[Discuss] CrowdStrike Fiasco
markw at mohawksoft.com
markw at mohawksoft.com
Mon Jul 22 15:20:07 EDT 2024
> On 2024-07-22 10:23, Dan Ritter wrote:
>> Rich Pieri wrote:
>>> While the CrowdStrike (not to be confused with CloudFlare) fiasco
>>> Friday affected millions of Windows computers, Linux is not immune to
>>> such an event. I'm not familiar with CrowdStrike Falcon, but my
>>> employer uses competing PaloAlto Networks' Cortex XDR. It's a similar
>>> service with similar capabilities, and there are Linux endpoint
>>> packages. These hook themselves into the kernel at a low level via
>>> modules so they can do things like isolate individual machines when
>>> they exhibit suspicious or malicious behavior.
>>>
>>> They also could, with the right -- or wrong -- updates, crash or hang
>>> the kernel at startup.
>>>
>>> Recovery under such conditions would be nearly identical to the process
>>> that 8.5 million Windows computers are undergoing: boot some form of
>>> recovery media, mount the filesystem where the endpoint software or
>>> data are installed, delete or replace the relevant files, and reboot.
>>
>> In fact, CrowdStrike Falcon has a Linux version; it also
>> requires a kernel module; and it exhibited a similar -- but
>> different crash back in March.
>
> I wonder if their QA department is hiring.... Dan G
Just like when George Kurtz was CTO at McAfee in April 2010 and a very
similar issue happened that diabled millions of Windows XP system that
also required manual repair. Soon after, McAfee went south and was bought
by Intel.
A year later George Kurtz started crowdstrike in 2011. Now in 2024,
crowdstrike did the same thing. How long do you its going to survive after
this?
>
> _______________________________________________
> Discuss mailing list
> Discuss at driftwood.blu.org
> https://driftwood.blu.org/mailman/listinfo/discuss
>
More information about the Discuss
mailing list