I Remain in Salute Yours Truly Bernard Ignorant
-
Greetings kind regards I attempted to learn what caused the CrowdStrike outage by typing into the web search box precisely that question. The results were a list of titles of articles promising to do exactly that and in great detail. The article from CNN seemed the most informative but am still left uninformed. I assumed the entire world knew instantly it was a software bug. So the many authors of these articles announced to us in great detail that the sky is blue. We should all be grateful for their fine and useful efforts. CrowdStrike outage: We finally know what caused it - CNN "A bug in the pre-release testing software allowed a bug in the tested software to pass." CrowdStrike outage explained: What caused it and what’s next - TechTarget "A bug in the software." What actually happened inside the CrowdStrike update to cause a worldwide IT breakdown? - abc "... mistake has been made in coding ..." CrowdStrike shares details on cause of global tech outage - USA TODAY "... the update was problematic, ..." "Insanity in individuals is rare, but in groups, parties, nations, it is the rule." - Nietzsche
On the technical side - a securitiy update file came out all zeros after download. The code didn't checked it and tried to use one of those zeroes as address, which crashed the software. As the software runs in kernel mode that crash automatically raised the BSOD...
"It never ceases to amaze me that a spacecraft launched in 1977 can be fixed remotely from Earth." ― Brian Cox
-
What is about the IT members who have to this sovle that? I mean every HD is usually secured by bitlocker. What, when the responsible ITs do, if they have no access to that info? Fortunately it looks like, some IT persons still had access to that information while using - a not affected- linux thingy :laugh:
Bitlocker protects against ransomware through professional courtesy.
GCS/GE d--(d) s-/+ a C+++ U+++ P-- L+@ E-- W+++ N+ o+ K- w+++ O? M-- V? PS+ PE Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X The shortest horror story: On Error Resume Next
-
Greetings kind regards I attempted to learn what caused the CrowdStrike outage by typing into the web search box precisely that question. The results were a list of titles of articles promising to do exactly that and in great detail. The article from CNN seemed the most informative but am still left uninformed. I assumed the entire world knew instantly it was a software bug. So the many authors of these articles announced to us in great detail that the sky is blue. We should all be grateful for their fine and useful efforts. CrowdStrike outage: We finally know what caused it - CNN "A bug in the pre-release testing software allowed a bug in the tested software to pass." CrowdStrike outage explained: What caused it and what’s next - TechTarget "A bug in the software." What actually happened inside the CrowdStrike update to cause a worldwide IT breakdown? - abc "... mistake has been made in coding ..." CrowdStrike shares details on cause of global tech outage - USA TODAY "... the update was problematic, ..." "Insanity in individuals is rare, but in groups, parties, nations, it is the rule." - Nietzsche
-
If you want a breakdown from someone who actually knows about low-level programming, check out the latest episode (984) of [Security Now](https://twit.tv/shows/security-now/episodes/984?autostart=false) from Steve Gibson.
-
On the technical side - a securitiy update file came out all zeros after download. The code didn't checked it and tried to use one of those zeroes as address, which crashed the software. As the software runs in kernel mode that crash automatically raised the BSOD...
"It never ceases to amaze me that a spacecraft launched in 1977 can be fixed remotely from Earth." ― Brian Cox
Kornfeld Eliyahu Peter wrote:
On the technical side - a securitiy update file came out all zeros after download.
Then you'd think, of all things, a security update would be signed, and the OS would've picked up the fact that its content didn't match what it was supposed to be and stopped everything in its tracks. Unless there's something about that process that I don't understand.
-
Wow! Leo Laporte! I used to watch his show on ZDTV back in the late 90s. Good to see he is still around. :thumbsup:
"Go forth into the source" - Neal Morse "Hope is contagious"
He's been around and has been busy with his podcast network ever since ZDTV. Sadly, like all podcasts these days, he's not doing as well financially as he might have just a short while ago, but he's still going. He's got other podcasts on a lot of topics (all tech) but these days I'm only listening to Security Now and Windows Weekly.
-
Kornfeld Eliyahu Peter wrote:
On the technical side - a securitiy update file came out all zeros after download.
Then you'd think, of all things, a security update would be signed, and the OS would've picked up the fact that its content didn't match what it was supposed to be and stopped everything in its tracks. Unless there's something about that process that I don't understand.
It WAS signed - with the wrong content in it...
"It never ceases to amaze me that a spacecraft launched in 1977 can be fixed remotely from Earth." ― Brian Cox
-
It WAS signed - with the wrong content in it...
"It never ceases to amaze me that a spacecraft launched in 1977 can be fixed remotely from Earth." ― Brian Cox
Kornfeld Eliyahu Peter wrote:
It WAS signed - with the wrong content in it...
Well that changes everything, doesn't it? You wrote: > a securitiy update file came out all zeros after download I'm thinking "after download" is wrong; this infers that the file got corrupt in transit and no longer matches the source - and the signature would confirm that. If, however, the file contained all zeroes (and was signed like that) *before* the download, *and* the downloaded copy matches the original, then the problem is a bad file that a signature check will confirm to be okay. In that case, there's something wrong with the process that allowed the file to get signed without first verifying its content (somehow).
-
Kornfeld Eliyahu Peter wrote:
It WAS signed - with the wrong content in it...
Well that changes everything, doesn't it? You wrote: > a securitiy update file came out all zeros after download I'm thinking "after download" is wrong; this infers that the file got corrupt in transit and no longer matches the source - and the signature would confirm that. If, however, the file contained all zeroes (and was signed like that) *before* the download, *and* the downloaded copy matches the original, then the problem is a bad file that a signature check will confirm to be okay. In that case, there's something wrong with the process that allowed the file to get signed without first verifying its content (somehow).
dandy72 wrote:
there's something wrong with the process that allowed the file to get signed without first verifying its content
Exactly. They blamed it on a bug in their QA software.
The difficult we do right away... ...the impossible takes slightly longer.
-
dandy72 wrote:
there's something wrong with the process that allowed the file to get signed without first verifying its content
Exactly. They blamed it on a bug in their QA software.
The difficult we do right away... ...the impossible takes slightly longer.
When QA itself is being automated, you have to ensure your tests can anticipate the unpredictable, no matter how unlikely. That's a tall order. And a terrible idea all around. I mean, was anyone who installed that update unaffected? If it's a 100% crash rate, then CrowdStrike has a lot to answer for, starting with, how was it unable to detect the problem before it got released to the world?
