Asklemmy

43363 readers

1332 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

Open-ended question
Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
Not ad nauseam inducing: please make sure it is a question that would be new to most members
An actual topic of discussion

Looking for support?

Looking for a community?

Lemmyverse: community search
sub.rehab: maps old subreddits to fediverse options, marks official as such
[email protected]: a community for finding communities

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago

MODERATORS

[email protected]

Crowdstrike Cockup (lemmy.world)

submitted 1 month ago by [email protected] to c/[email protected]

28 comments fedilink hide all child comments

So as we all know on the news, the cybersecurity firm Crowdstrike Y2K'd it's own end customers with a shoddy non-tested update.

But how does this happen? Aren't there programming teams and check their code or pass it to a quality assurance staff to see if it bricked their own machines?

8.5 Million machines too, does that effect home users too or is it only for windows machines that have this endpoint agent installed?

Lastly, why would large firms and government institutions such as railway networks and hospitals put all their eggs in one basket? Surely chucking everything into "The Cloud (Literally just another man's tinbox)" would be disastrous?

TLDR - Confused how this titanic tits up could happen and that 8.5 Million windows machines (POS, Desktops and servers) just packed up.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 3 points 1 month ago (2 children)

Could a solution to this be any of the following:

Windows performing automatic driver rollback in the event of it reaching an unbootable state
Software vendors pushing out updates to a smaller pool of endpoints and monitor for heartbeat for 30 mins or so before releasing for all endpoints
A way for windows to expose the relevant data to trusted software without the software needing to operate in kernel space

[–] [email protected] 1 points 1 month ago

Basically the second one is standard practice, a phased rollout. The only reason you wouldn't do one is if there's some really bad exploit that is currently being exploited and you need to fix it now now now. So either somebody fucked up and deployed a regular fucked update as a critical patch, or a critical patch was shoddily made and ended up soft bricking everyone.

But idk i don't work in tech.

[–] [email protected] 6 points 1 month ago

"Could a solution be any amount of basic sanity in software architecture" yes probably