As a cybersecurity analyst, I disagree. This isn't a change management problem; it's a fundamental policy issue. Since when is it typical for large companies to update without proper testing? This is the root cause from my perspective. If they had tested the update before applying it or using auto-update, this issue would never have occurred in the first place. Any organization that experienced an outage likely has either inadequate testing or poor security policies. If there's no option to disable auto-updates, then there's a policy problem as well. In my opinion, CrowdStrike failed significantly in their testing. Additionally, every company affected by this either has poor testing procedures or deficient policies.

@@Bianchioltr1885 In other words, you don't have any knowledge of the specific situation. Let me explain it to you. This isn't the kind of periodic functional update that people are used to thinking of, where updates might come out a few times a month. The Crowdstrike Falcon software is an endpoint protection suite. It uses software sensors to monitor activity and traffic on the host computer. These sensors are governed by configuration files, which Crowdstrike calls Channel Files. These Channel Files are updated in response to novel activity, processes, and procedures discovered by Crowdstrike through its constant monitoring. How often are the Channel Files updated? Several times per day, each and every day, 24/7/365. The entire point of spending the money to implement the Falcon software on your system is to get that bleeding edge level of protection through those constant updates. It's utter nonsense to say that you should turn off automatic updates on the Falcon software, because the whole point of the software is to get the automatic updates every few hours. If you don't want to do that because of the risk, you simply don't buy the Falcon software. You use a different cybersecurity suite. The Change Management issue occurs at Crowdstrike. They have obviously decided that these are routine updates that do not require the same level of testing before being pushed out. There needs to be a major change in their governance structure to ensure that any and all changes must be more rigorous testing AND review and approval, even if it means a delay in the rollout.

@@Bianchioltr1885 You Tell Em !!

Well said! I've always advocated to keep paper, pencil, calendar, calculator, dictionary, etc. in the house, and lock your credit with credit companys.

@@dougthomson5544 Only when the secret agencies are allowed to add backdoors to our system.

You , not we. I have no use of microsoft or apple products

@@travisgoesthere You have a great point for individuals. Do you use Linux and how is that? I think I may look into that. However, remember our retail, banks, airports, government does use Microsoft products. That's why I keep a close eye on the tech I do use. I can speak to what happened to me. The state of Colorado lost my info in 2022 and a grocery store pharmacy lost my info also in 2022. I had to lock all my info down but I should have done that sooner. I was lucky. Some people I know were not.

@@travisgoesthere I don’t know where you are going, Travisgoesthere, but this has nothing to do with what OS “you” are using, pal. You are being a tiny bit smug here. Using Linux (or any of the 10 or 12 readily available OS options) doesn’t matter one hoot in hell. You are absolutely as vulnerable as any other entity on the internet because you use the internet (obviously). In short, it matters what airline uses, or the bank, or the whatever service you want to access. Of course, neither are you personally secure because Linux (or whatever) has its own library of vulnerabilities.

and wrote the update with chatgpt... ahahaha

Yeah they did. In the last 48 hours and continuing.

They are taking a leaf out of the microsoft playbook ie don't bother with testing because your customewrs are your unpaid testers!

Also, you never update on a Friday.. you update on a Tuesday!

not only release but also force an update

they send the update to ALL CrowdStrike-Clients in the world ... instead of testing it on 3 clients, then 30 and so on ... CrowdStrike is dead now

Because only computers running MS Windows are affected.

This is because the vast majority of businesses and corporations use Windows for their business computers. Mainly client devices. Since it was businesses that were affected, it is reported as an issue affecting MS Windows.

They don't know what powers their computers

yep except now the whole world knows about it not just gamers lol.

@@d3po607 bill gates will fix it 😅 😂

That exceeds the 100-character limit for KZbin titles.

@@joesterling4299 purposely done

That's the mind boggling thing. It should have failed instantly in any proper testing environment. I wonder if they simply tested it on one and only one platform. Did they say "it works fine on Apple (or this or that Linux distro) so we're good to go"?

100000% none of this adds up

"I want to reassure the board that our information is still secure, so secure in fact that we can't currently get to it"

lol Its your own fault for being connected to Microsoft products.

@@travisgoesthere Hey, Travis, you are connected to Microsoft products right now. Methinks you really don’t know what you are talking about, young man.

You go into a "blue screen" loop, until you start in Safe Mode and delete the offending files.

Linux here , no Issues

because tell me what bricking computers would gain you?

@@thatguyiguess2694 - telegraph the resolution fix to make a better killer next round. -show backdoors while system is down and or focus is elsewhere - give access and hold it until next system down - sell info of how it was done to other companies or agencies that absolutely will use this in reverse on other countries or places or isolated situations - create future isolated situations when infrastructure is needed

Crowd strike bricked the usual mic 🎤

computer crash not an error. crimes needed deleted. airplane maker, stock company. chaos is cover.

Thats not what happened , Gomer and i guarantee that you really have no clue about code of any sort . No need to be talking as if you have a clue

Stop being racist.

because a hack to brick systems is not a very useful hack considering the computer and thus everything on is not able to be accessed

computer crash not an error. crimes needed deleted. airplane maker, stock company. chaos is cover.

@@thatguyiguess2694 Sure, but that assumes that an attack is made to steal data, rather than create chaos. It is well known that certain Russian actors are interested in creating chaos in some countries. But I think incompetence is the explanation in this case, not malice. There is always the possibility of an employee with a grudge, but it seems very unlikely.

@@nickfry7839 but you can’t even access the computer, there’s nothing to delete because you can’t do anything on the system

Yeah, let the Russians take care of system security.

@@gibbogle and how many years in IT do you have? Do you even know who Kaspersky is or the History? Wait no you just prefer the dumpster fire we have now.

@@Lacerated1DJ3 I have been working with computers for about 50 years.

@@gibbogle Did you then forget in your old age that Kaspersky relocated from Russia to Switzerland! And it is still the best in the business

The good old days of DOS. Computers were so simple then :)

How do you have a backup process when all your computers are disabled?

@@gibbogle backup process as in a manual process! Get the typewriters out, get the carbon paper, do it by hand, in such away the data can be entered easily later on but that at least critical processes keep going, albeit slower. Not backup as in tape storage. I worked in healthcare for each product we as a hardware/software house developed a manual backup process also developed and documented. A backup process, that if the customer used it in that way, that we could even help entering that data again after recovery. OCR on well established empty paper forms (that were part of our documentation). So we had manually treatment cards that you could photocopy and write down the treatments done on a person during that day. We had the ability to schedule hard copy of all meds and treatments that a patient got (just list of treatment IDs and medics and patient ids). You could print your patient detail cards so you would know their name and states. When adaptive medicine pumps would fail we had the old mechanical wind up pumps as backup that worked as well (we still had a factory produce them too and always some in stock), you just had to do a blood test, that another befriended company made special enzymes for to test without digital equipment. And based on the values the nurse or patient could change the drip rate. So not as adaptive and accurate but enough to keep people depending on a constant supply of meds going. With the idea of when there’s a of power outage or worse EMP from a nuke attack. That these people would still get their treatment. Specialized emergency medicine storage is (or perhaps was - seeing how inept governments have become) that have backup treatments ready in case of shortages. So for every electronic critical process should be an analogue back up progress in place. So the critical processes keep going albeit slower. But planes not flying because computers are down, hospitals not treating people because computers are down, is just unacceptable and shows poor management! A mere 40 years ago most processes weren’t even automated and now we can’t do the simplest things without a computer. That’s just not right! Especially since I now how precarious our grid is after having worked 8 years in the energy business. And how that green energy transition madness will cause problems in the grid. At the very least more frequent power dips and Munro hour power outages, but perhaps even brown outs for several days.

It isn't really a regression test failure if it made the whole OS flop. If I was a betting man, my money would be on this only impacting a certain version of Windows it is supposed to support but wasn't specifically tested on - I.e. they tested on Windows 11, but it crashed Windows 10.

Maybe I will call best buy

We dont live in Windows

@@travisgoesthere Travis, once again you prove you don’t know what you are talking about. Try reading it again and think about some Science Fiction stories. Now extend those thoughts to the world we live in. Are you getting a hint about what @ashleybraim is alluding?

It wasn't a Windows update, it was a Crowdstrike update. You or I can easily switch to Linux, but it would not be an easy switch for most of the organisations affected by this.

computer crash not an error. crimes needed deleted. airplane maker, stock company. chaos is cover.

@@nickfry7839 amazing points

In some cases an organisation will have 100s of employees using Windows PCs. They would all need to be retrained.

@@gibbogleWhy? The keyboard and mouse work the same?

@@pgpleroux Different software - or am I behind the times? I was using Linux about 20 years ago.

@@gibbogle Are you still using Linux? A few years ago I upgraded a government field office to Linux without telling users. Their comment to the "Windows upgrade" was "it looks different, but it is much faster". After a user's son told her "it is not windows" users started complaining...

@@pgpleroux I no longer use Linux at home, but I make extensive use of a site with many hundreds of processors running Linux.

🤣...I though the same but most unlikely. In real, she just met a better match...

I meant the flirting

@@prostytroll why? You couldn't access it if there was an outage in the least. You'd be better off having chickens to barter 😆

If ever the saying Cash is King it makes more sense than ever today!

@@dontplayformenero why do you think gold and silver is so expensive now It's will be more easier to barter than with chickens 😁

@@6risk9 You arent too bright are you lol?

sarcasm, sarcasm, people...