[GoLUG] CrowdStrike and Windows? You're gonna need a bigger boat

Kyle Terrien kyleterrien at gmail.com
Sat Jul 20 03:00:47 EDT 2024 

Today was a very bad day in technology.

Over in Windows-land, an antivirus company called CrowdStrike pushed a 
bad driver that threw an uncountable number of Windows machines into a 
permanent boot loop.  Banks, airlines, and hospitals went offline.  Each 
of these machines will need to be manually repaired.  So, who knows how 
long it will take to completely recover.

I have yet to see a report succinctly detailing exactly what happened. 
Here it is:

"Antivirus company CrowdStrike performs denial of service attack on 
millions of customers worldwide."

Sure, it was not a malicious attack.  However, there is a saying that 
sufficient ignorance is indistinguishable from malicious intent.  But 
can you think of anything better to describe what happened other than 
"denial of service" against millions of computers?  What are customers 
paying this antivirus company for?

Also, consider how systemic this failure was.  Any broken item in the 
chain could have prevented an outage:

+ CrowdStrike does not run tests against their updates before pushing 
their updates.  Such a test would have caught a showstopper issue like a 
kernel module that boot-loops Windows.

+ IT departments no longer stage their updates like they did 20 years 
ago.  Instead, they take whatever other people's software force-feeds 
them.  As Steve L. has said many times, "the opposite of DIY is HIDTY 
(Have It Done To You)."

+ Bean counters are so intellectually flabby that they are swayed by the 
forked tongues and empty promises of CrowdStrike's marketing department, 
even after CrowdStrike has shown a pattern of pushing half-baked 
updates.  "Falcon is the CrowdStrike platform purpose-built to stop 
breaches via a unified set of cloud-delivered technologies that prevent 
all types of attacks - including malware and much more." [0]  What is a 
"cloud-delivered" technology?  Itching ears want to know.  Sure, bean 
counters like to tick checkboxes, and CrowdStrike ticks the checkboxes. 
However, if you outsource your critical thinking, then you risk HIDTY. 
Computer security is mostly critical thinking, so don't outsource it.

And how did we get here?  Let's look in the mirror.  In a way, it's 
partly our fault as technologists, for tolerating some pretty nasty 
patterns in the technology industry.

+ How many times is the average Joe pressured into running random 
executables downloaded from the Internet?  Think of all the "install our 
app" posters with a QR code in almost every single store, and think of 
all the installation guides that pipe curl into sh.  Maybe we should be 
more vocal about security hygiene.  Maybe a warning like "don't run 
random executables"?

+ The average Joe doesn't know how to use a computer anymore, because 
the average Joe's "primary computing device" is a smart phone.  (I'm 
sorry, but a smart phone with all its handcuffs is not a real computer.) 
  Most computer users don't know what a file is anymore.  What a 
tragedy!  Maybe instead of tolerating abstraction on top of abstraction, 
we should have been more vocal about "everything as a file".  Computer 
literacy is at an all-time low while kids these days wither away on 
attention-sucking mobile apps.  Maybe we should look into teaching real 
computer literacy instead of giving kids smart phones as pacifiers.

+ Have you tried to install Windows lately?  Microsoft pressures you 
very hard into creating a Microsoft account, just to use a PC which you 
own.  Most people do as they are told and create the account anyway.

+ Don't get me started on Apple.  Apple's pattern is that they think 
they know what's best for your computer, and users cannot be trusted 
with managing their own software on their own computers.

+ Every refrigerator, smart thermostat, smart TV, headphones, etc. 
demands you setup an online account with its vendor before you can use 
it.  Of course, you and I know that this is boneheaded stupid, and most 
people on this list don't want to touch Internet of stings.  However, 
most normies just pucker up to the kingpin and HIDTY.

Overall, all of these things really bug me as a technologist because it 
means some things are objectively getting worse.  Software quality is 
getting worse, solutions to computer security involve outsourcing your 
critical thinking, and computer literacy is so low that most people 
don't care.  The next time someone argues that technology makes people 
more miserable, they are going to point to the events of today.

Very sad,

--Kyle Terrien


[0]: https://www.crowdstrike.com/products/faq/

-- 
[*] Kyle Terrien
     Containerizing chaos to get to the root of the problem.
   @ kyle at terren.us
   @ kyleterrien at gmail.com
   W https://terren.us/

More information about the GoLUG mailing list