The IT world is going crazy

Welcome to Wondercafe2!

A community where we discuss, share, and have some fun together. Join today and become a part of it!

Mendalla

Happy headbanging ape!!
Pronouns
He/Him/His
So the short version is that a security vendor called Crowdstrike released an update to their product that had a bug in it. And that bug caused Windows to crash with the infamous "Blue Screen of Death" (BSOD for those of us inclined to acronyms). And many large corporations and othe organizations use Crowdstrike as their security vendor. Do the math. Yep, thousands of computers all over the world BSOD'ing because of an update to a product that is supposed to keep them secure. And to top it all off, Microsoft's cloud (Azure is the product name) had problems, possibly related, and a lot of large organizations have critical software and websites hosted on Azure. So a bit of a perfect IT storm. Flights canceled, hospital systems down, and so on. Lots of critical IT infrastructure down.

There is no impact on WC2, by the way. We use a small Canadian hosting company and our host runs on the Linux operating system, not Windows.


 
We woke up to the Kelowna CBC station this morning. Apparently most of the morning shows in the province were affected. The Vancouver show got online at 6:30.

I'm sure glad I'm not flying, especially in the US today.
 
Is this more hypo the et*ics or more emoted hype as folk do tend to get urged that way by AD dead sects to marketing ... just to reap something, or other from the other 98-99%.

Life is ruagh as the wayward winds and Aris ... expect dirt to take fey routes and Rhodes ... it flies!
 
I'm sure glad I'm not flying, especially in the US today.
My boss is in the UK. Just got off a cruise and flies back on the weekend. And has board meetings to attend next week.

Hadn't realized CBC had been impacted themselves. They're where I first heard about it. I heard that Skynews and Australian Broadcasting Corporation got hit.
 
Sounds like a crappy recovery path.
Yeah, I'm glad we aren't affected. Apparently you have to reboot 15 times or something to get past the Crowdstrike issue. My help desk is down one due to a vacation, too. The guy who's away pinged us on Teams to report that his hotel was on pen and paper when he checked out this morning.
 
Island Health and Northern Health, two of the six health authorities in BC have posted announcements on FB saying the BC health system has been affected and they're working on contingency plans to avoid impacting patient care.
 
Ontario Health atHome offices (the new name for the home care organizations in Ontario, formerly CCAC/LHIN/HCCSS) have been asking about our situation. I have not heard of any major healthcare outages here but I'm mainly plugged into the home care end of things and tend to hear about hospitals and primary care via partners and referral sources.

EDIT: UHN and other Toronto hospitals are affected, causing delays but no closures or cancellations. I would suspect similar for other hospitals but have not heard anything.

EDIT2: CBC London reports local hospitals and the health unit are unaffected so far.
 
Last edited:
xkcd isn't usually this on the spot with its cartoons, but Randall nailed this one.

crowdstrike.png
 
Imagine a sol that works all the time ... autonomous neural? Beyond that a part that takes a break ... an abstract factor ... Pi Bald ...
 
Still hearing reports today, though mostly quieter. Even with fixes out from Microsoft and Crowdstrike, it's a fair bit of work for guys like me to apply them and deal with fallout. US airline Delta seems to be the hardest hit of those places still having issues. Another 700 flights cancelled today. Apparently it seriously messed up the software they use for tracking air crews.


Interestingly, China dodged the bullet. They mostly use domestic security software and clouds so neither the Crowdstrike nor the MS issues affected many organizations there. Economic nationalism has its benefits.

Crowdstrike stock remains down about 12-13%. The CEO still has his head at the moment though I imagine that could just be a matter of time.
 
Still hearing reports today, though mostly quieter. Even with fixes out from Microsoft and Crowdstrike, it's a fair bit of work for guys like me to apply them and deal with fallout. US airline Delta seems to be the hardest hit of those places still having issues. Another 700 flights cancelled today. Apparently it seriously messed up the software they use for tracking air crews.


Interestingly, China dodged the bullet. They mostly use domestic security software and clouds so neither the Crowdstrike nor the MS issues affected many organizations there. Economic nationalism has its benefits.

Crowdstrike stock remains down about 12-13%. The CEO still has his head at the moment though I imagine that could just be a matter of time.
Maybe a stupid question, but would things like the military, govt or alerts be affected?
 
Maybe a stupid question, but would things like the military, govt or alerts be affected?
I've heard of government departments being affected but don't have examples handy. I know the US border patrol was having issues on both borders. I doubt the military themselves would use something like Crowdstrike but even if they did, they wouldn't admit it until well after the fact. Makes a tempting target.
 
I've heard of government departments being affected but don't have examples handy. I know the US border patrol was having issues on both borders. I doubt the military themselves would use something like Crowdstrike but even if they did, they wouldn't admit it until well after the fact. Makes a tempting target.
I would hope they're on their own system, but I didn't know.
 
I would hope they're on their own system, but I didn't know.
Most governments use off-the-rack software. Too expensive to maintain their own dev operations when most of the time, they just need the same software as businesses, even for security. Exceptions would be the military, law enforcement, and intelligence/counter-intelligence who have specialized needs and high security requirements and even they have commercial vendors that specialize in the kind of software they need (e.g. Palantir).
 
Chaos rejuvenates itself as it imposes on the improperly understood ... the state we're in as we cannot control the ultimate ... this is ultimately beyond us considering the state we're in defensive towards ideas that are ultimately beyond us given the greatness of the ultimate sole ...

Disturbing? Potentially caused by our own effect on the great alone as ide is out of play! Such is psyche items compared to emote ... thus un encompassed ... disentangled and free ranging ... mostly bugs ...

Powers deny bugs as it would look bad for perfectionists and thus translate to buggees ... I've heard that bold word used variably! Thus many Eric's are bugged by the former object that become subjective in firm rules of literary nature ...

Ever listen to Eric the Awful drift 'n over isles and dales ... right up there with Ahab the Arab as dry ... ari 'd? Alternate conversion process ... a long story ...
 
Last edited:
Recent news on this front:
 
Last edited:
From a "how does this stuff happen, it is because people ignore things, dismiss things, don't listen, don't test, etc.

I have two bug reports that fit this mode.
One is with a large company that should know better. They said something wasn't a bug to be fixed. I argued the point, politically and via back channels until such time as I got fed up, and took it to their open forums. They finally agreed it was a bug. Their disclosure re impact was a challenge for some of us, but, at least they agreed it was a bug. Took a bit longer for them to agree to fix it. It required escalation to appropriate parties and again back channels. It was fixed recently (i haven't tested). I'm sure it was somebody in the back who had no clue what it meant to governance that you couldn't rely on a very basic functionality to work. Again, this is a big company.

The second is a small company, but impacts consumers around the world. In theory, I can remove anyone from a group by just doing a couple of url's.
It's silly. I've been trying for months to get them to at least stop the messaging of blaming users for there removal from groups. I have been relatively calm about it, and attempted to protect our team ;however, again, people who don't test, who don't listen, who don't understand basic security have left a flaw in their software which could impact access for everyone.

I get tired of it.
 
Back
Top