Yep, stuck at the airport currently. All flights grounded. All major grocery store chains and banks also impacted. Bad day to be a crowdstrike employee!
this post was submitted on 19 Jul 2024
2 points (100.0% liked)
Technology
59566 readers
4839 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
If these affected systems are boot looping, how will they be fixed? Reinstall?
There is a fix people have found which requires manual booting into safe mode and removal of a file causing the BSODs. No clue if/how they are going to implement a fix remotely when the affected machines can't even boot.
load more comments
(5 replies)
load more comments
(3 replies)
Interesting day
Wow, I didn't realize CrowdStrike was widespread enough to be a single point of failure for so much infrastructure. Lot of airports and hospitals offline.
The Federal Aviation Administration (FAA) imposed the global ground stop for airlines including United, Delta, American, and Frontier.
Flights grounded in the US.
The thought of a local computer being unable to boot because some remote server somewhere is unavailable makes me laugh and sad at the same time.
I don't think that's what's happening here. As far as I know it's an issue with a driver installed on the computers, not with anything trying to reach out to an external server. If that were the case you'd expect it to fail to boot any time you don't have an Internet connection.
Windows is bad but it's not that bad yet.
load more comments
(3 replies)
load more comments
(5 replies)
Huh. I guess this explains why the monitor outside of my flight gate tonight started BSoD looping. And may also explain why my flight was delayed by an additional hour and a half...
This is going to be a Big Deal for a whole lot of people. I don't know all the companies and industries that use Crowdstrike but I might guess it will result in airline delays, banking outages, and hospital computer systems failing. Hopefully nobody gets hurt because of it.
Big chunk of New Zealands banks apparently run it, cos 3 of the big ones can't do credit card transactions right now
It was mayhem at PakNSave a bit ago.
load more comments
(1 replies)
One possible fix is to delete a particular file while booting in safe mode. But then they'll need to fix each system manually. My company encrypts the disks as well so it's going to be a even bigger pain (for them). I'm just happy my weekend started early.
You have ta have access to boot in safe mode too, I guess I can't on my work pc for example.
What a shitty workaround & might crowd strike burn in hell lol
load more comments
(1 replies)
load more comments
(8 replies)
Apparently at work "some servers are experiencing problems". Sadly, none of the ones I need to use :(
This is a better article. It's a CrowdStrike issue with an update (security software)
load more comments
(1 replies)
Xfinity H&I network it down so I can't watch Star Trek. I get an error msg connection failure. Other channels work though.
Here's the fix: 1)Boot to safe mode/recovery 2)Go to C:\Windows\System32\drivers\CrowdStrike 3)Delete the file matching "C-00000291*.sys" 4)Boot the system normally
A driver failure, yeesh. It always sucks to deal with it.
It's disappointing that the fix is so easy to perform and yet it'll almost certainly keep a lot of infrastructure down for hours because a majority of people seem too scared to try to fix anything on their own machine (or aren't trusted to so they can't even if they know how)
They also gotta get the fix through a trusted channel and not randomly on the internet. (No offense to the person that gave the info, it’s maybe correct but you never know)
load more comments
(4 replies)
It might not even be that. A lot of places have many servers (and even more virtual servers) running crowdstrike. Some places also seem to have it on endpoints too.
That's a lot of machines to manually fix.
Might seem easy to someone with a technical background. But the last thing businesses want to be doing is telling average end users to boot into safe mode and start deleting system files.
If that started happening en masse we would quickly end up with far more problems than we started with. Plenty of users would end up deleting system32 entirely or something else equally damaging.
load more comments
(1 replies)
load more comments
(7 replies)
load more comments
(7 replies)
This is the best summary I could come up with:
There are reports of IT outages affecting major institutions in Australia and internationally.
The ABC is experiencing a major network outage, along with several other media outlets.
Crowd-sourced website Downdetector is listing outages for Foxtel, National Australia Bank and Bendigo Bank.
Follow our live blog as we bring you the latest updates.
The original article contains 52 words, the summary contains 52 words. Saved 0%. I'm a bot and I'm open source!
load more comments
(1 replies)
My dad needed a CT scan this evening and the local ER's system for reading the images was down. So they sent him via ambulance to a different hospital 40 miles away. Now I'm reading tonight that CrowdStrike may be to blame.
A few years ago when my org got the ask to deploy the CS agent in linux production servers and I also saw it getting deployed in thousands of windows and mac desktops all across, the first thought that came to mind was "massive single point of failure and security threat", as we were putting all the trust in a single relatively small company that will (has?) become the favorite target of all the bad actors across the planet. How long before it gets into trouble, either because if it's own doing or due to others?
I guess that we now know
load more comments
(4 replies)
My favourite thing has been watching sky news (UK) operate without graphics, trailers, adverts or autocue. Back to basics.
Reading into the updates some more... I'm starting to think this might just destroy CloudStrike as a company altogether. Between the mountain of lawsuits almost certainly incoming and the total destruction of any public trust in the company, I don't see how they survive this. Just absolutely catastrophic on all fronts.
If all the computers stuck in boot loop can't be recovered... yeah, that's a lot of cost for a lot of businesses. Add to that all the immediate impact of missed flights and who knows what happening at the hospitals. Nightmare scenario if you're responsible for it.
This sort of thing is exactly why you push updates to groups in stages, not to everything all at once.
Looks like the laptops are able to be recovered with a bit of finagling, so fortunately they haven't bricked everything.
And yeah staged updates or even just... some testing? Not sure how this one slipped through.
load more comments
(4 replies)
Yeah saw that several steel mills have been bricked by this, that's months and millions to restart
Got a link? I find it hard to believe that a process like that would stop because of a few windows machines not booting.
load more comments
(6 replies)
Agreed, this will probably kill them over the next few years unless they can really magic up something.
They probably don't get sued - their contracts will have indemnity clauses against exactly this kind of thing, so unless they seriously misrepresented what their product does, this probably isn't a contract breach.
If you are running crowdstrike, it's probably because you have some regulatory obligations and an auditor to appease - you aren't going to be able to just turn it off overnight, but I'm sure there are going to be some pretty awkward meetings when it comes to contract renewals in the next year, and I can't imagine them seeing much growth
load more comments
(3 replies)
I think you're on the nose, here. I laughed at the headline, but the more I read the more I see how fucked they are. Airlines. Industrial plants. Fucking governments. This one is big in a way that will likely get used as a case study.
load more comments
(1 replies)
It's just amatuer hour across the board. Were they testing in production? no code review or even a peer review? they roll out for a Friday? It's like basic level start up company "here's what not to do" type shit that a junior dev fresh out of university would know. It's like "explain to the project manager with crayons why you shouldn't do this" type of shit.
It just boggles my mind that if you're rolling out an update to production that there was clearly no testing. There was no review of code cause experts are saying it was the result of poorly written code.
Regardless if you're low level security then apparently you can just boot into safe and rename the crowdstrike folder and that should fix it. higher level not so much cause you're likely on bitlocker which...yeah don't get me started no that bullshit.
regardless I called out of work today. no point. it's friday, generally nothing gets done on fridays (cause we know better) and especially today nothing is going to get done.
load more comments
(7 replies)
load more comments
(6 replies)
view more: next ›