CROWDSTRIKE is a DEMOCRAT COMPANY! I sure hope only Democrats USE it!!
Excellent thread. Spent over forty years of my life playing software engineer.
error handling is a thing.
However, now I know, Thanks again.
Never be the first to download an OS, or any update, or new whiz bang software.
It was not a mundane detail Michael.
Keep in mind not every Windows system used Crowdstrike Falcon. In fact, it really was/is an enterprise-level tool.
There are many to chose from including:
• Cynet
• ESET Endpoint Security
• Trend Micro Apex One
• Symantec Endpoint Detection and Response
• Stormshield Endpoint Security
• CrowdStrike Falcon Insight
• Cybereason Total Enterprise Protection
• Malwarebytes Endpoint Protection
• Panda Endpoint Protection
• FireEye Endpoint Security
• Comodo Advanced Endpoint Protection
The one used the most is Symantec.
Falcon Pro is about $99 per endpoint and Falcon Enterprise is $190 per endpoint (both are annual subscriptions)
So they came out with a workaround which required booting into safe mode and then deleting a sys file. Now, I was on vacation at the time and my company or personal stuff wasn’t affected, but here were the problems I immediately thought of in the workaround. I use hotel front desk clerk as an example because I was affected on the drive home when my hotel couldn’t make door key cards and had escort us and unlock our hotel room door with a master key.
Some of you way smarter folks can perhaps tweak my understanding of this wherever you’ve seen I’m going wrong:
1. You’re not going to be able to “remote into” a failing computer since it’s in a BSOD/boot loop. Gonna have to fix on site. You’re either going to have to:
a. Travel to the site and fix computers one by one.
b. Overnight and ship a new computer with the fix applied.
c. Talk a user through the workaround via phone.
2. Hard enough for ME to remember how to boot into safe mode let alone some front desk clerk at a hotel or manager at a bank. So good luck getting a non IT employee to boot into safe mode for you.
3. I believe once you boot into safe mode you’re going to need a local admin password for that machine. How many remote IT departments are going to let THAT one out over a phone call with a front desk clerk at a hotel. Most will guard that admin password with their lives.
So, assuming your IT support is remote rather than inhouse, you’re going to be dispatching a bunch of techs or shipping a bunch of systems all over the place for a while.
Am I getting this generally correct?
yeah. a domino server crash doesn’t entirely explain why some of these companies have been down for days. but hey if you hire an IT company named ‘crowd strike,’ and let it install stuff across your enterprise without vetting, as an engineer, i don’t have much sympathy for you.
Putin and Xi laugh and take notes.
Wasn’t crowdstrike a huge part of the Clinton email scandal?
You’d think Microsoft would know something about rolling out software updates...err..wait...
Society keeps being told how wonderful is the very latest computer technology, while the world-spanning size of crashes and hacks keeps getting larger and larger, not to mention the human data and financial theft and scams keeps growing as well, far beyond the scale of snail-mail theft and scams of the past.
I suspect that secret pre-release testing showed that the release would function
exactly as planned, with exactly the effect that resulted.
Because it came from “Cloudstrike”, and with such timing.
In other words... test in a closed environment. DEI strikes again.
Somebody @ Crowdstrike is soooooo fired.