So as we all know on the news, the cybersecurity firm Crowdstrike Y2K’d it’s own end customers with a shoddy non-tested update.

But how does this happen? Aren’t there programming teams and check their code or pass it to a quality assurance staff to see if it bricked their own machines?

8.5 Million machines too, does that effect home users too or is it only for windows machines that have this endpoint agent installed?

Lastly, why would large firms and government institutions such as railway networks and hospitals put all their eggs in one basket? Surely chucking everything into “The Cloud (Literally just another man’s tinbox)” would be disastrous?

TLDR - Confused how this titanic tits up could happen and that 8.5 Million windows machines (POS, Desktops and servers) just packed up.

  • Railison@aussie.zone
    link
    fedilink
    English
    arrow-up
    3
    ·
    4 months ago

    Could a solution to this be any of the following:

    • Windows performing automatic driver rollback in the event of it reaching an unbootable state
    • Software vendors pushing out updates to a smaller pool of endpoints and monitor for heartbeat for 30 mins or so before releasing for all endpoints
    • A way for windows to expose the relevant data to trusted software without the software needing to operate in kernel space
    • Match!!
      link
      fedilink
      English
      arrow-up
      5
      ·
      4 months ago

      “Could a solution be any amount of basic sanity in software architecture” yes probably