this post was submitted on 24 Jul 2024
40 points (95.5% liked)

Cybersecurity

5731 readers
121 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 1 year ago
MODERATORS
all 10 comments
sorted by: hot top controversial new old
[–] [email protected] 19 points 4 months ago (2 children)

Wouldn't any internal testing have cought this issue at CrowdStrike?

[–] [email protected] 16 points 4 months ago (1 children)

A smoke test, aka turn it on and "see if it catches fire," would have caught this.

[–] sugar_in_your_tea 14 points 4 months ago

And a controlled rollout would've limited the damage.

[–] [email protected] 10 points 4 months ago

Yes. Why would anyone trust Crowdstike after this? They’ve ignored foundational deployment steps.

[–] boydster 13 points 4 months ago

But will you try actually installing the update on a machine or 50 to see if you bork things horrifically?

Crowdstrike: "We are really focused on unit testing right now"

I probably misread it, don't mind my grumbling, rabble rabble rabble

[–] kid 5 points 4 months ago (2 children)
[–] sugar_in_your_tea 6 points 4 months ago (1 children)

Local developer testing

Hmm, didn't think of that one...

staggered deployment strategy

Also a novel idea...

It's like they're catching up to best practices from 10 years ago, good job team!

[–] [email protected] 3 points 4 months ago

Listening to literally any sysadmin would have had these practices already in play.

I wonder if any are in the building, of if it's all devs and "platform engineers."

[–] [email protected] 1 points 4 months ago

Systems in scope include Windows hosts running sensor version 7.11 and above that were online between Friday, July 19, 2024 04:09 UTC and Friday, July 19, 2024 05:27 UTC and received the update.

Definitely incorrect. My machine was powered off by physical switch at that time. It was powered off at 17:00 the day before and powered up at 08:00 CEST / 06:00 UTC and promptly bluescreened.