Recent

Author Topic: cloudstrike  (Read 2971 times)

Thaddy

  • Hero Member
  • *****
  • Posts: 16199
  • Censorship about opinions does not belong here.
cloudstrike
« on: July 19, 2024, 09:22:16 am »
Anybody already affected by the cloudstrike disaster?
tip: do NOT reboot today and turn off automatic updates until further notice.
This is a fire alarm...

                  and if you are a sysop do it quick, like NOW.

Do not reboot, do not upgrade and wait for more information.
If you are in the cloud and you reboot you have a huge problem.
Follow the news.
« Last Edit: July 19, 2024, 09:34:56 am by Thaddy »
If I smell bad code it usually is bad code and that includes my own code.

cdbc

  • Hero Member
  • *****
  • Posts: 1673
    • http://www.cdbc.dk
Re: cloudstrike
« Reply #1 on: July 19, 2024, 10:36:06 am »
Hi Thaddy
As far as I can see/read, it only affects micro$oft and the azure platform?!?
Luckily, most of the people I know, that uses that, are on vacation atm...
Surprising to see, just how many 'cookie-pots' micro$oft has got their dirty little hands in...
Am I missing something, should I be worried?!? I mean Unices run the most anyway...
Regards Benny
If it ain't broke, don't fix it ;)
PCLinuxOS(rolling release) 64bit -> KDE5 -> FPC 3.2.2 -> Lazarus 2.2.6 up until Jan 2024 from then on it's: KDE5/QT5 -> FPC 3.3.1 -> Lazarus 3.0

theo

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1930
Re: cloudstrike
« Reply #2 on: July 19, 2024, 11:55:43 am »
Isn't that called crowdstrike?
Zurich Airport is also affected...

Thaddy

  • Hero Member
  • *****
  • Posts: 16199
  • Censorship about opinions does not belong here.
Re: cloudstrike
« Reply #3 on: July 19, 2024, 12:26:08 pm »
Here in the Netherlands all airports are affected, also my former employer is down and that *should* have a flick of a switch, because it is 4! times duplicate. (I guess they did not listen to me and tried to save money after I left, I designed that) The last way out is the development environment (level 4)
Live, backup, shadow, development. All live at all times, different routes.(and different providers with different networks and two co-locations)
That is a bank, and not a minor one....
« Last Edit: July 19, 2024, 12:38:50 pm by Thaddy »
If I smell bad code it usually is bad code and that includes my own code.

Thaddy

  • Hero Member
  • *****
  • Posts: 16199
  • Censorship about opinions does not belong here.
Re: cloudstrike
« Reply #4 on: July 19, 2024, 12:43:55 pm »
Yes, Benny, seems only Azure, and a Windows upgrade: stop the install of that!
It will without question be fixed in hours, not weeks.
At least my consultancy fee has gone up for today  8-)
Just enough to make me go out of bed...
If I smell bad code it usually is bad code and that includes my own code.

Thaddy

  • Hero Member
  • *****
  • Posts: 16199
  • Censorship about opinions does not belong here.
Re: cloudstrike
« Reply #5 on: July 19, 2024, 12:52:44 pm »
Isn't that called crowdstrike?
Zurich Airport is also affected...
No it is cloudstrike, never trust journalists.
If I smell bad code it usually is bad code and that includes my own code.

theo

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1930
Re: cloudstrike
« Reply #6 on: July 19, 2024, 01:08:43 pm »
No it is cloudstrike, never trust journalists.
In this case, I trust the journalists...  :D
https://en.wikipedia.org/wiki/CrowdStrike

hansotten

  • Full Member
  • ***
  • Posts: 101
    • The School of Wirth
Re: cloudstrike
« Reply #7 on: July 19, 2024, 01:55:59 pm »
Isn't that called crowdstrike?
Zurich Airport is also affected...
No it is cloudstrike, never trust journalists.

and always check the source :)

https://www.crowdstrike.com/blog/statement-on-windows-sensor-update/
http://pascal.hansotten.com/ Pascal for Small Machines. The School of Wirth, sources of old Pascal compilers,

gidesa

  • Full Member
  • ***
  • Posts: 145
Re: cloudstrike
« Reply #8 on: July 19, 2024, 07:56:07 pm »
So, seems a failure of a certain security product for cloud. Isn't?
Anyway, a warning on widely using cloud services.

Curt Carpenter

  • Hero Member
  • *****
  • Posts: 567
Re: cloudstrike
« Reply #9 on: July 19, 2024, 08:13:09 pm »
What do you charge your clients for fixing their "cloudstrike" problems Thaddy?

MarkMLl

  • Hero Member
  • *****
  • Posts: 8039
Re: cloudstrike
« Reply #10 on: July 19, 2024, 11:21:24 pm »
Isn't that called crowdstrike?
Zurich Airport is also affected...
No it is cloudstrike, never trust journalists.

and always check the source :)

https://www.crowdstrike.com/blog/statement-on-windows-sensor-update/

Just a mo here. Haven't any of you guys ever seen a sauce bottle labelled "THE ORIGINAL, ACCEPT NO SUBSTITUTE" and so on? Why should a website named "crowdstrike" be believed when it claims to be "the original"... that could easily be spoofed for nefarious purposes.

OK, having got that out of the way: it does look as though in the current case Thaddy's made a mistake and the name actually /is/ Crowdstrike. However possibly the most useful confirmation of this is if you go to https://en.wikipedia.org/wiki/CloudStrike... whereupon you arrive at

Quote
CrowdStrike
From Wikipedia, the free encyclopedia
(Redirected from CloudStrike)

In other words Thaddy's is a common mistake. Having said which: more of us should be asking ourselves whether, in the case of one of our customers asking /why/ something was fouled up, we can deliver a contract-compliant answer rather than pointing at some combination of upstream "cloud" service providers who are undoubtedly NDA- and lawyer-heavy.

MarkMLl
MT+86 & Turbo Pascal v1 on CCP/M-86, multitasking with LAN & graphics in 128Kb.
Logitech, TopSpeed & FTL Modula-2 on bare metal (Z80, '286 protected mode).
Pet hate: people who boast about the size and sophistication of their computer.
GitHub repositories: https://github.com/MarkMLl?tab=repositories

Curt Carpenter

  • Hero Member
  • *****
  • Posts: 567
Re: cloudstrike
« Reply #11 on: July 19, 2024, 11:46:20 pm »
Just a mo here. Haven't any of you guys ever seen a sauce bottle labelled "THE ORIGINAL, ACCEPT NO SUBSTITUTE" and so on? Why should a website named "crowdstrike" be believed when it claims to be "the original"... that could easily be spoofed for nefarious purposes.

That's kind I suppose.  Still... 

Trust no one.  They really are all out to get you.  We are not leaving this ship until we know who stole the ice cream.  The New York TImes ("Airlines, hospitals and people’s computers were affected after CrowdStrike, a cybersecurity company, sent out a flawed software update.") is a tool of the liberal deep state,

etc. etc.






440bx

  • Hero Member
  • *****
  • Posts: 4750
Re: cloudstrike
« Reply #12 on: July 19, 2024, 11:51:43 pm »
Aren't drivers supposed to be signed precisely to ensure they do _not_ cause problems like that ?

you can trust it... it's signed... what a joke!! (a rather bad one too.)

(FPC v3.0.4 and Lazarus 1.8.2) or (FPC v3.2.2 and Lazarus v3.2) on Windows 7 SP1 64bit.

MarkMLl

  • Hero Member
  • *****
  • Posts: 8039
Re: cloudstrike
« Reply #13 on: July 20, 2024, 12:00:35 am »
Aren't drivers supposed to be signed precisely to ensure they do _not_ cause problems like that ?

No. They're signed so that if something goes wrong you know who is responsible.

Whether or not they manage to weasel out of it is another matter.

The lack of signing in ELF binaries and in the overall Linux ecosystem means that "Who is responsible for this?" is a far more thorny concern. But sorting out "the cloud" is much more pressing: I've seen enough evasion when there were only one or two companies involved, let alone the multitude when one tries to farm out ones Data Processing.

MarkMLl
MT+86 & Turbo Pascal v1 on CCP/M-86, multitasking with LAN & graphics in 128Kb.
Logitech, TopSpeed & FTL Modula-2 on bare metal (Z80, '286 protected mode).
Pet hate: people who boast about the size and sophistication of their computer.
GitHub repositories: https://github.com/MarkMLl?tab=repositories

Thaddy

  • Hero Member
  • *****
  • Posts: 16199
  • Censorship about opinions does not belong here.
Re: cloudstrike
« Reply #14 on: July 20, 2024, 12:25:16 am »
Yes it was crowdstrike. Mea Culpa.
Free dinners for all my holidays....
I was involved too early (3:00 gmt)

But the fire alarm was correct.
« Last Edit: July 20, 2024, 12:29:57 am by Thaddy »
If I smell bad code it usually is bad code and that includes my own code.

 

TinyPortal © 2005-2018