Crowdstrike Just Broke The Internet
ฝัง
- เผยแพร่เมื่อ 15 ก.ย. 2024
- Crowdstrike just broke computer systems all over the world by releasing an untested update.
Airlines, banks, hospitals and many companies are unable to work because their computers are showing blue screens.
At the same time Crowdstrike is busy risk mitigating and gaslighting instead of helping people fix the issue.
☕️ JOIN MY PATREON - DISCORD, BONUS VIDEOS, TARGET PRICES, MODELS & MORE
/ sashayanshin
💵 GREAT INVESTING APPS I USE
INTERACTIVE BROKERS (Global - Main investing app I use)
bit.ly/ibkr-sasha
ETORO (Global - Super popular investing app)
bit.ly/etoro-s...
GET A FREE SHARE WORTH UP TO £100 WITH TRADING 212 (UK & Europe)
www.trading212...
You need to sign up and make a deposit within 10 days to get a free share.
DISCLAIMER: Your capital is at risk.
DISCLAIMER: Some of these links may be affiliate links. If you purchase a product or service using one of these links, I will receive a small commission from the seller. There will be no additional charge for you.
DISCLAIMER: eToro is a multi-asset investment platform. The value of your investments may go up or down. Your capital is at risk. eToro USA LLC and eToro USA Securities Inc.; Investing involves risk, including loss of principal; Not a recommendation. This video should not be construed as investment advice.
DISCLAIMER: Trading 212 provides execution-only service. This video should not be construed as investment advice. Investments can fall and rise.
DISCLAIMER: I am not a financial advisor and this is not a financial advice channel. All information is provided strictly for educational purposes. It does not take into account anybody's specific circumstances or situation. If you are making investment or other financial management decisions and require advice, please consult a suitably qualified licensed professional.
Sorry for almost no editing and doing the whole thing in one take - wanted to get it out as quickly as possible!
First time watching your channel. Love it.
your a natural dude. :)
I just found the guy who did it.
Sasha
Your content doesn't need editing mate. It's appropriately urgent and angry. Don't smooth that out.
@@SashaYanshin loved it, subscribed, shared it
CEO: Who is responsible for this mess?
Manager: The team we laid off last month to save costs and use AI
🤡💀
💀💀💀💀
Their workforce has actually tripled the past 2 years…
Lol
@@geolykosUS and Euro staff replaced by Indians.
YEP...!!! They laid off about 2000 and pined it on performance issues so they didnt have to pay redundancy - lets be real - this was an insertion attack, probably by an ex employee
This is not a cyber attack...
This is not hacking....
This is incompetence
Blackrock is a major investor in this company...hmmm
Where's crooks kid?
It’s a test to see how many services are reliant on it. The real chaos is to come
I wouldn't be so sure...It may be a test.
This is AI 😂
I'm 72 and I've made, programmed, manufcatured, sold and used computers since 1976 when they had "piano keys" on the front, I am laughing so much I nearly had to go to ER (but it was closed due to an IT problem)
omg your comment 😂
Relax old timer, I am pretty sure, you done goof-ups a plenty back in the day when you still had the pulse.
Fr content i've watched, Crowd Strike is kernel level, driver type, in "neccessary boot settings"..... Anyone running such a deeply ingrained, low level, just for security, deserves this..... Poss firms replacing IT dept? Serves them right.
I can remember people saying to me i should not put that mutch effort in programming on my C64.
Computerss are useless. And they are right, it's just a hobby.
Thats amazing, good joke.😂
How hilarious would it be if the Crowdstrike folks are locked out of their work systems because you know, they also use the shit they make.
I'm pretty sure they were and it must have been chaotic. 😡😡
I can confirm some of them were. But I am not obligated to say more
Funny you just reminded me of Alan Sugar discovering his IT manager decided the best thing to do was use compac desktops rather than Amstrad desktops at amstrad head office. You can imagine how well that idea went.
Like when the DNS of facebook wasn't working. Couldn't get into the building.
CEO will make his millions and a golden parachute. ALL the IT guys up at 3am working over the weekend will get a $50 Chipotle gift card on Monday.
Isn't IT awesome to work in?
😂😂😂🤣🤣🤣
Bold of you to assume they'll get a gift card
More like $10 Starbucks Card. 😂😭
you guys are getting Chipotle card?
Lol we don't get anything and hopefully don't get fired
THIS is why I do not allow automatic updates! I typically wait 30 days to see if there are any major hiccups (like today) before actually applying an update. we (for the most part) do NOT need automatic updates. The tech world has gone mad with updates. enough! STOP!
Totally agree 👍
Good advice, I’ll do the same going forward
The issue being that security software can be updated with information about new attacks seen in the wild. So a decision. Take then rapid update and be better protected. But risk an issue once in a while. Hopefully once in a dozen years or less.
I knew Crowdstrike would bounce hard - 7% currently. Because even after today I doubt that many orgs will want to swap over their entire security software. It isn’t all that easy to swap if orgs have integrated into other systems. When they have other IT change that will deliver business value.
This is exactly how i run my home computer. Updating to untested software is security risk.
FACTS❤
Finally a Y2K 24 years later
😂😂😂
@@brianf5190 UFOs aren't coming and ww3 is not coming stop being so paranoid when we have god in us
Always when you least expect it.
And to think we had to wait for a security company to due it.
😂😂😂 so true. Best comment.
When I first heard the name, I thought it was a terrorist organization
I didn’t think this at first but after what happened today, it does sound like a terrorist group…
💀
It is…. 💀
Microsoft is deeply imbed with Is-Ra-Hell
I thought it was malware or ransom ware
@@eddylee7786 my comment deleted…..
"It worked fine on my computer."
-CloudStrike Dev, probably.
Being an IT admin not affected by the Crowdstrike outage, I feel for those that are. However, how this happened and the response is both scary and hilarious, if it wasn't so impactful. Funniest comment I have seen today was on Sky News live feed, saying Microsoft's advise is to reboot your machine not once, not twice, but 15 times. You couldn't make this up...
I also laughed when I saw that specific tip.
It turned out that the restarts was for Azure VMs specifically because of a specific customer's report and how Azure Image updates are pushed throughout the cloud.
Still very funny, had it not been so serious.
I've had to answer about 10 tickets today that my org doesn't use clownstrike and isn't affected. Fun time
Well was there a sloped roof on the building housing the developers? ROFL
@@deathfistenjoyer lol lucky you :) compared to all the other orgs that do I am pretty sure your 10 tickets would be welcoming :) compared to what we are having to deal with today.
I think my laptop took 7 reboots only :D thank fuck our client didnt upgrade. But recovery mode is disabled on our corp laptops so colleagues just rebuilt their laptops today!!
Big companies got used to outsourcing IT, and then the IT service outsource their testing, and have production systems updating in real time, from third parties, without testing. Perfect recipe for disaster. It is also very funny, this is "Clownstrike"
You can outsource the service, but the clown strike CEO is going to discover you can’t outsource the responsibility…
Every IT person on the planet has now sent them an email "HOW DO WE BLOCK YOUR AUTO UPDATES???"
and as mentioned, every hacker has thought "AH!!! THAT'S a good one!"
It's funny how when companies are caught point blank in messing things up, that is when their communication becomes the most pompous and self-regarding.
I suspect their communications were always like that it was only no one was reading them until now
As a cybersecurity professional and fan of your channel .. this was awesome to watch !
Thank you but there's no way you've watched it all yet given it's only been out for 3 minutes! 😂
Maybe an AI bot or he used speed 3x 😅
as a non-cybersecurity professional: Get Back To Work- you forced us to put this crap on everything, you fix the bluescreens
I'm going golfing.
@@asdfbeausorry, no golf, all the golf carts are running crowdstrike too 😂
@@asdfbeau busted ..
How smart of us, who wisely continued to use Windows 7 and refused to use Windows 11.
I've 2 machines running Windoze 7 and one running XP SP3. HA!
Unclear if windows 7 would have saved you. But if you are running 7, you don't give two shits about security and won't have crowdstrike
It was said that it affected W10 rather than W11. It's unbelievable how many companies still use W10 because they do have a distro of that somewhere: I've been installing and reinstalling W10 over and over the last several months... surprisingly none was affected by the catastrophe, probably bc they had not been updated in a couple of days.
Never hear this stuff about Linux either and 80% of the Internet runs on that
Be even smarter if you didn’t use windows
I'm old enough to remember when Kaspersky was banned to prevent this kinds of events 😂😂😂
This crash brought down my entire state's network. No DMV, no welfare, police without communications, prisons without inmate information, 20,000 employees sent home paid at taxpayer expense...
Incompetence. Paying for insecurity is crazy. But what's even crazier is, their customers will keep relying on them.
I cant even imagine the number of lawsuits that are coming. But to be fair crowdstrike had a good reputation until now.
Changing providers for businesses typically take a bit of time. They need to benchmark products, get in contact with providers, negotiate prices, get approval from N+1, from head of department, from accounting, sign contract, get the new product installed……… And then some companies are also set in their budget, you can’t get approval for a new tool in middle of the year. And that’s when you absolutely need a new solution, it doesn’t take into account the yearly contract with the current provider.
I used to work at a shitty B2B company, clients hated the software but it was such a bureaucratic hassle to change providers they typically renewed their contract every year.
It’s like the British government and those Fujitsu fraudsters
This was not only a fup by Cloudstrike, this also brought up to the surface all the bad ops practices many of these corporations are having. Never release updates to live, always test somewhere first, but they just dropping this principle because of "security"...
Not only that, but they should FIRST do a drop to a SMALL set of customers (after serious internal testing for quality) for a REAL WORLD test BEFORE they do a major drop.
But it's always hurry up and save money UNTIL things mess up because the technicians aren't listened to re doing thing RIGHT vs. fastest.
I went through that for DECADES in my career in mainframe IT at IBM.
My grandmother told me about this, this morning. Um....not an IT tech person at all, but this is one of those things that sound like it shouldn't happen.
It shouldn't happen. It sounds like Crowstrike failed to effectively test the update before rolling out, which is software dev 101. As a security company with as wide a reach as they have, they should be the first to be testing their updates before rolling them out.
Yes. Who needs Russian hackers, right?
@@glennwhitlock1272
What.
Some junior programmer is having a squeaky bum day.
I bet you it was a super senior who was full of himself.
@@TheBooban Most likely.
If juniors code can go into production without scrutiny than a senior engineer f-ed up.
@@catocall7323 I never worked at a company with that level of fidelity to distinguish between junior and senior. And what junior? There are none anymore. Put that in your CV and you have no job.
Whoever it was is learning a great lesson on the importance of rigorous testing before rolling out to the entire planet.
My parents cant even log in their email correctly and now they have to boot into recovery mode? Yeah right.
Do your parents both work in an enterprise environment?
I'm 55, that's old enough to remember a time when shit actually worked until it mechanically broke down.
Then you could fix it or find a repair shop without google.
Yeah, we used Yellow Pages back then, I remember too. It was at least nicely sorted alphabetically... and every single service was local (although almost certainly not organic).
Ha ha.ive said this before, to be able to operate in the analogue and digital world is good and at a certain age, the skills are there. Some of our graduates can't do long hand maths on paper for example. Also the world is so digital and interlinked, it's a massive vulnerability, as has been proven. There is no analogue plan b.
Not to mention in order to delete a file in System32 folder, you need admin access, something most users don't have. We typically remote and help when admin access is required so that users don't f things up. Can't remote into a system in safe mode.
That’ll be the next update from Microsoft, a way to remote in in safe mode.
Former CTO of McAfee, CEO of CrowdStrike. Now everything fits.
What amazes me is how you massive update all computers at the same time like this? Update just a few, non vital companies, and even so, a small portion. Wait 24 hours, do it again, and so on. ANYBODY that manages IT knows that. ANYONE.
bro the incompetence in IT is boundless.. if people knew what systems some of their banks are using they would go crypto yesterday 😂😂
Spot on.
@@David-ej1ps no shit. I know windows xp being used in some banks in Japan. I shit you not.
Automatic updates are no different from keeping your eyes closed, your mouth wide open and letting anyone feed you with anything of their choice.
*MAC AND LINUX USERS OF THE WORLD* We must unite in our smugness, our glowing superiority, and send pictures of our functioning computers to every windows user we know :-D
Uhm...both of you and that legendary BSD guy?
Also point out that this reliable secure sh!t is free.
@@ouethojlkjn A Windows guy told me why I was wrong yesterday - he used 500 words to explain what he did and why he never had to worry, i didn't understand any of it cos I don't NEED to know or do anything.
I Buy a new iMac every 10 years and that is.
you know Crowdstrike supports Mac and Linux as well? so maybe next time they release a defective update for Mac and Linux as well.
@@STCatchMeTRACjRo NA dont have kernel access
Funny how those of us that don't use crowdstrike are fine today on our windows 11. Can't believe they charge people to get less security...
“Security” 😂
@@dla_915 I don't understand how an anti-virus update can brick every computer 🖥. Did an intern add one extra line of code and mess eveyone up? 😭😭😭
It's hard to take a Windows 11 user seriously when they talk about security
@@raven75257 do I need crowdstrike? 😔
Windows 11 has the least security features, why it was a free upgrade. It's a joke that you crowdstrike users pay for even worst quality and continue to use it and buy the stock. Paying money to brick your computer lol
OP SEC RULES:
1) Pirate and crack everything, even stuff you legally own
2) Block and disable automatic updates, coockies and anything your machine does without your explicit instructions
3) Keep you OS hard drive separated from your download hard drive
4) Cut off the internet when it's not used, unplug machines after turning them off, and make sure to stuff microphones and cameras in boxes, you never know if they have bateries to turn on by themselves
5) Always Benchmark test every new update and download in your spare transitory hard drive before copying it into the main storage hard drive
So basically live like a tech paranoid schizoid?
1) especially one you legally own.
or just dont do any of that and save some time and go touch some grass.
This is what happens when a company grows too fast. Employees are all new, most products are new, quality assurance teams can’t catch up with the new products and goes on and on
It's a multibillion dollar company with >8,000 employees...
@@tomnorton7817they were 3000 3 years ago. Almost tripled in 3 years. They also have 3 times the amount of products since then.
They were 3000 3 years ago. Almost tripled. Their product portfolio also grew a lot.
Crowdstrike the cyber security company just did more than any hackers could.ever dream of ! 😂😂
W take 😂
Lawyers must be foaming at the mouth over the lawsuits they will be filing...... So much for 'big tech' keeping things working. Imagine what everyone would be faced with if this lasted for several days? No financial transactions. No working ATMs. We'd all be toast...... "Oh, we don't accept cash".....
Wasn't "Crowd Strike" started as a CIA front? Just like the magazine "Wired" was also started as a CIA front.
“Crowd Strike! “: mission completed!
Individuals don't really use Crowdstrike, it is mostly companies, their IT teams would know how to follow the instructions....
Well said
Sasha is talking rubbish
Isn’t it in windows update for everyone?
@@Makalon102
All home owners and small business will run windows 11 or windows 10 on there laptops and pcs
Very large companies who like the company I work for for example has over 3000 pcs in offices around the UK and 1000 of lap tops
All using many of the companies own software systems
Companies like mine or banks or airlines are governments etc etc ( large business ) use windows 365 cloud ).and cos these big companies usually hold lots of personal data on there systems ( take Barclays bank or Thames water for example ) windows 365 cloud uses crowd strike cyber security to stop hackers hacking into business systems
This incident only affecting very large cooperate business
It didn't after small bussiness or Mr brown who has 1 pc he bought from Currys
@@boyasaka just posted some bs to get views, doesn't even know what bitlocker is/does....
You clearly don't work in IT. The same individuals you mention work for these companies.
Most people are not tech savvy and not every company employs dedicated IT staff. It is very difficult to guide non tech folk through anything. Even plugging a USB cable in scares people, how do you think people are going to cope putting Windows into safe mode after getting through Bitlocker recovery?!?
What makes this worse is the fact most computers in the corporate word have encrypted disks with bitlocker or something else. That means not only does the user need admin access to fix (99.9% if users don't have this) they also need the encryption key to log into recovery mode. Pass this to the end user and you might as well unencrypt everything on the machine..
It's even worse than that because when everything is "working" its still terrible. I am an app developer with a 12 core laptop that is too slow to run an android emulator because of the corporate garbage like crowdstrike on it eating up all the cpu cycles. But on the plus side they did give me the afternoon off today...
Why is anyone using 3rd party security compines for computers in 2024.
Either make your own or use Windows Defender.
Didn't they get hacked two years ago? Odd that a CISA company sucks at security and has so many contracts. Keep saying it's not part of the plan...
Just bizarre that a security company can have a day like today and not be immediately abandoned by any customer with more than 2 brain cells.
BlackRock and Vanguard are investors lol
@@SashaYanshin * enters Adobe! “Hold my beer” 😂
@@thesequelvintage why am I not surprised
6% @@thesequelvintage
Given the cuts the companies are going for targeting QE / QA / testing in general by cutting entire teams or outsourcing everything in India in order to maximize profits these widespread 'IT' problems will hit everyone harder and harder going forward.... 🤦♂
The head of engineering is Indian so are the head of products.
This video is so cathartic for me; I've basically had the same thoughts but you've put it into words much better than I ever could.
Great minds eh!
Completely done with I.T honestly. Today i was supposed to go on holidays. My flight got cancelled, but that is ok, since i didnt get paid either (im on a weekly payroll). But that too is ok, as i was called back into work to fix around 400 endpoints, all by hand, one by one. Thanks crowdstrike, and i mean that. This is, for me at least, the last drop. Gonna do a normal job, like a normal person for a while i think, you know, the kind of person that get paid, go on holidays, enjoy life a little, that sort of stuff
Appreciate the regular videos. Thank you 👌
👍
Does anyone want to talk about how risky it is that the globe relies on a single company to not fuck up or systems will break down?😊
CrowdStrike AND windoze.
And no one will be held accountable
They will of course.
The IT Crowd(strike)
The characters from that British comedy series would have been infinitely better to employ, BECAUSE THEY WOULDNT HAVE DONE ANYTHING TO BEGIN WITH!
Epic 😂
Jen’s broken the Internet!!!
To be fair: No 55 year old user at home uses Falcon. The real issues is - if you encrypted your device, you need access to the Bitlocker key, otherwise you can't boot into secure mode. For companies that means: Get your trainers out, you'll have to run to each and every Windows device and fix that manually - or reset all the machines if you have a mechanism to do so. Anyway, we're all f**ed, either you get hit by a 0-day exploit from the wild or your security software messes up an update. Select.
no one talks about this. the bit locker recovery key manually entering so painful, then the laps admin password manually (my company didn’t want to boot with networking and just wanted it uninstalled ) painful
@@baconblaster6422 How many machines to you have to "recover" like that?
@@ThatManFromGermany in my local office in south florida only 3 but it was a pain in the ass because one of them was in our networking closet with no keyboard , mouse or monitor and was sitting in a server rack (don’t ask) . but globally we had 400 machines in other states and countries where half of those offices don’t have an IT person on site . NY was most affected but they also have the most IT on site. we actually have thousands of endpoints but we did a “proof of concept “ with CS falcon months ago for one month and installed it on thousands of endpoints . ( we actually retain them yearly for IR and had a potential incident recently so we took it as an opportunity to spread falcon everywhere for “free “while we were under an attack . the problem is IT didn’t offboard CS correctly and left it on 400 machines. we actually use defender for endpoint as our go to security agent, but we had an ongoing threat and CISO wanted a second set of eyes/sensor and to POV the product simultaneously
I am actually in InfoSec not officially a sysadmin or “IT” but i was the only person in the Florida office that would really be able to do the recovery.
i don’t know if Windows team at my company figured out a way to “automate” the recovery . to my knowledge they are doing it sneaker net style still at every affected terminal because of dell secure boot and bit locker being in the way. i noticed the CS CEO during the interview didn’t really mention that would be the most common corporate setup.
@@baconblaster6422 I can enter a bitlocker recovery key in 15 seconds. Then again I don't have to look at my fingers when I use the numpad. I'm probably not average.
@@warwagon 🤓 cringe
This affected my company today and im working tomorrow. Its either going to be crazy busy or ill be sitting twiddling my thumbs all day.
I would be suprised if crowdstrike do not have to payout for this screwup, at the very least they will lose a lot of customers!
I work in IT and there is no excuse for not testing a patch/update before releasing it, it is pure incompetence! Heads will roll at Crowdstrike.
A blue screen of death cannot be fixed remotely, as they are off the network, all machines will need to be manually patched for them to work again.
This video should be rated 18+ due to all the sailor language 😂 it didn't even warn me, I have kids in the room dude!!!
The SaaS model got us here. We live in a world where the businesses rely on these companies to manage their entire infrastructure thereby leaving them exposed to such problems.
Well said.
Wait if these are not cloud computers or Virtual machines that means they would need local IT for every machine. That’s a nightmare. That’s a big fuck up.
I don't rely on 3rd party security software. I take my network security into my own hands. From the point of WAN entry onward. To secure DNS. OS, hardware, browser choice, extensions, and custom scripts. Zero auto updates. Been clean and running and uninfected for decades.
Speaking for crowdstrike here, "Our patent pending (fingers crossed 🤞) redundancy design failed, we're not sure how that can happen but rest assured, we are working on it"
Bitcoin has had 100% uptime since its inception. No central point of failure. Nothing else can make such a claim.
Sasha's upload rate exploded recently
:))
He's AI
bills went up, gotta do the hustle
@@bobbyboyderecords Your correct! As of his Ai bubble video, all of his videos are 100% Ai generated.
@@bobbyboyderecordsbiggest insult you can say to him😂
As a 70 year old Tech Pro who just retired Nov. 2023 I will point out that Mac and Linux wasn't affected. Hmmmm, that's a hint. It's not just CrowdStrike, it's Microsoft as well. That plus, as you point out, in general it's all See No Evil, Speak No Evil, Hear No Evil.
Me when my employer rolled out crowdstike: "This isn't a good idea, its a central point of failure, this is us paying to join a botnet." Fast forward to today... It wasn't a good idea. Also the updated fix is to boot to Safemode with networking, let crowdstrike DL the patch, then reboot.
I was similar when my previous firm wanted to put a software inventory agent on every server. Seemed like a very bad idea to me. (Except for UNIX where it doesn’t bury into the OS.)
That's my guy 😊 Are you looking for work? 😁
Correction dude! A 55 year old person, knows how to use DOS, we do that stuff with our eyes closed. We ran all our systems from CLI uptil the mid 90s, either VAX, CP/M, Unix, Dos, RSX11 it’s the youngsters that don’t know CLI.
I used to work with a VAX 11/780 with a VT101 terminal. It had TeX installed, so I used it to typeset/format my projects.
@@oibal60 There you are :D Us GenX and Boomers know our way around a command line.
I never used VAX, myself. Although I was a subcontractor for DIGITAL/COMPAQ. I did mainly Tru64 and TruCluster for them. And since I had some RSX11 experience and had my own MicroPDP and know my way around C, I also did some development work on there on some legacy C code.
I guess those poor 55+ year old software engineers that aren’t tech savvy enough to delete a file will have to call on their twenty something instagramers who’ve never used the command line.
Unforgivable mistake that should've been avoided.
But just as unforgivable is the fact that their users don't have a manual process in place in case of system outages. Something that was always in our minds in the 90s. Bizarre how inept this world has gotten in 30 years!!!
No they didn't break the internet, they just broke your computer
I wonder what internet means... so if you have a circle of friends but they are dead, do you still have a circle of friends?
@@unloveableandre many countries were completely unaffected, its not a truly global event
@@TheManinBlack9054 did you understand computers, or did you even watch the video? IF you are NOT using CrowdStrike, you were not affected. If ANY company in your country is using it, it was affected. Not that hard.
As a IT professional your saying this wrong. Bricked means you cannot power the device.
Every company is 2% away from total collapse.
Society is only 9 meals away from anarchy
It’s kind of fascinating to see the lack of discipline for procedures we experience in terribly managed small-medium teams being replicated in major cybersecurity multinationals.
“How come that obvious bug got in production? Didn’t anyone do a QA? Why wasn’t it deployed in preprod first?"
Dev: “Idk, I just created my PR, Idk what happened next. it worked fine on my computer. You should ask the others, I’m not the one who merged and deployed WIP”
PO: “I assigned a QA task to the QA guy, look I’m just assigning stuff here, I don’t review code”
QA: “I have to QA the entire sprint in half a day, this ticket is still in my backlog."
Senior Engineer: "the ticket was in done and reviewed in Jira. I assumed everything was normal. It would delay the release if I double check everything myself."
See you next week on the retro for our monthly "organisation workflow" discussion!
This is a warm-up run.
Warm up for what?
@@SashaYanshin
For the big shut-down that will have people made ready to switch fully to give-up cash and deal only in CBDC.
From the conspiracy angle, yes, it could have been a test run for a later downtime, probably much longer, for global elite nefarious reasons. Or, something important to the global elite was happening today on a particular network and they needed to stop it or tamper with it. But they need to do this without suspicion so they had to take down the whole system. Possibly something to do with money or incriminating evidence. It was so important that they were willing to take the fall out for Crowdstrike. Reminds me of 9/11 when so much incriminating information on computer and paper was obliterated as collateral damage.
"In reality, Alperovitch is a Russian-born US citizen, and CrowdStrike has consistently maintained that it operates in a non-partisan manner"
The truth is: CrowdStrike co-founder Alperovitch is "Russian" of Jewish descent and non-resident senior fellow of the Cyber Statecraft Initiative at the Atlantic Council. The Council takes a hawkish approach toward Russia and has released numerous reports and briefs about Russian aggression.
So much for the non-partisanship...
Recovery mode is already a challenge when you have Bitlocker in place. You would need to have the key in order to het access.
Now a company the size of an airport, probably has those keys in a key vault (or EntraID). But it would be a severe pressure on their helpdesk to fetch those keys and hand them out (or you would build a dedicated network boot that can automate it, but that;s non trivial for most sysadmins, who aren't devs).
this was a coordinated cyber attack. we had several systems go down due to hacking 2 days ago... banks were having issues yesterday... and now this today
I think this was their attempt to counter the cyber attack but they basically threw a grenade into all systems.
@@HaggardPillockHD agree. smaller groups jumped into the chaos to fan the flames with DNS attacks. there are far too many people out there that simply want to see the world burn... and have little care for the consequences
Mr robot: "An executive running linux?"
Tyrell:
"I know what you're thinking; an executive running linux, I know. Windows fucked up"
It would have been well tested from my experience, more likely what was pushed our was in someway different from what was tested..... accidental or nefarious made such a change perhaps is the burning reason..... what was the defect they mentioned is the only question that needs to be answered.....hopefully someone within crowdstrike will leave a comment in a forum somewhere anonymously
I wonder how many people either unintentionally or through ignorance ended up deleting their system32 folder to try to fix this lol
I would think you would need admin permissions to do this. No admin would do that
so an non IT worker with full admin right to corporation computer? or an IT worker?
In a well designed network there are several security controls in place where I sometimes wonder why Crowdstrike is needed... from not giving the user admin rights to do whatever, but least rights to do their job in the first place, disabling older less secure network and encryption protocols like SMB 1, TLS 1, BitLocker encryption, controlling what software and patches are installed on the device via Configuration Manager or Intune or other MDM solution, proxy cutting access to most malicious sites, etc., etc. In terms of security you need to think about all the attack vectors and have 1 or 2 controls in place. But one thing Crowdstrike can do is track your entire activity and report on it.
Developers will have a field day in the next years.
This may not be an example , but when more and more companies start using AI for code generation , and that code starts spreading everywhere, this will be the era of bugs , and system failures.
Someone will be paid to fix this shit
Programers having a new job hunting ai bugs
AI generated code isn't that common. Where something like AI might be used it is more boilerplate code or refactoring tools. If the devs using such tools don't understand that code they are probably screwed and screwing up just fine without AI.
@@SomeGuyAsWell
Everyone copy / paste code from AI .
By "AI generated code" , I'm not necessarily meaning that the AI will generate AND publish the code itself, it will just generate the buggy code , and that's literally enough haha
I work in IT. Since then Ive been working over 11 hours due to people not able to log into their accounts
Yikes! One solution would be to have a Linux ISO to replace the garbage windoze OS.
Complex, interconnected systems lead to complex problems.
Helpdesk employees are usually not fired, there just aren’t enough people qualified. Many work has been automated but as stated fixing getting down and dirty. Ironically due to security hardening mostly pretty much impossible.
Great rant
Crowdstrike and Secret Service to merge. The collaboration on quality and attention to detail will be something to behold.
Imagine being the programmer responsible for this 💀💀💀
The funny thing is it's probably not a single programmers fault but a bad (or lack of) corporate practices.
@@mikekrzych yeah don't they have any non-prod environments to deploy in before they push to production? I mean there are errors that don't get caught in testing it's natural. But this is like a near universal and immediately obvious severe error.
Greatest unintended hacker that ever lived 😂
@@mrgamechanger97 well, they probably do but negligence lead to the situation we have today
@@mikekrzych the only way I can envision pushing this problem to production after deploying in non-prod would be if they gave an exception for a last second code change when they should have had a code freeze for the upcoming release. And it just so happens this last second tweak had a fatal flaw. If it existed for even a few days before going to production they should fire whoever did the QA.
Isn’t Microsoft on the hook for this?- Crowdstrike has nothing to do with it, I imagine Delta airlines has a support contract with Microsoft, not Crowdstrike- Who Microsoft chooses to subcontract their security services to is their problem, not the customers. Surely
as an IT guy i was told growing up that the internet was basically invincible and nothing could ever take it down.
In my life four times now i've seen the internet across huge parts of the world get wiped out by fairly small errors.
First was a bad firmware update to rogers most popular router in canada, basically took every rogers customer down until all the router were replaced.
Another was a single point of failure taking out all credit cards in canada.
AWS went down for about 2 minutes and took down half the internet
and now this :D
this could have gone down much worse. the company also makes products for Linux and Mac as well. they could have released a defective update for those OS's as well, not just Windows.
The share price needs to drop to $150 for this screw up. The company is a joke.
Too many eggs in one basket. Security and convenience will always be a trade off.
Here's another problem. Some corporate IT policies have the PCs locked down so most users won't have admin rights. This means that even if a user could boot into recovery mode their login account wouldn't have permission to delete files from a system directory. To get the patch pushed to the users would require a user to login and have their login script from then server. And remote tech support wouldnt be able to do a remote desktop connection.
I'm a programmer and not a PC support guy, but In the past before VM ware we used to use steady state or clone OS images and credentials and have a dual boot option because we sometimes would test software that would hose the test systems and yes some drivers would give the blue screen of death. So you'd power down and the MBR would allow you to press a key combination to select a second smaller OS with a service account login which would restore the OS or copy an image from a network or from another partition and restore the OS. The user could lose some data if they didn't have their data on a second physical drive but at least they would have an operating system.
this feels like a delayed Y2K with all the chaos and brings back memories for me of the panic of the runup to the year 2000
I love this. All the times I explained to management why we should wait a few days before implementing updates only to be met with blank stares.
love it. like your sense of humour
Thank you!
Uh... "a 55 year old"??
Gen X had computers you know... I was writing code back in 1984. Had you even been born yet?
Why do all you Millennials (still) think nothing existed until you came around?
Brilliant ACTUAL "... Just Broke The Internet" title.
The way that it has hit across the world shows how open our systems are. The gall of the CEO to just not hold hands up and admit it just tough while it all fails. They want AI to take over the reins FFS they cannot get this right!
When I need the TRUTH, I come to Sasha Yanshin first! Thanks for the analysis (and opinion)
Thank you. Very helpful. And as expected you did not disappoint with sharing your opinion. Thanks.😮
🙏
Crowdstrike has a whole DEI section on their website
Reasonably, the bandaid solution Crowdstrike put out (booting in safe mode etc) isn't meant for the regular end user. If you have Crowdstrike, you have an IT department. You said it yourself, the regular user doesn't have much access to work terminals - because the IT guys have that access.
It doesn't excuse their fuck up but you get the idea
Absolutely spot on. Hackers continually look for any way to break Microsoft updates, there are many ways to find an in. It's a pretty clever hack to use an existing code using a Microsoft update to f it up. It sounds like a setup exec issue, I don't know, but I love it lol. Totally right about work computers you can't even get I to local files to fix it, nevermind finding the correct directory. Great vid
It wasn't a Microsoft update. It was a content update pushed out by Crowd Strike to their own software. Note that it wasn't even a software update - simply a content update. Not that this makes it any better. Crowd Strike living up to their name (literally). Actually, maybe "Globe Strike" would have been better 😀
@Unshou lol right!
Having been up 1:30 AM - 9:30 AM because of this issue, this is the rant I needed right now. Thank you 😌
*Reminder:* In case you missed it, this "glitch" was actually a brilliantly orchestrated rehearsal to test our systems for future glоbаl wаr distributions. And who else could be behind such a masterstroke? None other than the covert masterminds at the ClA. Truly, their subtlety and foresight deserve a standing ovation.
This is the same guy that was CTO when McAfee had the 5859 DAT error.
He literally has blood on his hands.
I had a friend STUCK IN THE AIR ON A PLANE because of this shit. It was absolute bedlam. All the relaxing from her long overdue vacation was destroyed because of a computer error.
Also they did the maths, food supplies in the USA would collapse within 60 days. Trucks that deliver food and stuff were also delayed. They couldn't load or unload anything.
I'm just...absolutely horrified by all of this.
*laughs in Linux*
But do you sudo apt-get laugh or sudo dnf laugh or sudo yum laugh? That is the real question!