this post was submitted on 21 Aug 2024
548 points (98.6% liked)

Technology

59574 readers
3262 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] Ste41th@lemmy.ml 257 points 3 months ago (2 children)

Basically they fucked up and don’t like the criticism from other companies/ customers.

[–] themeatbridge@lemmy.world 75 points 3 months ago* (last edited 3 months ago) (10 children)

It's not really criticism, it's competitors claiming they will never fuck up.

Like, if you found mouse in your hamburger at McDonald's, that's a massive fuckup. If Burger King then started saying "you'll never find anything gross in Burger King food!" that would be both crass opportunism and patently false.

It's reasonable to criticize CrowdStrike. They fucked up huge. The incident was a fuckup, and creating an environment where one incident could cause total widespread failure was a systemic fuckup. And it's not even their first fuckup, just the most impactful and public.

But also Microsoft fucked up. And the clients, those who put all of their trust into Microsoft and CrowdStrike without regard to testing, backups, or redundancy, they fucked up, too. Delta shut down, cancelling 4,600 flights. American Airlines cancelled 43 flights, 10 of which would have been cancelled even without the outage.

Like, imagine if some diners at McDonald's connected their mouths to a chute that delivers pre-chewed food sight-unseen into their gullets, and then got mad when they fell ill from eating a mouse. Don't do that, not at any restaurant.

All that said, if you fuck up, you don't get to complain about your competitors being crass opportunists.

[–] ShepherdPie@midwest.social 42 points 3 months ago (3 children)

Even if that's the case, how is it Crowdstrike's place to call these other companies out for claiming something similar will never happen to them? Thus far, it had only ever happened to CS.

[–] catloaf@lemm.ee 14 points 3 months ago

No, we had Sentinelone take down our company a few months ago. Granted, not a global outage, but it's something similar. I'm sure that if you went back in news archives, you'd find articles about major Sentinelone outages. I think Crowdstrike is just the biggest one in recent history. It's certainly not unprecedented.

load more comments (2 replies)
[–] jubilationtcornpone@sh.itjust.works 31 points 3 months ago (2 children)

Resiliency and security have a lot of layers. The crowd strike bungle was very bad but more than anything it shined a bright spot light on the fact that certain organizations IT orgs are just a house of cards waiting to get blown away.

I'm looking at Delta in particular. Airlines are a critical transportation service and to have issues with one software vendor bring your entire company screeching to a halt is nothing short of embarrassing.

If I were on the board, my first question would be, "where's our DRP and why was this situation not accounted for?"

[–] Boozilla@lemmy.world 23 points 3 months ago

House of cards is exactly right. At every IT job I've worked, the bosses want to check the DRP box as long as it costs as close to zero dollars as possible, and a day or two of 1-2 people writing it up. I do my best to cover my own ass, and regularly do actual restores, limit potential blast radii, and so on. But at a high level, bosses don't give AF about defense, they are always on offense (i.e. make more money faster).

load more comments (1 replies)
[–] brbposting@sh.itjust.works 21 points 3 months ago (1 children)

you'll never find anything gross in Burger King food!

[–] Feathercrown@lemmy.world 12 points 3 months ago (1 children)
load more comments (1 replies)
load more comments (7 replies)
[–] sunzu2@thebrainbin.org 20 points 3 months ago (1 children)

Classic corporate "leadership"

We didn't do nuffin shareholders, please pay

load more comments (1 replies)
[–] Bosht@lemmy.world 96 points 3 months ago (2 children)

Yeah, it was an international fuck up. You're going to get heat, and it's 100 percent deserved. Go cry in a corner and fuck off into oblivion.

load more comments (2 replies)
[–] howlingecko@sh.itjust.works 69 points 3 months ago* (last edited 3 months ago)

They whine about this now, after they removed their “shady commentary” towards Microsoft from their website

Reference: https://twitter.com/tomwarren/status/1816823026291270136

[–] Blaster_M@lemmy.world 65 points 3 months ago* (last edited 2 months ago) (1 children)

Cry me a half billion dollar river, maybe we can use that money to fix all the damages it did.

load more comments (1 replies)
[–] JigglySackles@lemmy.world 63 points 3 months ago (1 children)

“Our industry is built on trust,” Sentonas said

And instead of following that statement with an apology to all the companies and people they royally fucked in the ass with their shitty business practices, they instead whined about other people pointing out what a massive, colossal, and completely preventable fuckup this was.

Good going sealing my resolve to never use crowdstrike.

[–] SirQuackTheDuck@lemmy.world 17 points 3 months ago (1 children)

Hey, they gave some people an Uber Eats coupon

[–] aodhsishaj@lemmy.world 19 points 3 months ago (1 children)

A $10 UberEats voucher that most couldn't use

When TechCrunch checked the voucher, the Uber Eats page provided an error message that said the gift card “has been canceled by the issuing party and is no longer valid.”

https://techcrunch.com/2024/07/24/crowdstrike-offers-a-10-apology-gift-card-to-say-sorry-for-outage/

load more comments (1 replies)
[–] reginald_crunklebottom_III@lemmy.world 62 points 3 months ago (1 children)

Crowdstrike didn't just fuck up, they killed people. I personally had to postpone a blood test, but mine wasn't critical and I'm alive to complain. Not everyone is.

[–] CileTheSane@lemmy.ca 48 points 3 months ago (4 children)

It's okay, they sent out $10 gift cards for Uber Eats to apologize (that they immediately cancelled).

[–] sudo 24 points 3 months ago (1 children)

To their customers*. Not to the literally billions of people directly affected by their debacle.

load more comments (1 replies)
load more comments (2 replies)
[–] ulkesh@lemmy.world 57 points 3 months ago (1 children)

Awww, let's all feel bad for the rich, shitty company that has shitty quality control.

[–] AdamEatsAss@lemmy.world 18 points 3 months ago

Hey, they're trying their hardest. It's hard because they had the joke build stored right next to the actual build so when they went to push it they clicked the wrong one.

[–] mp3@lemmy.ca 50 points 3 months ago (14 children)

I don't see the other companies fucking up so badly though.

[–] Gork@lemm.ee 12 points 3 months ago

That one recently with the 2.3 billion record data breach is pretty bad, and we collectively had no way to prevent it since it was through a private company.

load more comments (13 replies)
[–] mlg@lemmy.world 48 points 3 months ago (2 children)
load more comments (2 replies)
[–] bfg9k@lemmy.world 48 points 3 months ago

CrowdStrike customers 'unhappy' with CrowdStrike

[–] demesisx@infosec.pub 46 points 3 months ago* (last edited 3 months ago) (1 children)

In similar news, Enron says that people should stop being ambulance chasers by calling them out for corruption, fraud, and illegal activities.

ClownStrike had a massive, glaring issue with their main functionality that is THEIR COMPANY’S ONLY REASON FOR EXISTING that has been correctly attributed to criminally inept architecture decisions, no redundancy, no checks, no safety measures, and no accountability.

If I made the executive decision to design a system without any safety measures that could potentially push unchecked, malicious code to 90% of the computers that the business world runs on, I would be sued into dust. Honestly, if there were any justice in the world, the people at CrowdStrike that designed such a shite system should do actual prison time for their ineptitude.

load more comments (1 replies)
[–] LiveLM@lemmy.zip 46 points 3 months ago* (last edited 3 months ago) (2 children)

They lambasted Microsoft in their marketing materials but when others do it to them it's no fair? lol

Compare the live page with the archive.
Looks like someone softened their language after the disaster, eh?

[–] micl@lemmy.world 13 points 3 months ago

Looks like the difference between the two is that they removed the section calling Microsoft’s security culture inadequate.

I wonder what motivated the change.

load more comments (1 replies)
[–] billwashere@lemmy.world 45 points 3 months ago (1 children)

Somebody should call them a wambulance since their fee-fees got hurt.

load more comments (1 replies)
[–] yamanii@lemmy.world 43 points 3 months ago (1 children)

Sorry but some fields have no margin for error, just take the L and shut up.

[–] psivchaz@reddthat.com 31 points 3 months ago

Nah, this one has a margin of error. It's just that "take down a large percentage of all computers in the world simultaneously" is quite a bit outside of that margin for a security software.

Youre a verb now, guys. That’s what happens when you fuck up that badly. Deal with it <3

[–] VitabytesDev@feddit.nl 31 points 3 months ago

make 8 million computers crash

other companies say you're trash

blame others

cry

[–] Boozilla@lemmy.world 31 points 3 months ago* (last edited 3 months ago) (1 children)

I wonder if they'll end up doing a rename / rebrand if "ClownStrike" continues to haunt them (as it should).

If they do, I'm sure the new name will be some focus tested aberration they pay way too much for.

[–] sunzu2@thebrainbin.org 13 points 3 months ago
[–] Blackmist@feddit.uk 29 points 3 months ago

Maybe you shouldn't have taken down half the world's airlines.

People do tend to notice shit like that.

[–] hark@lemmy.world 29 points 3 months ago (1 children)

Nothing shady about that commentary after seeing how they screwed up. I couldn't believe how amateur hour the cause of the crash was (the program not validating definition file contents, which spectacularly failed when fed a file consisting only of zeroes). They should rename themselves to ClownTrike.

[–] db2@lemmy.world 14 points 3 months ago (2 children)

That wasn't what was in the file, it was actual stuff. I saved a copy of it.

What happened was the file directed their craptastic snake oil software, which did absolutely no sanity checking first, to access memory it wasn't actually given which predictably resulted in it crashing, and since its dick was way up the kernels butt at the time they both went down together.

I've been calling them ClownStrike because they're clowns and their incompetence struck everyone else hard.

load more comments (2 replies)
[–] Sneptaur@pawb.social 29 points 3 months ago

They deserve to go bankrupt after that level of damage. I won't be surprised if a class action comes against them for gross negligence within the next few years. They're cooked and they know it.

[–] sunzu2@thebrainbin.org 24 points 3 months ago

Please proper nomanclature, clownstrike as in 🤡🤽‍♀️

[–] doggle@lemmy.dbzer0.com 22 points 3 months ago

And their customers are unhappy with the catastrophic service failure. Cry me a river.

[–] Passerby6497@lemmy.world 21 points 3 months ago (6 children)

I appreciated the RiskyBiz episode with the Sentinel one guys where they go over all the ways this could have been prevented if they did real testing

Crowdstrike absolutely deserves the shit they're getting.

load more comments (6 replies)
[–] paf0@lemmy.world 20 points 3 months ago

Companies all over the world shutdown because of their incompetence. They do not deserve to be in the security business.

[–] ATDA@lemmy.world 17 points 3 months ago

I think that's just called "living down an epic fuck up" but you know it's their company and they can cry if they want to.

[–] peregrinetech@lemmy.world 16 points 3 months ago

Making millions, failing, causing global damage, then crying when people comment is quite nice and not at all hypocritical.

[–] kittenzrulz123@lemmy.blahaj.zone 15 points 3 months ago

Womp womp, that's what happens when you shut down the global economy clownstrike

[–] Durandal 15 points 3 months ago

Did they try offering a $10 gift card to the other companies? "hah psyche!"

[–] NegativeLookBehind@lemmy.world 12 points 3 months ago
[–] IAmTheZeke@lemmy.world 11 points 3 months ago

Well companies serve humans. Be better

load more comments
view more: next ›