Crowdstruck (Windows Outage) - Computerphile
23,792
Published 2024-07-23
www.facebook.com/computerphile
twitter.com/computer_phile
This video was filmed and edited by Sean Riley.
Computerphile is a sister project to Brady Haran's Numberphile. More at www.bradyharanblog.com/
Thank you to Jane Street for their support of this channel. Learn more: www.janestreet.com/
All Comments (21)
-
I got dragged into this and I'm now at 48 hours of overtime. Thanks CrowdStrike.
-
The real worry is the lack of QA at Enterprise companies. A state actor infiltrating one of these orgs would be absolutely devastating.
-
Heh the BSOD at 0:40 is cool "For more information about this issue and possible fixes, do not ask us"
-
In the modern version of Battlestar Galactica, Admiral Adama absolutely refused to have Galactica networked to other systems and ships in fleet because of the risks to their it critical system. Yet here we are, allowing a root kit to operate unconstrained on millions of machines. Fun times ahead.
-
The guilty in this instance are both CrowdStrike and their Customer Security Managers. CrowdStrike has a history of shipping stuff that breaks systems, most recently their Linux product. The Customers said: Yes CrowdStrike just put whatever you want on our systems without monitoring. And by the way, we have no adequate disaster recovery plan. As a corollary, letting CrowdStrike put stuff on your systems also allows bad people to compromise CrowdStrike and deliver unlimited hurt. If I was a baddie I'd spend my every effort to subvert CrowdStrike!
-
The frowny face is absolutely necessary
-
I was waiting for this video with extreme excitement for the last 2 days. I jumped on YouTube as soon as I saw the notification.
-
Perfect storm: no fuzzy testing the driver code, no staged deployment, no os blue/green boot partition
-
I swear this is only the beginning for tech companies that are losing valued senior staff over the many, many decades...
-
Nice touch with the 13.37% in the BSOD 😁
-
If Dr Bagley and Dr Pound had a podcast, I'd definitely listen to them talk for hours lol.
-
The CrowdStrike bug was what Y2K wished it could be.
-
when the computer goes down, that is a sign to photosynthesize, nice
-
Linux has a feature that allows the sandboxing of channel updates using eBPF, although Crowdstrike doesn't use it yet. In theory, that could have prevented the BSODs had Windows had a similar feature. Also, I don't ncessarily agree that Windows is blameless here. While Crowstrike is definitely at fault, Windwos did certify their driver, and that validation somhow didn't include testing for corrupted or invalid channel files. There's no reason the driver should blindly trust those files without validation.
-
"Well, well, well. Tell me, young gentlemen, why is it always you two when something bad happened??"
-
13.37% complete... ISWYDT 🙃
-
My local pub went down.. no fish and chips for me..
-
Crowdstrike sounds like a nickname for Mustangs 😅
-
Falcon is using definition files which are NOT part of the WHQL process which Falcon obviously is! I don't know how this works on Linux or MAC, but maybe it should not be allowed for Windows driver makers to deliver anything to the kernel that does not go through the WHQL certification.
-
Yesssssss, twas waiting for this. You beautiful channel you. The dynamic duo returns