this post was submitted on 19 Jul 2024

190 points (95.2% liked)

Technology

58076 readers

4460 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

[email protected]

190

Microsoft resolves cloud outage that caused some US airlines to ground flights (www.channelnewsasia.com)

submitted 1 month ago by [email protected] to c/[email protected]

28 comments fedilink hide all child comments

top 28 comments

sorted by: hot top controversial new old

[–] [email protected] 76 points 1 month ago (3 children)

It's a crowdstrike issue.

[–] [email protected] 8 points 1 month ago* (last edited 1 month ago) (1 children)

Ouch that's going to hurt the share price

[–] [email protected] 3 points 1 month ago (1 children)

https://finance.yahoo.com/quote/CRWD/

Not enough... only down 8.9% and it even rebounded overnight...

[–] [email protected] 3 points 1 month ago

Corporate behemoths are going to keep doing what they do best.

Their ISO-whatever certification says they gotta get that kind of software, so they do. Whether it is found to actually increase business risk does not matter in the slightest, what matters is that a box is checked for the audit.

It's like Oracle or IBM, who did not contribute anything of value to the world since about 2005 and notoriously have some of the most aggressive licensing lawyers on the planet. But there are lots of companies out there who sort a product segment from Old to New and pick the first result on account of the fact that it's "established", "reputable" and "reliable", every other consideration be damned.

[–] [email protected] 4 points 1 month ago

Somebody's getting fired and that company is getting sued. I'm very curious how much this outage will have ended up costing the global economy.

[–] [email protected] 1 points 1 month ago* (last edited 1 month ago)

This was a separate outage unrelated to CrowdStrike a few hours earlier that took down a couple of airlines as well.

A majority of the VMs in the Azure CentralUS datacenter went down due to some sort of backend storage issue.

Edit: I guess I should have read the article they do say CrowdStrike. They seem to be implying that they were one event when the cloud services outage was earlier and unrelated. I had heard about grounded flights during the first outage as well. So they likely are combining the two events here.

[–] [email protected] 50 points 1 month ago (1 children)

Airlines relying on Windows.

Sometimes I do feel afraid.

[–] [email protected] 29 points 1 month ago (4 children)

Dude, every bit of critical infrastructure around you is running Windows XP and McAfee ePO. The shit hidden in segregated control networks would make a security researcher from 2009 cringe.

[–] [email protected] 7 points 1 month ago (1 children)

I just did a fresh install of Windows 7 this week.

[–] [email protected] 9 points 1 month ago (1 children)

Whoa! Slow down! Does the plant manager know you're on the bleeding edge?

[–] [email protected] 14 points 1 month ago

Don't worry, it was 32-bit.

[–] [email protected] 2 points 1 month ago

Where I live infrastructure is actually a bit more modern, but I have seen Windows XP, 2003, 2008 very recently too.

[–] [email protected] 2 points 1 month ago

Can confirm. I've already heard from one of my team's members from 2005.

[–] [email protected] 0 points 1 month ago

Fucking ENS

[–] [email protected] 25 points 1 month ago* (last edited 1 month ago)

Clearly didn't resolve it that well considering that most of a continent is out now

Edit: world, not continent now

[–] [email protected] 6 points 1 month ago

I am thrilled right now that our company only started relying on cloud resources a few years ago and still don't use services like this... I hope this is a wake-up call to them, so we never use something like this. I know the execs finally realized the cloud is not cost effective, and I hope we keep it a mixed bag instead of going in fully. I have been in IT for 18 years now, and thankfully, I have never had to deal with a disaster like this. Another close call was outsourcing our IT service desk to a company, and they wanted us to put agents on our pc's so they could do their job easier. Luckily, our network team said absolutely not. Sure enough, that same year at Christmas time, they got hit with a crypto attack, and instead of having to deal with the agents, we just shut down the tunnel, and we're fine. A lot of their clients were not so lucky. Screw the cloud and 3rd party services... it doesn't save what you think, and you get poor services in return a lot of the time.

[–] [email protected] 3 points 1 month ago (4 children)

Time to switch to alternatives

[–] [email protected] 22 points 1 month ago (2 children)

It isn't a Microsoft issue in the first place. Doesn't mean switching to alternatives isn't a good idea, but this one isn't on them for a change.

[–] [email protected] 10 points 1 month ago (1 children)

It's an argument for decentralization. An argument that won't be heeded.

[–] [email protected] 11 points 1 month ago

Monocultures are like this, yes. The reason bananas are less tasty than they were 100 years ago.

[+] [email protected] -15 points 1 month ago (2 children)

In a way it is a Microsoft problem. Windows can't handle live updates to the system like Linux can. Security updates mean downtime to be scheduled. So they need a program to do security, so CrowdStrike comes in to do security for these companies since Microsoft can't protect them. And mistakes happen.

[–] [email protected] 11 points 1 month ago (1 children)

Ah so it's a linux problem when the gpu driver causes instability, cause NVidia is making a shitty and proprietary linux driver and the market share is too small to warrant putting more effort in. Linux doesn't have it's own fully-featured graphics driver, so that company has to come in and provide their own since linux can't supply it. And mistakes happen. Roughly the same logic.

That's not linux fault. Neither is it Microsofts fault when a company selling a security product decides it has to run in kernel mode and then they don't properly test a release and just decide to yolo it.

[–] [email protected] -3 points 1 month ago (1 children)

Yes. You're right. All OSs have their faults. But this is one of window's faults.

But this is a Microsoft problem mostly because all the news reports are saying it is.

Anyone in Microsoft sales or marketing is going to have a tough time for a while.

[–] [email protected] 2 points 1 month ago

You know the kind of companies that do this nonsense on windows have the same incentives and give the same access to third party "security" tools on Linux?

Windows sucks. But the fact that it's windows they broke is dumb luck.

[–] [email protected] 9 points 1 month ago

Security definition updates can be installed without rebooting.

And Crowdstrike is a more advanced system compared to normal antivirus you would use at home. It's an endpoint protection system that does more than scan for viruses.

Microsoft offers their own alternative called Microsoft Defender for Endpoint.

Both Crowdstrike and Microsoft Defender for Endpoint are available on Windows, MacOS, and Linux.

[–] [email protected] 16 points 1 month ago

Incidentally CrowdStrike has a Linux agent and my previous company was pushing us to install it to check another box on their Cyberliability insurance form. So this could just as easy happen there too.

[–] [email protected] 4 points 1 month ago

Alternatives😏

[–] [email protected] 1 points 1 month ago

Security software is by and large theatre. There I said it.

Install TempleOS in your production environment I guarantee no one is writing viruses for that lol