God, I love Read-only Friday where nothing bad ever happens before the weekend.
Speak for yourself. I am preparing for a high school camp on Monday and all our sound system isn’t working. Stupid proprietary crappy sound boards.
Bless your heart.
https://www.abc.net.au/news/2024-07-19/what-is-crowdstrike-outage-explained/104120260
This has happened and taken a bunch of services down around the world.
What a garbage.
Just use Linux, SELinux, strong sandboxing, repositories, nonexecutable home directories, strong access control, offline backups.
How about a testing environment separate from production
and phased rollouts …
And my axe
I watched a ocean of computers go dead on the floor because I couldn’t convince the sysadmin to do exactly that when pushing a major change.
Any more details?
This sounds like the setup to a fun story.
I’ve found it funny how many people think they need to defend windows by saying " this could’ve happened to Linux too!!"
Okay, sure. Yeah you’re right about Linux being just as insecure as windows too 😉
I think people are missing the point here. The biggest problem was not that the update was bricking the machines, that could’ve happened to Linux/macOS/BSD etc. The problem is that the solution to the problem is to MANUALLY access the machine, get into safe mode and type some commands. This is insane. And you should be able to EASILY disable automatic updates for apps like that on Windows Server.
I dunno, I’d say them deploying an update that bricked machines at the scale they did shows they didn’t test it very well at smaller scales. They could have even still used their users as beta testers, just needed to do a subset of them first.
Crowdstrike exists for Linux. Are their reports their update affected Linux servers? I have not read that anywhere.
Yeah but 14th Gen Intel CPUs are still failing regardless of your OS.
Proudly an AMD user for 25 years now :)
Even bulldozer?
not familiar. Their processors tend to last me ~5 years so it’s not like I bought every model available
Nobody but the most hardcore AMD enthusiasts used Bulldozer. The 2010s was a tough decade for AMD, to say the least. It wasn’t until AM5 came out that I finally switched back to Team Red. Got too used to LGA sockets.
I still don’t know why they thought sticking with PGA was a good idea… The amount of processors that were ripped out of their sockets is insane
Something similar did happen on Linux clients with CrowdStrike installed not too long ago lol
To those many Linux users who took a look at their circumstances and said “I definitely need antivirus software!”
CrowdStrike does more than anti-virus and yes enterprise Linux installations need a lot of security controls that average Linux users don’t need.
Ok fine simps, Linux is exactly as shitty as windows this was totally only a coincidence
Bruh, I’ve used Linux for over 10 years. I run Arch on my laptop and have a homelab powered by Proxmox, Debian, and OPNSense. I don’t run any AV in my lab but do follow other security practices.
At work it’s a different story. Products like CrowdStrike also collect logs, scan for vulnerabilities, provide graphing and dashboarding capabilities, provide integrations into ticketing platforms for investigation and remediation by security teams, and more. AV is often required because Windows users can upload infected files to Linux-run SMB shares. Products like CrowdStrike often satisfy requirements set by cybersecurity insurance.
This is not simping, this is not Linux vs Windows. You just clearly have no experience in the enterprise Linux space and business security requirements.
Sounds a bit like its a bad idea to install CrowdStrike regardless of the system 🙃
checkbox compliance – companies are required to have something in place that checks the box so they can pass the audit
lol yeah that’s a glowing review.
“Oh, we can fuck other shit up too!”
Anything to defend windows
Noone needs to defend Windows. We need to defend the truth. And the truth is that this was not a Windows issue. It’s a Crowdstrike issue.
Windows being an insecure shit show is no one else’s fault though. Not sure why that draws an argument. It’s well known
True. But nothing to do with this incident. That’s the point.
Just another boring day on Linux huh
Time to go to BSD!!
Someone should create a distro called FreeBSOD
Na, nothing. Did an update today. Nothing bad happened at al, Because why would it?
Firefox kept crashing because of explicit sync. Nothing new for an nvidia user such as myself. Still never going back to xorg.
Oh sweet not just me then! Hoping this one gets fixed soon
The new nvidia driver has explicit sync, wayland perfect for me since I updated it a week or so ago.
Yes it was perfect in Wayland till yesterday when I updated and fire fox started crashing with explicit sync errors
wuh oh, I haven’t updated in a while, only a couple times since the explicit sync fix and I haven’t had any issues. I was just planning on doing that today though…
Set MOZ_ENABLE_WAYLAND=0 before starting Firefox and it doesn’t crash anymore
Thanks! If it gets annoying I’ll give it a shot.
still read “unattended updates” as “unintended updates” …
Windows does both
It doesn’t. It will require you to reboot for every god-damned line of code that has changed.
I swear I heard my PC wake up in the middle of the night on its own several times, back when I used to run W10 on bare metal - god knows what it was doing
Mine would wake up and go into my kitchen and eat my Cheetos and drink half of my vodka.