Microsoft Crowdstruck
Networked security theatre
Published: 2024-07-21
On Friday 2024-07-19 a few files, a few bytes, were distributed by Crowdstrike to their customers. These bytes were intended to continue to secure their customers' computing systems from being used by unauthorized persons. Technically, they were successful because nobody could use the systems which had updated. They had entered the dreaded Microsoft Blue Screen of Death [BSOD] loop.
The problem, as many people in the West discovered, was that these computers and the authorized people who used them on a normal day were providing important services, some of which were critical. Emergency services, air traffic control, hospitals, electronic commerce and more were variously disrupted across the west from Switzerland to Australia.
Crowdstrike, the company behind the "security" software, has suffered from the market. Its loss of over 20% of its stock price will not magically put the planes back in the sky or resuscitate people who could not receive emergency services.
"What We Know About the Global Microsoft Outage" [NYT]
The NYT article on the "cyber incident" came with a title which prompts a few questions. The first is why would one put "What We Know" at the beginning of a title? Or, why don't they put "What we don't know" at the beginning of all of their other articles? "What we know" is MSM code for "We don’t know anything either, but are trying to work something out". The admission is that journalists do not understand computing, which is a pretty sorry state of affairs given the gravity of what just happened.
But, that's reasonable, right? Why should a few files for an application (an "app") cause the entire operating system ("Microsoft Windows (TM)") to enter the dreaded BSOD loop? Why the hell does "Windows(TM)" still have a BSOD loop?
The proximate cause of the downing of hundreds of airplanes, banks not working etc. etc. was a few files from Crowdstrike, but the NYT stuck "Microsoft" in their title. The reason for this is that Microsoft, just before the Crowdstrike mayhem, had a service issue with their "Office 365" virtualized service. The experts at the NYT had assumed a causation when there was only correlation, but serendipitously, as we shall see, they landed a home run.
First, lets take a closer look at Crowdstrike.
The scope of the damage to services across "the West" gives an understanding of the size of Crowdstrike's customers and from this the size of their income. That which is patently obvious is that Crowdstrike does not do the minimum required in software release testing. How important this is, and thus how cavalier Crowdstrike's behaviour was, is evidenced by the damage done. Crowdstrike, whatever their marketing literature says, does not do even the minimum of "best practice" in software development. Their security software is security theatre.
That which should also be obvious is that Crowdstrike don't use their own product, else they would have spotted the problem before foisting it on their customers. But, and this is where things get more interesting, the people who are developing Crowdstrike’s products, and the sensor platforms from which they obtaining their "secret sauce", dont use Microsoft either. Let that sink in.
The reason for this is also exposed in the incident. A few files for an application put the "operating system" into a BSOD loop. This informs one that Windows is not an operating system. It is an application launcher.
Experts may say that I am splitting hairs with that statement. But, the evidence is overwhelming to support the assertion. The operating system which runs the vast majority of the world's computing, from micro-devices to every piece of networking equipment which runs an operating system, to the largest cloud computing, high performance, Big Data, clustered computing is GNU/Linux.
The reason for this is not that GNU/Linux is often free (as in beer). The reason is because GNU/Linux is free (as in speech). It empowers one to control what it allows and does. With that empowerment people choose stability. There is no BSOD loop for GNU/Linux. The reasons for this are twofold: GNU/Linux is an operating system and the developers of the kernel and the majority of the software available in the packaged software repositories for the GNU/Linux distributions are rigorously tested.
To avoid all of the technical description, one can jump directly to the philosophical. Software is written in a programming language (code). If you cannot obtain access to the code then you cannot possibly know what it does (and potentially fix problems with it). This understanding was best summarized by Richard Stallman: if you don't control the code, its controls you.
This is the fundamental problem with proprietary (closed source) software. The global outage on Friday was caused by a closed source "security" application running on a close source application launcher, "Microsoft Windows(TM)", which is fundamentally unstable. The "Windows" application launcher is so crappy that the people who develop the issued software update dont use it. The sales department might. The developers dont.
Returning to Microsoft, they had a problem with their "Office 365" product. The product is a problem in itself. Without a network connection, there is no "Office 365". There is nothing. There is no fallback. Without a network, there is is no Office 365. Provisioning a productivity suite via the Internet would not be possible if networks actually used Microsoft Windows. They would not be stable enough to generate the trust required to have entire national economies sitting on them.
Let that sink in. Then think about where your data is.
From RussiaGate, with Love
Back in the day one of the biggest BSOD type threats came from an email with the title "I Love You". These days it comes from a firm who assisted the Clinton campaign via the FBI in running a 4 year psyop called "RussiaGate". The proper title for the election rigging psyop is HillaryGate.
Disclaimer:
I have not used a Microsoft "Operating System" by preference, ever. The 12 year old laptop on which this article was written is running Fedora Core 39 with the 6.9.8 GNU/Linux kernel.
$ sha256sum vmlinuz-6.9.8-100.fc39.x86_64
c90c8d0ea382f68a2441a61f1576265b61d1354dea97e785d5a6a95022e1c013 vmlinuz-6.9.8-100.fc39.x86_64
or support this work via Buy Me A Coffee or Patreon.
Sources
What We Know About the Global Microsoft Outage, Eshe Nelson and Danielle Kaye, NYT, 2024-07-19
What we know about CrowdStrike’s update fail that’s causing global outages and travel chaos, Zack Whittaker & Lorenzo Franceschi-Bicchierai, TechCrunch, 20224-07-19
CrowdStrike code update bricking Windows machines around the world, Simon Sharwood, The Register, 2024-07-19
CrowdStrike shares sink as global IT outage savages systems worldwide, Connor Jones, The Register, 2024-07-19
CrowdStrike Further Tainted By Worldwide Crash, Ray McGovern, Consortium News, 2024-07-20
Copyleft: CC0
God bless you.
Gates is a virus spreading villain, likely a pedo (associate of Epstein and frequent flyer)
I have shared your disdain for him and his cancerous OSs since the 90s.
God help be rid of him and his ilk. Look to the Gates family, CSH Labs, Eugenics and PPoA
So much evil in one family. A plague on humanity.