In my earlier video,
Global IT Outage: What it means for you, I discussed the outage caused by CrowdStrike's wonky update.
Since the publication of that video, I've read a fair load of nonsense.
It's Microsoft's fault! It's the European Union's fault! It's the fault of everyone else
except CrowdStrike.
Well, no.
Microsoft's Fault? On the day of the Big Crash, mainstream media was falling all over itself to declare the issue a "Microsoft bug". One problem: That's total nonsense. Not sure why I expected anything less from the good old MSM...
Now, regular readers know that even though I offer many solutions to MS-related techie issues, I'm no raging fan of Microsoft. I use Microsoft software because, as a techie, I happen to support a community of users who all use Microsoft's products.
So, it wouldn't be very productive or even
nice of me to choose linux or Mac for myself and just leave all those Windows users in the ditch.
But let's be perfectly frank: In recent years, the quality of MS software - and specifically their updates - has been sorely lacking. However, it wasn't Microsoft's update that crashed 8.5 million computer systems around the world. That gold medal goes to CrowdStrike.
Some say that, well, the problem is that MS shouldn't allow kernel-level code to run in their OS. To a degree, they have a point. MacOS, for example, doesn't allow that, and so their systems are seen as more stable.
MacOS is also infamous for being so tightly locked down in every way that power users like me really can't stand it.
Furthermore, let's remember that many other bits of software are out there doing super-core-OS-level shenanigans, and they haven't borked millions of PCs recently. It's not like CrowdStrike's Falcon is the only app in the world that uses a kernel-level driver. Heck, some
games include a kernel-level driver to prevent cheating!!
Nvidia didn't crash 8.5 million key puters. Neither did
Kaspersky, or
Avast, or
Malwarebytes. Again, that distinction goes to CrowdStrike -
and CrowdStrike only. Even if CS should have used a Windows security API instead of kernel-level code, why on Earth should I condemn Microsoft for a problem
caused by CrowdStrike?The European Union's Fault? Next, we hear it's the EU's fault.
The EU has gifted us with many exciting and innovative technical solutions, such as the GDPR, endless cookie prompts, and so on.
Every single one of these "innovations" were based on actual good ideas. The problem was that the people implementing them are most certainly
NOT technically inclined. They're a bunch of politicians pretending that they understand the complex nature of technology.
For the most part, they're just regular people trying to do good things (like protect privacy) but in seriously idiotic ways.
When confronted with the reality of the situation they created, naturally they won't back down because they like their cushy jobs.
In any case, it has also been suggested by many that the EU is at fault because Microsoft's OS allows kernel-level mojo. That's completely absurd.
There's an EU law that says MS must give security companies the same low-level OS access that its own security software (i.e. Defender) has.
Without going into the details of Windows development going back to the days of Windows NT and Windows 3.11, let's just say that MS made design decisions that - most of the time - actually work pretty well. None of that
really had anything to do with the EU. In fact, MS apparently never balked about allowing kernel-level access before now! Neither did anyone else as far as I can remember. It's understood by developers and MS alike that if you include a signed kernel-level driver, you darn well better make it good because if not, your app will blue-screen everyone's puters.
Again, security software
benefits from core OS-level access to do what it does
well. To me, this is simple common sense. And again, endless discussion of API vs kernel-level access to OS inner workings is just a giant distraction from the core issue: CrowdStrike issued a shite update that wrecked 8.5 million puters. That's it! There's nothing else to understand here.
Here's an idea: Hey, CrowdStrike! When Falcon loads up an 'update', how come it doesn't actually
check that update - to make sure that it's not, oh I dunno, maybe a file filled with all zeroes -
before it applies the update?? What a brilliant idea, eh?!
But, but... If Windows was secure, you wouldn't need CrowdStrike! Indeed! And if wishes were horses, beggars would ride. Or... something like that.
Windows also happens to be seen as "less secure" because it is easily the most attacked operating system. Some even say that's by design/cooperation with old-school antivirus software makers - but, I digress.
But really, this is simple common sense: If I'm a hacker trying to steal money and wreck things, naturally my Target #1 will be the most widespread OS that controls the most 'stuff' and has the most users.
Statistically, I'm more likely to succeed at my nefarious mission if I choose a really big, dynamic, complex target audience.
You might have noticed that incidences of malware hitting mobile OSes are far higher in Android than iOS. Now we're not even talking about Microsoft anymore; we're talking about Google vs Apple. And again, Android is hammered far more than iOS simply because the installed pool of potential targets is ENORMOUS when it comes to Android.
In certain respects, iOS and linux and macOS ARE more secure... But do a simple search for known exploits of those OSes that have been patched, and the list reads like a summary of Windows security boo-boos. What's more, many security patches on non-Windows platforms have historically taken months or even
years to be pushed out to end user devices. So much for being more secure!
The Exciting ConclusionSo no, the global IT outage was not Microsoft's fault. It wasn't the EU's fault. It was also not your grandmother's dog's fault.
The fault of the IT outage was CrowdStrike's crap update. Period, end of story. So where's the backlash? Why is everyone trying to blame MS, the EU, and anyone but CS? That doesn't make sense. Unless...
We have the fact that an FBI guy is directing the show at CS. We also have CrowdStrike's past involvement in the 'Russian hacking'/DNC debacle. And then we have the recent report declaring that
many local American police officers no longer trust the FBI because they apparently feel the FBI is
politically biased.
Well, duh.I confess I am not a Windows programmer. But I
am a programmer, and I can see obvious nonsense from a mile away. I said in my video, and I think it bears repeating here:
Either someone at CrowdStrike was very seriously incompetent, or the update was maliciously pushed - IOW, CS was hacked. Note that while everyone is discussing
ad nauseam who's fault it IS NOT (CrowdStrike's), no one has even mentioned a hack attack again...
Well, we wouldn't want to compromise our complete control over much of the rest of the world's key IT systems, now would we? Hang on, now! That's a conspiracy too far, right...?
Right?!
Reader Comments
Top spook programmers don't make howlers like this. IMO, there was a target or a number of targets on the list of 8 million. Or perhaps a kill switch was being tested? The reason is yet to present itself but i'm sure it will in due course. It's easy to pass this thing off as a mistake.
thinking on this , maybe when >they< failed to remove their up-till-now asset (wishful thinking) , they did not shut down everything for the chaos effect because of that failure .
in light of the stock of Truth Social and Rumble being shorted (and then somehow were able to retroactively pull back on that bet , wtfh) , maybe they had a complete internet shut down to increase the chaos planned .
if he would have been taken out , they would have flooded the television airwaves with the shot like the twin towers... ad nauseam , so there was no room for speculation or theories on the only available media .
it is good to see crowdstrike tanking [Link] to 2023 Dec. valuation .
hopefully will be reduced to a penny stock .
i miss Futurama .
In my view, it was a test run of Klaus's cyberpandemic. Who was down, who wasn't? What did it impact? How long it took to recover?
The most interesting to me were the Maricopa election servers.