamesalias5952 ай бұрын
Everyone in business should fire Crowdstrike and replace them with a company that actually tests software before pushing out updates. Also surprised that so many airlines are running windows versus linux.
@thegoodsmaster2 ай бұрын
or just dont ALL pile into the same company for convenience like a monopoly
@Whyanonymity2 ай бұрын
Or just hire cyber security team instead of sourcing to 3 company
@thegoodsmaster2 ай бұрын
@@Whyanonymity each idea just sounds like it will cost more money 😆
@JeanPierreWhite2 ай бұрын
Each organization should vet software updates prior to them being distributed to their organization en masse. Allowing Crowdstrike to circumvent such processes is the responsibility of each organization. Companies should not abdicate this responsibility to a third party such as CrowdStrike.
@CitiesTurnedToDust2 ай бұрын
No good IT people appreciate having to run business critical systems on Windows. But all the MBA Chads who run the companies don't understand that and run what they're used to. And They're not the sorts of people to listen to their own experts over salesmen. Source: I'm an IT expert who almost got fired by my ignorant business grad managers for speaking against the idiotic products they were being sold by slimy salespeople.
@PhrontDoor2 ай бұрын
It's simple to avoid -- trivial in fact. Do not EVER allow forced day-zero updates. You use rolling patches, and let the users decide when/if they want to install them. Any company using the crowdstrike and knowing it had KERNAL LEVEL patches being installed arbitrarily were just stupid -- no other way to call it. Those companies relying on CS were idiots.
@CaptainGoldberg2 ай бұрын
I totally agree with your assessment. But what fool released an update without testing? There is no way any type of meaningful testing was done prior to release or this would have been discovered.
@tylerjw7022 ай бұрын
Also the fact that Windows will happily execute a kernel-mode driver it just downloaded off the internet and not jetison it if it causes boot failures is just insane. There needs to be graceful fallback when something like this happens The awful design of Windows is just as much to blame as the awful rollout of this rootkit.
@alternateaccount48682 ай бұрын
You calling half of the world stupid
@CaptainGoldberg2 ай бұрын
@@alternateaccount4868 Yes. It's stupid to allow a 3rd party company to do whatever they want to your systems without doing due diligence.
@notaforte2 ай бұрын
The problem with the image is they tested the update on a lab using an F: and simply forgot to change it to C: At least that’s my theory.
@Nasiruify2 ай бұрын
"Hello IT have you tried turning it off and on again? "
@JeanPierreWhite2 ай бұрын
15 times lol
@malavoy12 ай бұрын
You used to be able to boot into safe mode by holding down a key while the machine restarted. Windows 10 and up require multiple reboots to access safe mode to keep regular users with no idea how computers work from getting into safe mode and messing up the computer (yes it's possible).
@arduinoguru72332 ай бұрын
it's won't help, that sht need to boot in safe mode disable all the drivers and remove the faulty file, it' long process and that shtty company should inform their client the moment they discovered it,
@parkerc12792 ай бұрын
Funny
@DanaPohlson2 ай бұрын
Have you tried using a non $#!t operating system like Unix? microsoft was always weak garbage.
@SH0782 ай бұрын
First Boeing, and now this, American companies are losing their quality
@krunkle51362 ай бұрын
It doesn't help that they dominate the market so much with few alternatives. Boycotting is needed.
@Deadassbruhfrfr2 ай бұрын
We got diversified
@Neeper782 ай бұрын
@@ijumpjudyyare you playing the opposite game by yourself? 😂😂😂
@r.a.64592 ай бұрын
Nightbot: @@ijumpjudyy --> 🚨 All Caps 🚨 Excess Emotes [warning]
@tonythaiger932 ай бұрын
DEI quota ya know
@diogotrindade4442 ай бұрын
Basically, we need more OS types and less monopolies.
@henryavery44612 ай бұрын
Bro, shut the funck up. I can clearly see your not from the area of IT. You DOnt know anything. A simple dual boot would prevent this from hapening. If windows cant start, start another OS on another partition. Thats extremely simple. You common people dont know anything and then start lecturing devs around the world wtf xd
@3DLasers2 ай бұрын
We need to go back to Window XP that's what we need to do... 🤣🤣🤣
@sentiment76442 ай бұрын
if you use crowdstrike, no matter what type of os you use, it will crash your system
@diogotrindade4442 ай бұрын
@@sentiment7644 OSs like openSUSE, Fedora Silverblue, macOS, and Chrome OS use automatic rollback mechanisms to revert to a stable state if an update or configuration change causes a system failure, preventing widespread issues. If you do not use Windows you do not need crowdstrike in the 1st place.
@diogotrindade4442 ай бұрын
@@sentiment7644 that just means that we shouldn’t use it
@ScrewArbys2 ай бұрын
My question is, why didn’t they test the software before sending it out? They should be under investigation for that.
@309electronics52 ай бұрын
Yes and the fact it runs in KERNEL MODE which is like really fragile and 1 slight error can knock down everything. KERNEL MODE FILES SHOULD ALWAYS BE FULLY TESTED.
@fiveminutezen2 ай бұрын
This is actually excellent exposure for Crowdstrike a company I had never heard of.
@therealmishkin2 ай бұрын
That will now go bankrupt from lawsuits…
@Artnotforthesakeofart2 ай бұрын
@@therealmishkin 😬
@James-H842 ай бұрын
No it's really not IMHO. The people that needed to hear of them (massive enterprise) already knew who they are and now they will be looking at their competitors. You may not have heard of sentinelone or other similar companies in this space but security execs at the 100s of fortune 500 companies that were using crowdstrike have. This is a monumental screw up that is not a mistake, this is indicative of underlying issues in crowdstrike business procedures.
@billk3642 ай бұрын
IF they actually admitted to everyone they got hacked, they would be out of business in minutes. What else are they going to tell you?
@reviewchan98062 ай бұрын
CEO aint sleeping for 36 hours this weekend 😂
@franz38102 ай бұрын
They earn a lot doing nothing so...
@YuNherd2 ай бұрын
his stock not stonks, he malding
@rice_lord2 ай бұрын
He is still getting his 20 mils bonus by the end of the year
@atarian3452 ай бұрын
Not with that hair cut
@rav04o22 ай бұрын
Nah you’re wrong. CEO can’t log in to his windows laptop, so he will wait for IT department to fix everything
@pillettadoinswartsh49742 ай бұрын
2 minutes and 22 seconds it took BBC to even mention the culprit, CrowdStrike. Though they mentioned Windows immediately. Why bury the lede? The CEO of CrowdStrike was the CTO at McAfee in 2010, when a similar thing happened. This time, he chose to lie to people, claiming that the "fix" would be automatic. When in reality, each individual computer would need to be booted in Safe Mode, and the bad file deleted. Can't be done remotely. And IT people can't travel because of the outage. I'd bet there are some secretaries being guided through this by absent IT people.
@AJXOXO-vz1pn2 ай бұрын
Non techie people deleting files through the safe mode. LOL! What else could possibly go wrong?!
@piccalillipit92112 ай бұрын
*100% THIS WAS AN INSERTION ATTACK* its was a bit of code with 00000000 00000000 00000000 00000000 00000000 at a critical location Some p'd off employee inserted it after testing but before it shipped is my guess, especially as they just ****** 2,000 employees out of severance pay to boost the stock price
@BryanK-y5y2 ай бұрын
@@pillettadoinswartsh4974 Jesus that's insane didn't even think of that, this one s soo negligible I can only think it was planned the update had zero bytes
@boskee2 ай бұрын
Even worse if the computer is bitlocked. Also I don't imagine many corporate pcs allow their regular users to boot into safe mode.
@AJXOXO-vz1pn2 ай бұрын
@@boskee maybe it would just be easier to buy some new computers? Seriously not kidding.
@FF2Guy2 ай бұрын
One tiny mistake could completely send all of humanity back to the Stone Age
@jcpflier67032 ай бұрын
This was NOT Microsoft's fault, this was a complete failure on CrowdStrike and their QA process for testing patches, updates etc, before pushing to production. I suspect the tools that they use for input validation against the code was not up to speed on modern programming error detection. Microsoft is a victim of this just as much as all others affected. Windows Kernel did what it's designed to do. CrowdStrike needs to test, test, test and more test, before pushing to production. The fact that they pushed this globally too is mind-blowing. Where is there QA director? Why didn't they deploy this in small regions to test and ensure no errors? I see a lot of law suits against CrowdStrike from major companies. Airlines are not going to eat those delay bills.
@danmadrid82272 ай бұрын
They'll pass the buck a few times I'm sure.. this is what happens when they try to run security on the cheap and overwork employees.
@rvdb73632 ай бұрын
People have very short memories for failing technology. Me included. A few years ago someone dug a hole in the main water pipe down the street leaving us without tap water. After that experience I bought 6 bottles of water so I wouldn't be without drinking water again. Of course that water got used (and not replaced) so when the water pump in our apartment building broke down 18 months later I was once again without water. Did I learn from that? Nope, I currently have no bottled water in the house.
@mike74h2 ай бұрын
Your self-honesty is admirable. I'm going to subscribe to your channel and watch for a notice from a relative when your inability to adapt gets the best of you. I hope it won't be soon. Good luck.
@olympian32 ай бұрын
In my city over a month ago a water main was broken and everybody had to conserve water like crazy
@jaspionccv94262 ай бұрын
Fortunately in my house there is big water boxes. So much so that i usually find out when there is disruption in the water supply only when the neighbors come asking for a few buckets.
@jbrc13222 ай бұрын
There's still time to replenish your emergency supply
@rvdb73632 ай бұрын
@jbrc1322 I added water to today's shopping list, so I have once again an emergency supply. And I made the resolve (again) to maintain the supply this time.
@foomoo10882 ай бұрын
IT 101 ! Test the update before deploying, then slowly roll out update one machine at a time, always provide easy recall of the update to return to the previous version.
@rcasparb2 ай бұрын
Most reputable software companies have a thing called quality assurance. It basically means getting someone other than the person that wrote the code to test the code BEFORE it gets sent out. It would appear that this whole thing is a failure to do basic quality assurance.
@rocketraccoon19762 ай бұрын
Microsoft used to have it. Then they fired them all and let their customers be the beta testers. Almost a decade ago, when Windows 10 was still being rolled out, a Microsoft Sales Exec got caught telling a concerned Enterprise customer that the updates would be rolled out to their home and small biz customers first to catch any bugs.
@HowardOchs-xk8xu2 ай бұрын
Car companys test products on consumers. HENCE RECALLS
@achilles1652 ай бұрын
This wasn't a Microsoft testing gap but the update is released by Crowd strike. Just like updating chrome on windows is released by google and not Microsoft
@360Fov2 ай бұрын
QA is an antiquated process that needs to be phased out. It slows down the rollout of updates, and stifles progress. The sooner QA is eliminated, and the faster we employ tight-integration of AI with kernel level access to network-wide resources, the sooner we can reach singularity and get off the path of entropy. If Warbands was rolled out as soon as it was done, without archaic "QA", then we could already complete quests for any character you want without impacting Reputation or progress; whichever character completes them first will earn the Reputation for the Warband, which is all we want!
@Hans-gb4mv2 ай бұрын
@@rocketraccoon1976 rather than play that old record over and over again, you should do some better research and read up on what Microsoft actually did, why they did it and what the overall impact was in the end. Because when you see the statistics of what they have done, you can only say that it was the right decision.
@r2k2472 ай бұрын
It’s not a antivirus. It’s a cloud soc tool which monitors network traffic for hackers. They have an agent which can respond to threats. It’s the agent that updated and blew up all machines
@GWAYGWAY12 ай бұрын
@r2k247 Double agent, then.
@SaffronHorizon2 ай бұрын
One question: Is there such a thing a virus that deletes social media so people can return to sanity again?
@tofu_golem2 ай бұрын
This happened because executives didn't want to pay as much money testing this update before releasing it. I believe this is what business majors call "fiduciary responsibility." One of the executives at Cloud Strike was previously at another antivirus company that did more or less the same thing. This is what happens when you reward failure at the executive level.
@xxgn2 ай бұрын
The update was caused by a corrupt file, not a code bug. Testing won't necessarily catch that. It's still an unforced error, but it's more that the client software didn't validate the file and that the update rollout wasn't staggered.
@KB-nt7eg2 ай бұрын
@@xxgna corrupt file, by your terms, that crashes systems, can 100% be tested. It literally crashed systems. You think testing it wouldn't make it crash the test system? Does 2+2 not equal 4 to you? How many COVID vaccines have you drank?
@tun-tunninc.64922 ай бұрын
And y'all decide to run an update a day before the weekend. Bravo
@JeanPierreWhite2 ай бұрын
Thursday is typically an OK day to do software updates. The update was done ona Thursday. We just woke up Friday morning to the issue.
@yanina.korolko2 ай бұрын
@@JeanPierreWhite there should be an iPhone in the house just in case😂… I am so sorry you guys went through all that negativity
@vex65432 ай бұрын
It’s better than doing it at the start of the business week you one complete donkey
@Hans-gb4mv2 ай бұрын
bad actors don't work office hours, so why would security companies?
@JeanPierreWhite2 ай бұрын
@@yanina.korolko I had no problem. I use Chromebooks
@Me972022 ай бұрын
When I was managing a large company, I wouldn’t let IT to do any software updates on Thursdays or Fridays. And we’d never do any updates before they had been vetted.
@GH-oi2jf2 ай бұрын
That is what was missing here. How did a bad module get installed in so many places in such a short time?
@JohnDoe-mx9ut2 ай бұрын
@@GH-oi2jf They haven't heard of canary deployments which *should be* an industry standard.
@kylel47992 ай бұрын
The Power circle of Engineers I sat with would meet bi-weekly to provide Change Control. Change requests (such as software updates/patches), no matter how small of the change, had to be fully tested for two weeks, FULLY documented, and the change request required a Backout procedure. All that and we only had about 40 engineers on staff! A few monopoly dollars to a big company like Cloudstrike. Sounds like they "sprinted" past any sort of testing.
@tkmariner2 ай бұрын
The phrase, "there is no bad advertising.", will finally be wrong...
@voyd1372 ай бұрын
" There's no hacking a system if it's down! " - Cybersecurity intern post-update
@ernstlemm93792 ай бұрын
Unbelievable how many companies don't have a backup system. They should all be held accountable for this bad and cheap service.
@Lashley-jp9bo2 ай бұрын
No matter what happens to crowdstrike. Just remember BlackRock owns and run majority of the top 500 companies around the world including military.
@bakmyster2 ай бұрын
Uh oh
@rockenOne2 ай бұрын
Thanks for sharing your worldview based on an internet blog
@Lashley-jp9bo2 ай бұрын
@@rockenOne that's a fact. Just look at the Fortune 500 who the biggest share holders is.
@rockenOne2 ай бұрын
@Lashley-jp9bo shrieking that is fact isn't helping you champ... are you saying that have voting control over every f500 company and control over the day to day running... or are you getting swept up in internet hysteria.
@rockenOne2 ай бұрын
@Lashley-jp9bo onya kiddo, what claim are you making? Sounds like you are getting caught up in internet hysteria
@albertvirgil44712 ай бұрын
Why everybody is reliant on one company? Simple! YOU ARE CHEAP! 😂
@Woodzta2 ай бұрын
Clearly you don't know what you're talking about, but just so you know CrowdStrike is not a cheap solution. Who knows, maybe after this our renewal might be in for a substantial discount.
@jamespong65882 ай бұрын
It wasn't due to a bug in the code, it was tested as a code (I assume) It was bug in the design updating process of CS A) no checksum verification, a file got corrupted in the compile process nobody did a check for this B) they pushed the update to everyone Then there are MS design flaws... how a software driver can bsod like it's 1995
@andrewtran98702 ай бұрын
This! 💯, the amount of people saying "they didn't do a shred of testing", without: 1. Knowing their dev process/pipeline. 2. Looking just a little but deeper into the issue. Edit: Woodzta is right, if Falcon can't start up, it's designed to assume that the device is now vulnerable and shouldn't start up (I believe) and that makes perfect sense.
@Woodzta2 ай бұрын
While true, the BSOD itself here is to prevent exposure to a manipulation exploit and I believe Linux would crash the same way under the exact same circumstances. Obviously, the protection works vastly different on Linux so this didn't occur (this time, but has occurred similarly in the past). Also, it's pretty easy to force a bug check. There's even a built in way to do so for testing purposes. Microsoft really do have very little liability here.
@diogotrindade4442 ай бұрын
@@andrewtran9870 Of couse, they did not test it. A failure like this you just need to deploy to one PC to check that is broken. The issue is that some security companies just steps because of some speed paranoia. In conclusion, if we do not have better test that run fast plus a new way of making sure that this pipeline runs we can have this issue again and again. Basic necessities companies need to change OS, Microsoft should not be the default to avoid this situation. After this global disaster if companies do not do nothing it will happen again.
@andrewtran98702 ай бұрын
@@diogotrindade444 So far, we know that somewhere along the update pipeline, one of the update files became corrupted (all null). During the boot process, another piece of code attempts to dereference something within the file, resulting in an error in the boot process and the blue screen of death. It is likely that the "update", i.e., the software that was SUPPOSED to be in the update was thoroughly tested. But it was something during the process of pushing to production that went wrong. Until we receive further reports, we're making a lot of assumptions here. What if the error doesn't always happen when pushing to production? What if they did test on a number of devices, but the error with corruption never occurred? Yes, they should've tested the process or software that pushes to production more extensively. Yes, a rolling update would have minimised the impact. But to accuse them of ZERO testing? Do you really think the largest security vendor in the world would do that? Bottom line we still don't know what happened specifically and until we do we're stipulating an awful lot.
@jamespong65882 ай бұрын
@@Woodzta there is no excuse, Microsoft should have implemented an ilo 10 years ago so that we could access the machines even if they are turned off, And then use that internet access to verify the integrity of their code, This is literally pathetic I am a veteran in c++ I write code for over 20 years, and also work on IT.. what I've described is what we do for so many other products
@nisios2 ай бұрын
Sometimes I wonder how was it even possible to have airports running on the 60's with zero computers in sight.
@cybersamurai992 ай бұрын
A hacker could only dream of an "attack" of this magnitude, wow The fact the the only way to recover its a manual reboot into safe mode and removing a *sys file is just beyond believing. Its like all computers were infected with a evil root kit
@mitzitakes5222 ай бұрын
When all Internet is down, imagine the havoc it can create. We’re so beholden to Big Tech.
@John_Bradbury2 ай бұрын
This amounts to criminal damage on a global scale. I was not that badly affected except for NHS GP systems have still not recovered. I wonder if there should be criminal prosecutions?
@BryanK-y5y2 ай бұрын
@@John_Bradbury good point I think there should be , I read as well sine cars turned off on the freeway
@SMunro2 ай бұрын
It took hackers ages to get a job with the company and infiltrate to the highest levels.
@substitutebodhisattva2 ай бұрын
Wow. In the UK if they can't bill patients, they don't see them at all? "Can't see patients today". What did doctors do before computers?
@cloudswinger20002 ай бұрын
Not just billing, patient records. Mr Jones has what disease and what has been looked at?
@substitutebodhisattva2 ай бұрын
@@cloudswinger2000 Suppose the patient couldn't answer those questions?
@oliverrando64632 ай бұрын
Like man just imagine if the lights go out
@jayantgill2882 ай бұрын
As an alternate theory, what if this faulty update was deliberately pushed? It's quite unlikely that a well known cyber security firm will make such a silly mistake.
@speedforce89702 ай бұрын
Why would they intentionally ruin their image and cause their stocks to tank? They could even be legally charged for this, what's the angle here?
@danwatson87042 ай бұрын
A Russian software engineer has infiltrated Crowdstrike
@santoshsivaramkrish2 ай бұрын
A Good Example is CoronaVirus That Caused Covid19!, Was Done on Purpose By The Big Giant PharmaCeuticals Companies in Joint Ventures Globally!,
@GWAYGWAY12 ай бұрын
@@danwatson8704 CIA more like.
@motivationalmeetyourgoals63982 ай бұрын
Little scare now seems so easy to disrupt the whole world with a single update. Everything is centralised 😢
@ascgazz2 ай бұрын
Nerds who were relentlessly bullied through school…. …are now programming all our services. 😂😂😂😂😂😂
@jerry194842 ай бұрын
And are making +300k a year
@ascgazz2 ай бұрын
@@jerry19484 somewhat missing the point. Kids playing video games are earning money.. and? Does money make people nicer, or not..?
@lazarusblackwell69882 ай бұрын
I dont trust the credit card system. I had more then one case where i couldnt pay for anything at the register because the system was down. I love my physical cash.
@JangoUnshaved2 ай бұрын
Zero accountability. They literally just said 'sorry' 😂
@kaerbear2 ай бұрын
Actually, their stock crashed. If you think head won’t roll, they will. This is capitalism.
@GotterVibez2 ай бұрын
@@kaerbear Now its the time to invest in their stocks. They will recover at some point for sure 😊
I worked in a small kitchen hosp in nz, and i can only say i have nothing but respect for the staff of any hosp reliant on computers for menus, patient admissions, etc. What a nightmare
@X1erra2 ай бұрын
This is a wake-up call for those who allow kernel based software into their system. The people who warned about the risks of it rang true. I just didn't realize Crowdstrike is this huge until now.
@vitalyl13272 ай бұрын
Indeed, snake oil salesmen managed to scam way more people than you'd expect
"the more these outages happen the more we'll notice them" what excellent reporting 🙄
@fritzdeuces2 ай бұрын
The LEGENDARY BSOD remains undefeated. 🤣
@cbaxtianful2 ай бұрын
Who would thought a monopoly would be a big problem?
@Yxalitis2 ай бұрын
What monopoly?
@irieseansalvador2 ай бұрын
Considering the effect I find it hard to believe that nobody tested the upgrade a thousand times before uploading it. Are we being distracted from something??? My imagination is running wild😳
@zimmy912 ай бұрын
Let me just go over this as someone who is in IT and knows the best practices. So this has 24,000 or so consumers for btb. Each business would have to vet the updates but it is encouraged to have automated updates for stuff like this. Basically a lot of these major servers are critical so they trust this vendor to vet the updates properly. It’s kind of hard to say who is at fault when its critical, needs updates for security, but also isn’t given the time to proper time to test. Also, despite the blame pushing from a lot of these news outlets. It really is on the business side of things that should be blamed. The bigger question is why are these multi-billion dollar companies not investing in critical backups and disaster recovery processes properly. Personally sounds like ignorance to me.
@DavidMapola-q3l2 ай бұрын
Its not safe to store money online when this always happen damn last week the bank is offline i cant buy food this taught me a lesson,putting all yourlife online....wont be the best way..
@codswallop1642 ай бұрын
All this things aren't just happening over the last 5 years by coincidence. I've got 30kgs of rice to drop off at the food bank as its ready to go out of day, could you feed you're family without a debit card?
@luka17902 ай бұрын
You think this shit is planned ?
@codswallop1642 ай бұрын
@luka1790 I certainly have an opinion which is probably far from correct, my point don't take for granted the as ability to go to a supermarket for life sustainment or even use you're debit card if they do have supplies.
@thedave77602 ай бұрын
@@luka1790 Difficult to know for sure but be assured that planned incompetence is a thing.
@charlesbenca53572 ай бұрын
go work with computers and you'll see how ridiculous you are to think this was planned.
@codswallop1642 ай бұрын
@charlesbenca5357 You are completely ignoring my point, if you understand what's happened so well then surely the brightest minds in tech would've been had fail safes in place ...
@hdtravel12 ай бұрын
Something is fishy here - we are not getting the whole story
@shysonofficial2 ай бұрын
Everything went wrong after windows 7 in my opinion
@Yxalitis2 ай бұрын
Then your opinion is ill informed
@shysonofficial2 ай бұрын
@Yxalitis windows 7 stopped getting security updates in Jan 2023, if they didn't stop windows 7 updates we would all be fine..in my ill informed opinion
@jublywubly2 ай бұрын
True, but this isn't anything to do with Microsoft. It was a 3rd party security update to their security program. The same thing could be caused by any other brand of internet security software.
@sammadonline2 ай бұрын
All this technology and look how it’s brought down by a single update from a small no name company. Now imagine a meteor strike or a global catastrophe. We are doomed
@Jormunguandr2 ай бұрын
Would be funny if crowdstrike got "no sue" clause for customers 😅
@BryanK-y5y2 ай бұрын
@@Jormunguandr they'll have slas in the contract which are now breached , they'll go bankrupt to avoid the lawsuits
@youarebusteduser2 ай бұрын
Which will leave the US with two cybersecurity companies, so that leaves us with a 50/50 chance of this happening again. There would also have to be a instant replacement. @user-zc5lf9xb2g
@johnsmith1953x2 ай бұрын
@@BryanK-y5y Don't worry. The CEO will still get $$$$$$$. Bigtime!! Heheeeeeee!!
@AlexR_442 ай бұрын
@@BryanK-y5y Funny thing about those SLA's... most of them promise 99.9% over a year, which is easy to do, don't be down for more than half a day at given time. Which they weren't they had an answer for it within hours. The application of that answer takes longer, but you can't sue for that part.
@BryanK-y5y2 ай бұрын
@@AlexR_44 not understanding what you mean , a very poorly worded response. they've caused huge downtime it's going into days now
@williamangeles97612 ай бұрын
Now you know why they are called crowdstrike.😂
@MeowsyDancer2 ай бұрын
Who needs enemies with services like these?
@johnholst2 ай бұрын
It's Skynet running its first test. We're all doomed!! :)
@DavidRomigJr2 ай бұрын
Yeah, somehow a channel sys file got zeroed out before being pushed to clients. Since it’s considered required, Windows will refuse to boot when it can’t run it. It makes me wonder why they don’t canary their updates. It would greatly mitigate this type of failure. Why are they pushing it to all their clients simultaneously.
@GH-oi2jf2 ай бұрын
I question why it was installed everywhere, rather than why it was sent. Automatic updates seem to be part of the problem.
@andrewtran98702 ай бұрын
@GH-oi2jf I agree in that I don't see why a rolling update would be a bad thing. But I think automatic updates makes sense. Ultimately it is up to the customer to decide whether they want to use a product with automatic vs manual updating. However, MANY MANY companies have poor updating procedures and policies. And when it comes to security, we don't want a zero day to be left unpatched because companies failed to stay up-to-date with the news (as there would be a lot). Thing is, for a lot of companies it just makes more sense to have an external 3rd party manage the updates for this sort of thing. I.e. who better than the leading cyber security firm, CrowdStike, themselves... of course, this is now being called into question. But I still think it's the better approach for the vast majority of customers. Airlines, banks, defence, though... you would hope they have sufficient resources to manage manual updates and version control themselves. But the risk is still there: "do I stay on this version with a zero day? or do I immediately update to get the patch?" Of course the latter.
@xxgn2 ай бұрын
@@andrewtran9870 Some of those companies had Crowdstrike configured to automatically stay a version behind. But the update was pushed to them anyways.
@PatrickBaptist2 ай бұрын
crowdstroke's apology is complete BS.
@rezwhap2 ай бұрын
Whilst factually true, it’s absolutely disingenuous to not mention it was a third-party update in the introduction.
@alexanderthemeek2 ай бұрын
They were called one of the 50 most disruptive companies. How true.
@engineeranonymous2 ай бұрын
Crowdstrike has done the same to Linux system before. you just did not heard it.
@vitalyl13272 ай бұрын
because companies wise enough to use Linux are sufficiently competent not to buy into the snake oil, so the crowdstrike user base on Linux is tiny.
@Noi_That_Mich_Long2 ай бұрын
Crossstrike should be held accountable for the incidents. We should sue crossstrike.
@gentuxable2 ай бұрын
Why does a signage board need anti virus? Why isn’t it protected in its VPN subnet and/or run on linux?
@sundhaug922 ай бұрын
Probably part of the standard base image
@potluckfishing2 ай бұрын
Because it's running on a windows computer connected to an enterprise network
@gentuxable2 ай бұрын
@@sundhaug92 I see, probably a bad idea. Where no user is able to touch or has a tightly controlled UI with a watchdog if that dies,, other measures seems to be a better approach than rolling out standard Windows images with anti virus.
@BryanK-y5y2 ай бұрын
@@gentuxable Vpn and subnet are two totally different things your an IT noob with no clue what your talking about. How tf is being on a different subnet if it's still on the network going to prevent anything ?
@gentuxable2 ай бұрын
@madhurgupta854 if you have any Windows machine that needs to get information over the internet you may want to protect it from any other machine that can attack it. The best way I know to protect while still having it connected is by using a VPN so that it tunnels all communication over one controllable path. So an attacker needs to breach the VPN first in order to attack the machine that could possibly be used in a botnet.
@Gaming4Justice2 ай бұрын
As a former programmer, imagine how bad the programmers themselves must be feeling. I wouldn't go so far as to call them the devil and for being all at fault for it is a difficult job and it is easy to miss stuff. Although if something goes into blue screen immideatly after update is installed, then it probably wasn't tested at all. Sometimes deadlines push too hard.
@309electronics52 ай бұрын
I dont blame the programmers because programming mistakes can happen. I blame the QUALITY CONTROL/TESTING team for not doing their job (if they even exist at all). Av software runs in KERNEL MODE and thus 1 bad line of code can crash the whole system and thus KERNEL DRIVERS SHOULD BE TESTED FULLY before being released to prevent the kernel from crashing
@arcadeportal322 ай бұрын
Using Linux Mint that I can choose when and what to update, I haven't looked back!
@X.A.V.l.E.R.2 ай бұрын
After IBM's acquisition of Red Hat, the core values and mission is impacted thereby jeopardizing the quality of offerings and especially internal working environment of the company. I'm saying this as an ex Red Hatter
@AJXOXO-vz1pn2 ай бұрын
@@X.A.V.l.E.R. Hmmm. Maybe Apple is the way to go.
@sundhaug922 ай бұрын
Well that's kinda what CS broke - they pushed a feature-update in a way that ignored corporate test-groups
@notjustforhackers42522 ай бұрын
@@X.A.V.l.E.R. What's your point? Red Hat isn't "Linux". You sound more like you have an axe to grind rather than offering good advice.
@dirtysanchezmaster2 ай бұрын
You have no clue what's going on. CrowdStrike on Linux auto-updates too. You are probably confused with system updates. Mint users are the lowest form of Linux users so I don't expect you to know much.
@dizuko_2 ай бұрын
Got to love the B-roll shot of a till from MANY years ago. Holding notes that aren't in circulation anymore
@Robert290112 ай бұрын
I love the grounded reality of this channel!!,Despite the recession, I no longer depend on Government Grants since I acquire $16,400 bi weekly profits.
@adiratnadunia2 ай бұрын
Huge! Been trying to trade on my own for a while now, but it isn’t going well. few weeks ago I lost about $70,000 in the trade. Can you please at least advise me on what to do?
@Robert290112 ай бұрын
Well, I picked the challenge to put my finances in order. Then I invested in cryptocurrency,stocks,through the assistance of my discretionary fund manager,
@Robert290112 ай бұрын
James Werden
@crystalsword162 ай бұрын
I’m not here to converse for him to testify just for what I’m sure of,he’s trustworthy and best option ever seen.
@ChainGang4872 ай бұрын
Such a genuine personality!! He is really a good investment advisor. I was privileged to attend some of his seminars. That’s how I start my crypto investment.
@Curt_Randall2 ай бұрын
It is ironic that even though this was not a malicious cyber attack, the name CrowdStrike certainly sounds like a malicious cyber-entity.
@lak12942 ай бұрын
Resiliency means having multiple (not just one) Plan B and ways of doing things. Don't rely on only technology. Carry cash as well if you want to be able to get coffee on a day when all the banks are down or cashless payment systems are down. And merchants: this means you can't be entirely cashless; you need to be able to transact with good old cash. See how both sides must be resilient?
@DavidRamos-sr8cx2 ай бұрын
This is the price you pay for going with Agile methodology.
@ichbinraghu2 ай бұрын
CrowdStrike really striked crowd 😅
@arsadain6922 ай бұрын
Can all these companies file a lawsuit agains Crowdstrikes?
@dave5972 ай бұрын
03:11 What is the source of the "have to do this 15 times"? What exactly? Reboot or delete the file, as that only has to be done once, or companies with 15 machines? It's not clear to me why they say this.
@dave5972 ай бұрын
It's a boot loop, so I guess manual reboots? But the actual fix is to delete a file in system directory, not manually reboot and hope it fixes it.
@arcadeportal322 ай бұрын
Windows has been getting more non it repair friendly. They are trying to remove Local Accounts and it can take 4 to 15 PC Restarts before you can enter safe mode on Windows to remove the bad file.
@sundhaug922 ай бұрын
@@dave597 There's an update that fixes this but getting that update might require as much as 15 reboots
@boskee2 ай бұрын
@@sundhaug92 Correct. Basically you may get lucky and fetch the new update from CrowdStrike before the kernel panic kicks in. Some people were able to get it after 15 or so reboots, others weren't so lucky.
@arduinoguru72332 ай бұрын
@@arcadeportal32 Why not running any Linux Live CD and navigate/search to the file and delete it, I have done that sht a million timebefore, WTF IT people brain can't process this solution?
@RB-wu4us2 ай бұрын
The update code was not bad. The code was alerted. It was definitely a cyber security attack.
@damitcam2 ай бұрын
Why is nobody talking about the fact that this is exactly the kind of cyber attack that they have been warning us about before a major conflict starts.
@eArtrash2 ай бұрын
Be quiet lil tinfoil bro
@mariusmarius48322 ай бұрын
Sounds like a hack...
@rupertcortes39802 ай бұрын
This is now the new, and the real Y2K.
@sundhaug922 ай бұрын
Well the thing is that with Y2K you had a calendar-date you could plan for, and millions of dollars were spent on preparing systems. This just happened without warning.
@0-Elias-02 ай бұрын
Most software updates create more problems than they solve (eg, unwanted features; lost settings; etc.). This current [ _CrowdStrike_ ]fiasco is a well-pronounced example of why software updates are cold pieces of h3ll.
@dyztructive2 ай бұрын
this is what happens when everyone relies on centralized systems.
@chrianmbandas62772 ай бұрын
I'm going to keep more cash on hand from now on . We put to far much faith into new technolog .
@MarkyGoldstein2 ай бұрын
Windows is high risk since its start. It's a design problem in the Kernel and its update service as well as other problems. The blue screen of death has been around for too long. Critical systems should be migrated to Linux or Unix.
@kleec4952 ай бұрын
You talk like Linux cannot have kernel panic
@y00t00b3r2 ай бұрын
You have no idea what you are talking about.
@nyxviliana2 ай бұрын
Ah yes, beause Linux doesn't have any issues. I love how everyone has forgotten just how close we were to the recent SSH supply chain attack landing into distros.
@rezwhap2 ай бұрын
You know that Linux has kernel extension modules, right? And can also run a version of CrowdStrike Falcon?
@manuela96712 ай бұрын
and an advice from an expert I saw on television, who worked for the government as white hat (good hacker if you so will), don't come here telling what system you run, the black hats, the bad people down underneath the real internet, are already waiting to hear that from you and waiting to use the opportunity. just stay calm and quiet. These are dangerous times concerning the dark internet.
@RetroActionUK2 ай бұрын
The world needs to stop relying solely on technology.
@JeanPierreWhite2 ай бұрын
Spoken like a true luddite.
@-_-_-_-_-_-_-_-_-_-_-_-_-_-ucq2 ай бұрын
Yea and how tf would they be able to use air traffic communication without technology?
@RetroActionUK2 ай бұрын
You can interpret this any way you like but I never said we should stop using technology completely. What I meant was having everything be digital is perhaps not the best idea.
@-_-_-_-_-_-_-_-_-_-_-_-_-_-ucq2 ай бұрын
@@RetroActionUK Well, it's easier to do it with technology than going back to the stone age
@-_-_-_-_-_-_-_-_-_-_-_-_-_-ucq2 ай бұрын
@@RetroActionUK AI is gonna replace us anyways🤷♂️ There is no turning back now
@ivanconnolly73322 ай бұрын
Crowd strike did exactly what it says on the tin.
@deepthinkerpoet2 ай бұрын
There should be more companies covering the security. Why does one company have this massive marketshare? Oh right, everyone wants one big company for each industry.