Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
CrowdStrike issue also with Linux
#1
Who knew? This from Tom's Hardware:

https://www.msn.com/en-us/money/other/cr...df07&ei=28

CrowdStrike issues go beyond Windows: company's security software has reportedly been causing Linux kernel panics since at least April
Story by Christopher Harper • 7h


But as it turns out, the problem isn't just isolated to modern Windows operating systems. Linux users have been reporting kernel panics and crashes related to the same software since as early as April of this year, per a report from The Register.

So, how is this issue cross-platform? Chances are the specific issue that caused chaos over the last few days is not— after all, we would've seen it cripple Windows machines much sooner if that were the case. However, what this does demonstrate is that CrowdStrike has apparently been lax with its Falcon Sensor Security software for quite a while now. .....

Linux users who have been impacted reportedly include those using Red Hat Enterprise Linux, Debian Linux (and Debian is the basis for the more-widespread Ubuntu), and Rocky Linux. All of the issues in question are impacting the underlying Linux kernel (universal across Linux distributions), though, seemingly crashing any Linux distributions using kernel versions 5.14.0-42713.1 and newer.

Linux users do seem to have more recourse for issues like this— including switching to an eBPF "User Mode"— but it speaks to the severity of CrowdStrike's kernel software development issues if the company is managing to cripple Linux and Windows operating systems.

It also shows that there were warning signs for this past global outage, and that systems should have been in place at CrowdStrike some time ago to test these enterprise and government-targeted updates vigorously enough to prevent these kernel-level crashes. After all, most impacted users in these strictly-controlled environments likely don't have the administrative access or knowledge required to fix these problems once they occur. In other words, much-improved QA testing would seem to be mandatory for CrowdStrike's continued long-term success.
Reply
#2
"CrowdStrike: the Boeing of computer security."
Reply
#3
CrowdStrike should be fined major moolah for affecting the entire world like that. A software for critical infrastructure cannot have updates deployed so frivolously.
Tread on those who tread on you

Reply
#4
yes, so many people were quick to blame Microsoft without knowing the facts

Dave Plummer explains it https://youtu.be/wAzEJxOo1ts?si=IrJfQvUsXgwXodhT
Reply
#5
   
Reply
#6
I suppose if things go really bad, CrowdStrike could reorganize under U.S. bankruptcy rules, and reemerge as CrowdStrike II. They better not screw up again, because CrowdStrike III and you're out!

Pete

- I blame HeckleFish
Reply
#7
Good call @Pete lol
Seems they chose a very appropriate name for their company!
Of all the places on Earth, and all the planets in the Universe, I'd rather live here (Perth, W.A.) Big Grin
Please visit my Website at: http://oldendayskids.blogspot.com/
Reply
#8
Ah, speaking of CrowdStrike, too bad that bit about Southwest using Windows 3.1 was actually fake news.

https://www.msn.com/en-us/entertainment/...782&ei=831

Bottom line is, yes, Southwest use some software that's "just about as old as" Windows 3.1, but more to the point, Southwest simply doesn't use CrowdStrike!!

I mean, let's imagine that some ubiquitous enterprise software, something like McAfee Enterprise, or of course Windows, or even Linux in infrastructure systems, were to distribute a faulty update. Same thing could easily happen.

For all the fuss this created, seems hard to believe that the vulnerabilities were unknown by the Great Unwashed Masses.

The answer is, people with important jobs like that need to be obsessive about their work, confound it.
Reply
#9
(07-24-2024, 01:08 AM)PhilOfPerth Wrote: Good call @Pete lol
Seems they chose a very appropriate name for their company!
ClownStrike would have been more appropriate.
New to QB64pe? Visit the QB64 tutorial to get started.
QB64 Tutorial
Reply
#10
(07-24-2024, 02:12 AM)bert22306 Wrote: Ah, speaking of CrowdStrike, too bad that bit about Southwest using Windows 3.1 was actually fake news.

https://www.msn.com/en-us/entertainment/...782&ei=831

Bottom line is, yes, Southwest use some software that's "just about as old as" Windows 3.1, but more to the point, Southwest simply doesn't use CrowdStrike!!

I mean, let's imagine that some ubiquitous enterprise software, something like McAfee Enterprise, or of course Windows, or even Linux in infrastructure systems, were to distribute a faulty update. Same thing could easily happen.

For all the fuss this created, seems hard to believe that the vulnerabilities were unknown by the Great Unwashed Masses.

The answer is, people with important jobs like that need to be obsessive about their work, confound it.
Screw SouthWest Airlines. I took a flight out one day, and the next day I was unable to return home, because the airport they dropped me off at didn't have a NorthEast Airlines flying out of it! I got so sick of eating pineapples, I swam all the way back... with my golf clubs in my teeth!

Pete Big Grin
Reply




Users browsing this thread: 2 Guest(s)