The first 500 people to use my link will get a 1 month FREE trial of Skillshare! skl.sh/nationsquid12231 Small corrections: Most antivirus programs have kernel access, but running (allegedly) untested code at this level is not common. CrowdStrike Falcon Sensor is mostly business software, but can be used for those who work from home with company issued devices.
Time to ditch proprietary operating systems like Windows and MacOS and switch to Linux: The only OS that actually keeps personal computers personal, instead of handing the devices in your own home to corporations you have nothing to do with and giving them control of your life and even business. Apart from not being spied on -for your own safety- for convenience, you update system packages when you choose to instead of having it updated by force, with updates in the stable branch of most distributions being practically tested for days before making it in.
The Italian train line Vesuviana runs on windows 2000 and is the only train line not affected by the outage in the whole of Italy. The trashiest train line. Immune. LEGENDARY.
Imagine reading bitlocker recovery keys to people who can barely figure out how to read the emails. We couldn't use the automatic windows tool because of how our stuff is set up. It was all manual. Let's just say our service desk was so flat out that those of us in other areas of the IT department grabbed ahold of the instructions and fixed it ourselves and helped get the corporate stuff back up because we were the lowest priority
If you look back at this guy you see he used to be a creepypasta and ARG type horror channel person, now he's become a tech vlog. Quite the transformation.
The entire hospital system in my state went down. My aunt who’s a higher up worked for 15 hours beginning at 2am to try to get the hospitals working without computers.
The number of people still blaming Windows and making comments like "I was fine on my home computer, I was lucky", and they don't use CrowdStrike, is just wild.
I’m an IT professional. One thing I’ve learned is that 95% of people have absolutely no idea how computers work. But people who don’t know what they’re talking about tend to be vocal in a lot of spaces, like politics.
Windows is partly to blame because they still allow Kernel Extensions. And "security software" demands kernel level because it's possible to install 3rd party software there. It's literally a self-reinforcing problem. On modern systems, software that is not needed to make the OS communicate with hardware (drivers), should not be allowed to run with that amount of privileges. This is also why macOS was not affected, despite CrowdStrike being available there too. But macOS restricted the Kernel Level towards all 3rd party software, instead offering a more secure system extension API. Therefore, macOS can't be that easily bricked like Windows can. Especially since it's ridiculously easy to install software with kernel privileges on Windows, there is no additional layer of protection (like a Super-UAC). All you need is a "Verified" installer and up you go. The "trusted installer" privilege has more power than the admin role (which is also a difference to Linux, which is also "open" but at the same time allows for the admin having the final word to decide what runs where and with what privileges). And if you still don't believe me: Even Microsoft themselves pledged for their kernel level being as restrictive like in macOS. The "problem": They can't, because the EU forced them to open it. And the reason for that is because Microsoft insists that their Windows Defender has to run at kernel level. In order to allow for competition, the EU forced them to give 3rd party anti virus also access to the kernel level. But they could have also just restricted *every* software, including their Defender, to system extension API. So in conclusion: The reason because the kernel level on Windows is as "open" as it is, is because Microsoft is too stubborn to "limit" their Defender on system extension APIs like on macOS. Therefore: yes, Microsoft is partly to blame to allow 3rd party software being able to brick your system so easily. It should simply not possible to send your PC into eternal boot loops just because some 3rd party software screws up royally.
The corporate world outsources everything now to cut down their own labor costs. I lost my job when my department got outsourced to a third party company who does a worse job now.
There are some self-employed/work-from-home people that use it, depending on their needs. Not as common as traditional businesses of course, but it does happen. 👍
@@JNJNRobin1337 This was not a *Windows* failure, Microsoft had nothing to do with it, the whole thing was carelessness by Crowd Strike. If The Sims made your computer overheat and catch fire, that's not Microsoft's problem, that's Electronic Arts' failure. Same thing with Crowd Strike's epic quality control failure.
@@nationsquid If they're working from home their machines are behind a firewall/router, not directly exposed to the internet the way the affected servers are. And if it's a work computer provided by an employer, I'd bet they're not using Windows 10 Home Edition. 😄
This global internet outage is insane! All airlines grounded and i was stock the airport and even banks, media, and offices from the U.S. to Australia. How can CrowdStrike have such a monopoly that could help restore such a massive amount of tech?
Right? It makes you think about the stability of our systems. But hey, I barely spend time online. When I checked my portfolio with Desiree Ruth Hoffman, we were still in the greens. That’s been the case for 16 months straight!
Probably from her forecast on Nvidia before the pump. But how are you in the greens with all the fluctuations due to the election and everything else? Can you share her strategy?
Honestly, just schedule a call with her. She has vast knowledge in finance and really knows how to navigate these times. I handed over my portfolio to her so I can focus on my family. These days, things just get scarier and scarier.
I had some level of an idea that it was going on throughout the day. The first hint to it was going on was the fact that one of the tv's in the building I live in that I was leaving from for a few days for the weekend had msnbc (or one of the news channels) on and they had the banner saying something to the effect of a Microsoft interruption problem. And, I got notifications through the newsbreak app and saw memes about it on social media.
I heard that "something" was wrong when I arrived at work and one of our (non critical) terminals running W10 was BSOD when other terminals (on some Linux distro) were not. Didn't get a clear picture of anything until returning home and checking the news. ...As of yesterday, said terminal was repaired but now was somehow missing the link to start THE one application most employees actually use it for, leaving it still functionally useless. Fortunately, that's something that can be fixed remotely....
With all the insanity of the last few years, I think people are becoming desensitized to cataclysmic world changing events. They seem to happen on a weekly basis now.
Yeah, it was CrowdStrike so if your computer didn't use CrowdStrike then you wouldn't have the issue, as I've heard. I wouldn't have known about it if I hadn't heard of it from other people. I didn't happen to be at an Airport at the time, or at a workplace that might be affected.
Never underestimate the power of Hanlon's razor. People are scared of hackers and terrorist, but actually stupidity and people doing mistakes is way more dangerous...
For clarity ... Crowdstrike Falcon is a commercial grade anti-virus program. It is not commonly available to or used by home or small business systems. Almost all of the BSODs were in commercially networked computers. Home users were not affected.
This also affected Wikipedia. I remember trying to do an edit and it wouldn't go through, and couldn't figure out why. And then I saw the news and realized.
I was seriously considering flying abroad, but decided against it to save money, then the outage happened. Being stingy saved my a*s from being stranded in another country lol
I'm in IT at a fairly large Hospital System in California, we had only 40 or so servers affected but over 11,000 end points that all needed touching to boot into, enter the BitLocker code, boot into Safe Mode, and delete the .sys file, we had 100's of analyst & Workstation Techs deployed, it took about 5 minutes per endpoint but we just about had it wrapped up by Tuesday. None the less it was a mess, but I can guarantee that all patients were admitted & treated just a LOT of overtime!
I love how you sneak little Beatles references into every video, from the one where you had a file named "Carnival Of Light.MP3" to the Paul McCartney shirt you wore in this one!
The company I work for uses Crowdstrike. Only one person in our team got hit with the blue screen but because we work remotely, she now has to wait for them to send her a new laptop. If it had happened to all of us… yikes.
It's ironic that a cyber security company that was supposed to protect you, was able to inflict this much damage that even the worst hacker groups could only dream of.
Wells, that's kinda expected. The system admins are the people that can most easily cause a system breakdown. Giving someone kernel access, is to give them even more chance to blew up even the hardware. What's unexpected is that a company of that size would not test and retest to see if everything ok before pushing it out. I wonder if they just lay off the people who was involved in the testing process, and the clueless employees just don't know that the test hasn't been performance.
Technically if you had a Windows computer at home you wouldn't have seen that blue screen on July 19th since your computer wouldn't have ClownStrike installed. I've yet to meet a single individual who forks out the large sums of money required to use ClownStrike on their own personal device (most individuals aren't Fortune 500s).
At my job we had a lot of blue screens that day after an update (we don't use cloudstrike). Although my guess is that it was just mass hysteria making a run of the mill blue screen seem like it was related to the bug. Some unfortunate coincidence. I've heard some Windows updates were troublesome in the last few months tho
This mostly affects large coorporations and industries. not personal machines this doesn't mean there is no affect on anyone though as corporations and industries affect people
the amount of mac users ive seen talk shit about windows because this didnt happen on mac while having absolutely zero idea what they are talking about was insane
I work for a trucking company and everything was screwed up. Navigation was out, logs, load data, trailer status, even customers were screwed. We were having to use paper atlases and logs, and check every trailer for our loads. Scales were down too. What a dumpster fire.
Things we got between GTA V and GTA VI: - Global IT outage causing $1 trillion in damage - Former US president narrowly nearly being assassinated - Global pandemic that killed 7 million people - The population reaching 8 billion people
idk just a little tale from the outage: my mom works in a coroners office and the worst one for her has been that their fingerprinting system is affected so they’ve had to manually ink fingerprints from the bodies they’ve received 💀
Man, all this outage did to me was cause a minor inconvenience at work cuz I didn't have access to a virtual machine to use certain programs. Meanwhile, other folks were probably dying cuz of hospitals being unable to use their equipment! It's kinda scary how vastly different the experience was for different people...
As an IT professional, I’m SO glad we don’t use CrowdStrike. We’re a property management company so 90% of our computers are at remote sites with no in-house IT staff. We would’ve been so screwed. We even thought about going with CrowdStrike at one point.
I actually saw the effects of this while I was on vacation. I saw a screen that was supposed to show an ad on the back of a tram that goes down the boardwalk, but it instead showed the recovery screen, then saw the same exact thing later that day.
i was camping at a music festival when this went down, so I had no idea until halfway through the day when a few artists had to cancel because they were stuck at various airports across the US
Err, *sort of*- all modern Antivirus/Anti-malware have drivers which run inside the kernel, and this is because they need to give its two cents about process creation- that's how, and indeed even why, they work in the first place. What the end-user sees. is basically little more than user-space window-dressing, vastly simplifying for them what the AV/AM engine is actually doing, so the user is able to take action in the event their input is required.
The part that was really scary about this was 911 was down in all of Alaska, they had to give our individual phone numbers for people to call. Some hospitals/hospital systems were out. (2 hospital systems in my state were affected in some way by the issue). Of course Delta and other airlines were. I am a software engineer and I wish there was much more data redundancy than there is. Personally all of my computers (outside of my work computer) have a Linux boot system as a back up. I don’t do this for a paranoid reason necessarily but I do use it as a tool to teach others how to use Linux (friends have really old computers that run much faster on Linux than windows)
i was so excited for a video about crowdstrike to come out on nationsquids channel! i just saw that im watching you from a year and i forgot to subscribe,im gonna subscribe now!
I think we can all agree that this felt like Y2K, everything reminded me of the anime movie Summer Wars. Totally forgot this video came out cause I was celebrating my birthday, but I'll learn more about last Friday's events
Manually updating computers with a drive/USB key one by one because it needs hands on fixed and unable to access the network/internet, this is called the "Sneaker Net" where the network is you and your "Sneakers" walking around plugging in over and over.
My cousin was stuck in Orlando for god knows how long, I felt so bad for her bc there’s nothing scarier than wanting to be home but you can’t because all your flights are grounded
Our company doesn't use Crowdstrike, and I'm working for a Fortune 100. The moment they had advertisements all over F1, our company must have realized Crowd Strike is shit.
Cyber guys say CrowdStrike is actually very good - when it’s working. It does have 25% market share. What’s not good (enough) are their software delivery processes.
Remember being at work when this occurred. It was around 3-4am CST. We couldn’t do any work. Everyone was just sitting around, on their phones. Can’t imagine if a larger cyber attack of this kind happens, and affects the whole country.
0:12 : Nope, I didn't experience it on my laptop. Edit: When updating ,upgrading, and/or configure software, you can run it on sandbox to see what's wrong before deploying to the public.
So basically: Kernel level software having a bug can have catastrophic consequences for your entire computer system. And yet it is becoming standard practice for Video-Game Publishers who have a reputation for creating buggy, unstable and broken software to install Kernel Level Software onto your computer alongside your game (Often without your knowledge or consent) to monitor you and make sure you don't "cheat."
This is what happens when you rely on "we can add/fix it with the later update" logic. The software today are all beta-versions forcibly deployed onto user's PC for testing. This needs to stop. The software must work properly without any need to be updated all the time, and no update should be forced on you.
Unfortunately that same logic is very common in the gaming world as well so really these corporations need more patience so that things can be released correctly instead of half-hearted nonsense that has problems or could have potential problems
Yes, but they're on secure networks that require either decryption that's practically impossible without insider access, or physical access to the server to bypass (and those instances tend to make the most destructive malware attacks).
I remember when this happened, thankfully my colleague and I were in early and work in IT so we got the whole thing escalated quickly and were up and running within the next hour or so, I still feel sorry for those who weren’t as fortunate.
CONDENSED VERSION: Almost every major company relies on a cybersecurity company called Crowdstrike to provide services to prevent data breaches. Windows machines with Crowdstrike received an software patch with from Crowdstrike however, it turns out one of the binaries that was meant to be loaded by the NT kernel was filled with zeroes which lead to a BSOD.
10:23 you can also click advanced recovery options then command prompt and do del /f C:\Windows\System32\drivers\CrowdStrike\C-00000291*.sys 12:03 96% of servers run linux
This Affected TV channels and services too because last Friday Both Sky News and CBBC in the UK went off the air that morning (both back to normal now) and DirecTV experienced technical issues for 4/5 hours
Fun fact: unlike many modern OSes nowadays, Windows 9x-based OSes (Windows 95, 98, and ME) had a monolithic kernel that didn’t separate programs into user and kernel space. This is also why an app crashing on a Windows 9x OS is more likely to bring down the entire system than in many modern OSes. Also: Microsoft had wanted to restrict kernel access back in the 2000’s, but EU regulators stopped them from doing so due to fear of anti-competitive practices. Apple somehow was able to do pretty much the same thing more recently with their macOS operating system however, which was why the CrowdStrike bug didn’t affect macOS at all. You are free to draw your own conclusions from this.
Wow, I didn't even know this was going on. Some of the places in town were messed up but they all attributed it to a cyberattack. I now know they were using Crowdstrike Falcon because of this video
So basically the kernel, is like Benadryl for the app that's spazzing out, you can't have a headache if you're asleep, and an app can't spaz out if it's closed by force.
@@djmarkiez Brother, you really said there are tons of testing... then why this happened? Ive seen developers questioning how this even happened in the first place, like the lack of rolling release Im not downplaying, just baffled
@@KenBladehart o its like a big complex orginasation has alot of people in them. And people sometimes make mistakes. I cannot comment on the testing because that is info only cloudstrike has. But overall with organisations like this there are testing protocols. And the client has their own standards.
What a shock, critical infrastructure being connected to the internet is a bad idea. Who would have thought? I personally think CrowdStrike should get a penalty for what happened and legislation to ensure anything similar doesn't happen again by having options from multiple sources, along with thorough proofreading and testing of all code before it's sent out. If possible, testing it on their own systems first.
imagine going to the hospital saying they cant operate on you, and your like, my linux or USB (so can delete the file) is all the way at home i diddent know had to bring that!
best thing is that it didn’t happen for me because I have a computer without the crowdstrike stuff, while everything was breaking for everyone, it worked
In so happy you are mentioning the diversification. I remember hearing thst microsoft is now complaining to governments that it is their fault because they werent allowed to monopolize the windows security systems. Imagine if that were the case and an outage occured...
The first 500 people to use my link will get a 1 month FREE trial of Skillshare!
skl.sh/nationsquid12231
Small corrections: Most antivirus programs have kernel access, but running (allegedly) untested code at this level is not common.
CrowdStrike Falcon Sensor is mostly business software, but can be used for those who work from home with company issued devices.
Oki 👍
how did bro make a comment before this video was even posted
Hey @nationsquid!
Nobody cares
Time to ditch proprietary operating systems like Windows and MacOS and switch to Linux: The only OS that actually keeps personal computers personal, instead of handing the devices in your own home to corporations you have nothing to do with and giving them control of your life and even business. Apart from not being spied on -for your own safety- for convenience, you update system packages when you choose to instead of having it updated by force, with updates in the stable branch of most distributions being practically tested for days before making it in.
The Italian train line Vesuviana runs on windows 2000 and is the only train line not affected by the outage in the whole of Italy. The trashiest train line. Immune. LEGENDARY.
epik
Who would win?
The modern day Y2K bug
Or
GigaChad train running Windows 2000?
Windows 2000 Baby!! 🎉
@@CyanRooper "Your PC broken? I don't care. Get on the fucking train; you have a job to get to."
I love NT 5 aka win2k so much
I work in IT and had to clean up after this mess. Was not fun.
I hope you got a good paycheck for it.
Imagine reading bitlocker recovery keys to people who can barely figure out how to read the emails. We couldn't use the automatic windows tool because of how our stuff is set up. It was all manual. Let's just say our service desk was so flat out that those of us in other areas of the IT department grabbed ahold of the instructions and fixed it ourselves and helped get the corporate stuff back up because we were the lowest priority
@@freeuploads4290 They'd be lucky to get an email.
@@freeuploads4290what paycheck?
Maybe a fruit basket for everyone max.
@@PLAYGAMER2033 nah, you're being way too generous, it will probably be a "great work handling this guys" email
Y2K happened 24 years late
Lag
More like Y2Late amirite???
hello fellow dasher
Y2Late
Cos same as all millennials, it was procrastinating)))
If you look back at this guy you see he used to be a creepypasta and ARG type horror channel person, now he's become a tech vlog. Quite the transformation.
Went from a fiction channel to a fact channel
I remember a tech vlog who became a far-right (for the UK) conspiracy channel...
Should've kept doing both he'd be my dream youtuber
@@anonUK For a second there I thought you were talking about TechLead
The worst thing to hear in any job is officially: "oops"
Imagine the mf who worked at CrowdStrike after pushing this update
The entire hospital system in my state went down. My aunt who’s a higher up worked for 15 hours beginning at 2am to try to get the hospitals working without computers.
The number of people still blaming Windows and making comments like "I was fine on my home computer, I was lucky", and they don't use CrowdStrike, is just wild.
R u a member????
I’m an IT professional. One thing I’ve learned is that 95% of people have absolutely no idea how computers work. But people who don’t know what they’re talking about tend to be vocal in a lot of spaces, like politics.
People are very stupid and very loud about it. and also very mean. 😢
@@RinkuTiwary-e7f yes I am
Windows is partly to blame because they still allow Kernel Extensions. And "security software" demands kernel level because it's possible to install 3rd party software there. It's literally a self-reinforcing problem. On modern systems, software that is not needed to make the OS communicate with hardware (drivers), should not be allowed to run with that amount of privileges. This is also why macOS was not affected, despite CrowdStrike being available there too. But macOS restricted the Kernel Level towards all 3rd party software, instead offering a more secure system extension API. Therefore, macOS can't be that easily bricked like Windows can.
Especially since it's ridiculously easy to install software with kernel privileges on Windows, there is no additional layer of protection (like a Super-UAC). All you need is a "Verified" installer and up you go. The "trusted installer" privilege has more power than the admin role (which is also a difference to Linux, which is also "open" but at the same time allows for the admin having the final word to decide what runs where and with what privileges).
And if you still don't believe me: Even Microsoft themselves pledged for their kernel level being as restrictive like in macOS. The "problem": They can't, because the EU forced them to open it. And the reason for that is because Microsoft insists that their Windows Defender has to run at kernel level. In order to allow for competition, the EU forced them to give 3rd party anti virus also access to the kernel level. But they could have also just restricted *every* software, including their Defender, to system extension API.
So in conclusion: The reason because the kernel level on Windows is as "open" as it is, is because Microsoft is too stubborn to "limit" their Defender on system extension APIs like on macOS.
Therefore: yes, Microsoft is partly to blame to allow 3rd party software being able to brick your system so easily.
It should simply not possible to send your PC into eternal boot loops just because some 3rd party software screws up royally.
A billion dollar company that just casually caused a $40,00,00,00 economic crisis on a regular Tuesday morning 💀
Oh you are verified
I think your commas are off there bud
@@owlcircus6811 yeah wtf are those commas 😭
bruh fix ur numbers
@@owlcircus6811 That number is fucked
"Just uploaded my first update to crowdstrike!" "Got fired, nothings fair"
Loll
Ha ha oh no!!!!
The corporate world outsources everything now to cut down their own labor costs. I lost my job when my department got outsourced to a third party company who does a worse job now.
that sucks, but what if you get a job at that 3rd party
Corporate greed at work 🤷♂️
Typical stupidity caused by power-trip managers
@@dnb5661 I bet you nobody's gotten fired over it either.
"If you had a Windows PC at home..." you wouldnt have CrowdStrike on your computer. 😂
There are some self-employed/work-from-home people that use it, depending on their needs.
Not as common as traditional businesses of course, but it does happen. 👍
apparently the home edition might not have been effected?
@@JNJNRobin1337 No, crowdstrike is deployed on enterprise computers to add another antivirus (crowdstrike falcon).
@@JNJNRobin1337 This was not a *Windows* failure, Microsoft had nothing to do with it, the whole thing was carelessness by Crowd Strike. If The Sims made your computer overheat and catch fire, that's not Microsoft's problem, that's Electronic Arts' failure. Same thing with Crowd Strike's epic quality control failure.
@@nationsquid If they're working from home their machines are behind a firewall/router, not directly exposed to the internet the way the affected servers are. And if it's a work computer provided by an employer, I'd bet they're not using Windows 10 Home Edition. 😄
This global internet outage is insane! All airlines grounded and i was stock the airport and even banks, media, and offices from the U.S. to Australia. How can CrowdStrike have such a monopoly that could help restore such a massive amount of tech?
It's pretty concerning. If they can fix this, what other control do they have over our infrastructure? or are we truly in the matrix?
Right? It makes you think about the stability of our systems. But hey, I barely spend time online. When I checked my portfolio with Desiree Ruth Hoffman, we were still in the greens. That’s been the case for 16 months straight!
Wow, really? I've seen the name Desiree Ruth Hoffman before but can't figure out where.
Probably from her forecast on Nvidia before the pump. But how are you in the greens with all the fluctuations due to the election and everything else? Can you share her strategy?
Honestly, just schedule a call with her. She has vast knowledge in finance and really knows how to navigate these times. I handed over my portfolio to her so I can focus on my family. These days, things just get scarier and scarier.
I had ZERO idea this was happening AT ALL. I heard nothing about it until the next day.
I had some level of an idea that it was going on throughout the day. The first hint to it was going on was the fact that one of the tv's in the building I live in that I was leaving from for a few days for the weekend had msnbc (or one of the news channels) on and they had the banner saying something to the effect of a Microsoft interruption problem. And, I got notifications through the newsbreak app and saw memes about it on social media.
I heard that "something" was wrong when I arrived at work and one of our (non critical) terminals running W10 was BSOD when other terminals (on some Linux distro) were not. Didn't get a clear picture of anything until returning home and checking the news.
...As of yesterday, said terminal was repaired but now was somehow missing the link to start THE one application most employees actually use it for, leaving it still functionally useless. Fortunately, that's something that can be fixed remotely....
With all the insanity of the last few years, I think people are becoming desensitized to cataclysmic world changing events. They seem to happen on a weekly basis now.
Same here, and I was on my pc all day on the 19th lmao
Yeah, it was CrowdStrike so if your computer didn't use CrowdStrike then you wouldn't have the issue, as I've heard.
I wouldn't have known about it if I hadn't heard of it from other people. I didn't happen to be at an Airport at the time, or at a workplace that might be affected.
Never underestimate the power of Hanlon's razor. People are scared of hackers and terrorist, but actually stupidity and people doing mistakes is way more dangerous...
For clarity ... Crowdstrike Falcon is a commercial grade anti-virus program. It is not commonly available to or used by home or small business systems. Almost all of the BSODs were in commercially networked computers. Home users were not affected.
No wonder I never fell victim to the bug.
@@OctavioGaitan
Unless you have CrowdStrike products installed on your computers, you have nothing to worry about.
This also affected Wikipedia. I remember trying to do an edit and it wouldn't go through, and couldn't figure out why. And then I saw the news and realized.
bro watch teh fucking video before commenting you fuking like fisher
Me too I was trying to update Oklahoma football
What Wikipedia entry were you trying to edit? Ive actually never come across anyone who contributed to any Wikipedia entry.
@@oklahomasoonersfootballOKC here's where the problem is...
(I tried to make an Oklahoma City pun)
But Wikipedia is a non-profit, and CrowdStrike is expensive
Shall we call it Y2K24?
That actually sounds fitting
Except it had nothing to do with the date..
Y24
@@nyckid What's the year then?
@@blackberrythefox117He thinks its 1924 right now
I was seriously considering flying abroad, but decided against it to save money, then the outage happened.
Being stingy saved my a*s from being stranded in another country lol
I'm in IT at a fairly large Hospital System in California, we had only 40 or so servers affected but over 11,000 end points that all needed touching to boot into, enter the BitLocker code, boot into Safe Mode, and delete the .sys file, we had 100's of analyst & Workstation Techs deployed, it took about 5 minutes per endpoint but we just about had it wrapped up by Tuesday. None the less it was a mess, but I can guarantee that all patients were admitted & treated just a LOT of overtime!
Many flights delayed,servers shut down the whole entire computer based business was at loss because of a faulty update
I guess I'm lucky I took a flight days before July 19th because damn, imagine how much hell I would've had to go through
I love how you sneak little Beatles references into every video, from the one where you had a file named "Carnival Of Light.MP3" to the Paul McCartney shirt you wore in this one!
And the figures
The company I work for uses Crowdstrike. Only one person in our team got hit with the blue screen but because we work remotely, she now has to wait for them to send her a new laptop. If it had happened to all of us… yikes.
Ah i see
I thought i had shut down something vital in my task manager
I did that, yet my computer works still
Shutting down something vital won't cause a BSOD loop. It will just start again after restarting
@@Cyntaria good to know
It's ironic that a cyber security company that was supposed to protect you, was able to inflict this much damage that even the worst hacker groups could only dream of.
its like, people are workin there and make a mistake..
one company shouldnt be relied on so much
It wasn’t a hack though. It’s still an excellent product.
Wells, that's kinda expected. The system admins are the people that can most easily cause a system breakdown. Giving someone kernel access, is to give them even more chance to blew up even the hardware. What's unexpected is that a company of that size would not test and retest to see if everything ok before pushing it out. I wonder if they just lay off the people who was involved in the testing process, and the clueless employees just don't know that the test hasn't been performance.
Technically if you had a Windows computer at home you wouldn't have seen that blue screen on July 19th since your computer wouldn't have ClownStrike installed. I've yet to meet a single individual who forks out the large sums of money required to use ClownStrike on their own personal device (most individuals aren't Fortune 500s).
Yeah probably not, but it's entirely possible.
At my job we had a lot of blue screens that day after an update (we don't use cloudstrike). Although my guess is that it was just mass hysteria making a run of the mill blue screen seem like it was related to the bug. Some unfortunate coincidence.
I've heard some Windows updates were troublesome in the last few months tho
This mostly affects large coorporations and industries. not personal machines this doesn't mean there is no affect on anyone though as corporations and industries affect people
some people (like self employed and work-from-home workers) do have cloud strike
I heard about the outage after I got pissed because I thought I didn't get paid on payday, when in reality the bank was just having tech issues 💀
the amount of mac users ive seen talk shit about windows because this didnt happen on mac while having absolutely zero idea what they are talking about was insane
Was stuck in an airport for over 15 hours then wasn’t able to get a hotel had to travel 30 miles from the airport to stay at a 2 star motel
I work for a trucking company and everything was screwed up. Navigation was out, logs, load data, trailer status, even customers were screwed. We were having to use paper atlases and logs, and check every trailer for our loads. Scales were down too. What a dumpster fire.
Rember Y2K Bug?
This is him now:
Feel old yet?
@@icecreamjunkie6790 yeah
We got Y2K before GTA 6
whats next? will we ever get gta6
@@cyby124 one day
Things we got between GTA V and GTA VI:
- Global IT outage causing $1 trillion in damage
- Former US president narrowly nearly being assassinated
- Global pandemic that killed 7 million people
- The population reaching 8 billion people
wouldent it be Y2.024K?
Even GTA 3 wasn’t released back in 2000
idk just a little tale from the outage: my mom works in a coroners office and the worst one for her has been that their fingerprinting system is affected so they’ve had to manually ink fingerprints from the bodies they’ve received 💀
lol i was at the airport going to visit my grandma and shit was crazy
When I heard of the crash I immediately thought of your potential video on it lol, excited to hear you’re take on it!
one of the first things I said when this happened was "I can't wait for NationSquid to make a video on this"
This one was right up your alley! Looking forward to watching
Forget Y2K34, we have Y2K24.
Man, all this outage did to me was cause a minor inconvenience at work cuz I didn't have access to a virtual machine to use certain programs. Meanwhile, other folks were probably dying cuz of hospitals being unable to use their equipment! It's kinda scary how vastly different the experience was for different people...
As an IT professional, I’m SO glad we don’t use CrowdStrike. We’re a property management company so 90% of our computers are at remote sites with no in-house IT staff. We would’ve been so screwed. We even thought about going with CrowdStrike at one point.
making a PC not work is ONE way to keep data safe from anyone, but it is not what's supposed to happen
I was camping when this happened lol
Lol. What timing
average grass toucher fr
@@scalemerald I was making a geometry dash level for like half of the trip 😅
I actually saw the effects of this while I was on vacation. I saw a screen that was supposed to show an ad on the back of a tram that goes down the boardwalk, but it instead showed the recovery screen, then saw the same exact thing later that day.
i was camping at a music festival when this went down, so I had no idea until halfway through the day when a few artists had to cancel because they were stuck at various airports across the US
Err, *sort of*- all modern Antivirus/Anti-malware have drivers which run inside the kernel, and this is because they need to give its two cents about process creation- that's how, and indeed even why, they work in the first place.
What the end-user sees. is basically little more than user-space window-dressing, vastly simplifying for them what the AV/AM engine is actually doing, so the user is able to take action in the event their input is required.
Actually it affected mainly corporate PCs who use crowdstrike and not home users. It affected only a small percentage of Windows PC
The part that was really scary about this was 911 was down in all of Alaska, they had to give our individual phone numbers for people to call. Some hospitals/hospital systems were out. (2 hospital systems in my state were affected in some way by the issue). Of course Delta and other airlines were. I am a software engineer and I wish there was much more data redundancy than there is. Personally all of my computers (outside of my work computer) have a Linux boot system as a back up. I don’t do this for a paranoid reason necessarily but I do use it as a tool to teach others how to use Linux (friends have really old computers that run much faster on Linux than windows)
i was so excited for a video about crowdstrike to come out on nationsquids channel! i just saw that im watching you from a year and i forgot to subscribe,im gonna subscribe now!
I think we can all agree that this felt like Y2K, everything reminded me of the anime movie Summer Wars.
Totally forgot this video came out cause I was celebrating my birthday, but I'll learn more about last Friday's events
Manually updating computers with a drive/USB key one by one because it needs hands on fixed and unable to access the network/internet, this is called the "Sneaker Net" where the network is you and your "Sneakers" walking around plugging in over and over.
My cousin was stuck in Orlando for god knows how long, I felt so bad for her bc there’s nothing scarier than wanting to be home but you can’t because all your flights are grounded
I love that my birthday is immortalized as "The modern y2k"
ooooh this was a fun day at work
Y2K's ping was so bad it took 24 years for it to connect
Is this the first present day video?! Neat
Our entire network has been offline (servers, routers, etc) for
Almost a week.
Super fantastic vid! Scary how severe this was
Our company doesn't use Crowdstrike, and I'm working for a Fortune 100. The moment they had advertisements all over F1, our company must have realized Crowd Strike is shit.
Cyber guys say CrowdStrike is actually very good - when it’s working. It does have 25% market share.
What’s not good (enough) are their software delivery processes.
Remember being at work when this occurred. It was around 3-4am CST. We couldn’t do any work. Everyone was just sitting around, on their phones. Can’t imagine if a larger cyber attack of this kind happens, and affects the whole country.
it was so funny my gasstaion was so old the system wasnt shut down at all hahaha so we were the only place in town really open
0:12 : Nope, I didn't experience it on my laptop.
Edit: When updating ,upgrading, and/or configure software, you can run it on sandbox to see what's wrong before deploying to the public.
Yep, you went the exact same direction I was going - this is the problem with monopolies.
So basically: Kernel level software having a bug can have catastrophic consequences for your entire computer system.
And yet it is becoming standard practice for Video-Game Publishers who have a reputation for creating buggy, unstable and broken software to install Kernel Level Software onto your computer alongside your game (Often without your knowledge or consent) to monitor you and make sure you don't "cheat."
Should've known you'd make a video about this since you've covered Y2K
I love you NationSquid thank you for existing
I work at a bank and we were still dealing with the aftermath of the outage caused by the hurricane when this happened. It was a very bad day.
I didn't even know what CrowdStrike was and I am an IT technician. So, probably not in Germany I guess.
Crowdstrike has lost almost 50% of it's stock price since the outage
4:12 KERNEL SANDERS
Dang I was 8 months old when Y2K happened in January 1st 2000 and now I’m a freaking 25 years old! Time really flies isn’t it?
This is what happens when you rely on "we can add/fix it with the later update" logic. The software today are all beta-versions forcibly deployed onto user's PC for testing. This needs to stop. The software must work properly without any need to be updated all the time, and no update should be forced on you.
Unfortunately that same logic is very common in the gaming world as well so really these corporations need more patience so that things can be released correctly instead of half-hearted nonsense that has problems or could have potential problems
So it was greed that slew the greedy? I see this as an absolute win.
When talking about market share you forgot that most of servers run Linux. Those servers are much more valuable target than average home PCs.
Yes, but they're on secure networks that require either decryption that's practically impossible without insider access, or physical access to the server to bypass (and those instances tend to make the most destructive malware attacks).
@@jamesdinius7769 Linux isnt 100% secure, it also has zero days that people can abuse,
Home computers were not affected by this. Crowd strike is a software that only ran on computers from businesses that paid for the software
I remember when this happened, thankfully my colleague and I were in early and work in IT so we got the whole thing escalated quickly and were up and running within the next hour or so, I still feel sorry for those who weren’t as fortunate.
the fact this happened 1 day after my birthday is beyond me
Your wish came true
@@creativename773 i didnt wish for that to happen tho ☠☠
@@SuperGibaLogan oh 💀
No more birthdays for you 😂
You moved on this topic so quick lol, thank you for explaining what happened!
As a programmer, I can confirm you got the kernel definition right.
Also, yes AI won't be able to steal our jobs any day.
CONDENSED VERSION: Almost every major company relies on a cybersecurity company called Crowdstrike to provide services to prevent data breaches. Windows machines with Crowdstrike received an software patch with from Crowdstrike however, it turns out one of the binaries that was meant to be loaded by the NT kernel was filled with zeroes which lead to a BSOD.
Another Great Video. Keep up the good work
10:23 you can also click advanced recovery options then command prompt and do del /f C:\Windows\System32\drivers\CrowdStrike\C-00000291*.sys
12:03 96% of servers run linux
You explained it really beautifully.
This Affected TV channels and services too because last Friday Both Sky News and CBBC in the UK went off the air that morning (both back to normal now) and DirecTV experienced technical issues for 4/5 hours
i always appreciate the effort you put into every video! ️
That's it, I'm protecting my computer with butterscotch ripple
Fun fact: unlike many modern OSes nowadays, Windows 9x-based OSes (Windows 95, 98, and ME) had a monolithic kernel that didn’t separate programs into user and kernel space. This is also why an app crashing on a Windows 9x OS is more likely to bring down the entire system than in many modern OSes.
Also: Microsoft had wanted to restrict kernel access back in the 2000’s, but EU regulators stopped them from doing so due to fear of anti-competitive practices. Apple somehow was able to do pretty much the same thing more recently with their macOS operating system however, which was why the CrowdStrike bug didn’t affect macOS at all.
You are free to draw your own conclusions from this.
👹 Me who disabled windows updates and was unaffected by whatever the hell happened
Wow, I didn't even know this was going on. Some of the places in town were messed up but they all attributed it to a cyberattack.
I now know they were using Crowdstrike Falcon because of this video
So basically the kernel, is like Benadryl for the app that's spazzing out, you can't have a headache if you're asleep, and an app can't spaz out if it's closed by force.
At my company we the end users had to clean it up with the direction of IT was crazy that half our store was down
Well I’m glad or we glad some home users didn’t use crowdstrike and we survived modern Y2K bug! Hope they find a solution to fix this problem.
The reason why you dont update immediately, unless theres a very valid reason to do so
personal pc's yeah it your own risk. on a business side with managed devices they update after testing.
@@djmarkiez Testing? Pssshhh yeah right, people got lenient and careless
@@KenBladehart Alright you show you dont know much about managing devices in an big organisation, thats fine! have a nice day
@@djmarkiez Brother, you really said there are tons of testing... then why this happened?
Ive seen developers questioning how this even happened in the first place, like the lack of rolling release
Im not downplaying, just baffled
@@KenBladehart o its like a big complex orginasation has alot of people in them. And people sometimes make mistakes. I cannot comment on the testing because that is info only cloudstrike has. But overall with organisations like this there are testing protocols. And the client has their own standards.
What a shock, critical infrastructure being connected to the internet is a bad idea. Who would have thought?
I personally think CrowdStrike should get a penalty for what happened and legislation to ensure anything similar doesn't happen again by having options from multiple sources, along with thorough proofreading and testing of all code before it's sent out. If possible, testing it on their own systems first.
imagine going to the hospital saying they cant operate on you, and your like, my linux or USB (so can delete the file) is all the way at home i diddent know had to bring that!
best thing is that it didn’t happen for me because I have a computer without the crowdstrike stuff, while everything was breaking for everyone, it worked
I work at a hospital that uses windows. Had no clue what was going on until I read my email. Guess we weren’t hit!
In so happy you are mentioning the diversification. I remember hearing thst microsoft is now complaining to governments that it is their fault because they werent allowed to monopolize the windows security systems. Imagine if that were the case and an outage occured...
Funny thing is my laptop and desktop were totally fine and nothing really effected them during the crowdstrike crisis. Some websites were down though.
Hey mate. Love your content!
I operate rollercoasters and I believe the CrowdStrike outage caused a few of our park’s rides to go down. Was kinda crazy