back to article House to grill CrowdStrike exec on epic IT meltdown... no, not the CEO

Crowdstrike is to be hauled before the US House Homeland Security Committee this month to explain why its faulty software update - the one that took down millions of computer systems worldwide - ever happened. Crowdstrike logo over a falcon CrowdStrike hires outside security outfits to review troubled Falcon code READ MORE …

  1. Anonymous Coward
    Anonymous Coward

    Juxtapositions

    Andrew Garbarino said: "..... It's important the public and private sectors work together to mitigate risk going forward"

    and

    "Microsoft plans to hold a security summit in September ..... but the press isn't invited."

    Then

    "Mark E Green said: "Considering the significant impact CrowdStrike's faulty software update had on Americans ....." - yes, I know Homeland Security is to do with the USA but the rest of the world is "out there" and sure as eggs is eggs the USA interacts with it.

  2. Paul Herber Silver badge
    Joke

    Crowdstrike are being provided with staff and technology as part of Microsoft's software testing consultancy.

  3. mikus

    Blame Microsoft, not Crowdstrike

    The reasons all AV software is so fragile is that to protect Windows as a perpetually insecure operating system with new exploits found weekly, and they can only protect so closely to the OS kernel that runs the entire thing before they end up destabilizing it accidentally as we saw. Even when they orgs use endpoint security on Windows, it's still not a guarantee to protect the OS and users. Almost every security software has had their Windows enterprise-breaking moment they've done the same prior, only now with the market dominance of Crowdstrike among enterprises, it was far more pronounced.

    At this point enough windows source code has leaked over the years or employees leaving after having been exposed to it, and with Microsoft being hamstrung by billions of lines of legacy code across 3 decades no one even remembers now, it is no wonder how easily found new zero-day exploits are still today.

    If you want secure computing, you should start with pretty much anything BUT Windows. You can only blame yourself otherwise.

    1. Anonymous Coward
      Anonymous Coward

      Re: Blame Microsoft, not Crowdstrike

      See the coverage on Dave Plummer's youtube channel (Dave's Garage) - he highlights just how stupid their system is. As a former MS systems programmer he's likely right and these tech-bros are wrong.

    2. Pascal Monett Silver badge

      Re: Blame Microsoft, not Crowdstrike

      And your opinion on AV software for Linux is that Linux is also perpetually insecure ?

      I hate to defend Borkzilla on any point, but saying that it needs AV software because it is insecure seems a bit simplistic to me.

      1. goblinski

        Re: Blame Microsoft, not Crowdstrike

        Ditto. I don't see how Linux or OSX would be better protection against ransomware. If anything, the false sense of safety would be the most dangerous part.

    3. heyrick Silver badge

      Re: Blame Microsoft, not Crowdstrike

      Yes, Windows has problems. But, you know, data input validation is something that concerns all of us. You just can't write shit and expect the OS to tidy up around you, especially when you're finagling deep within the OS so have even more responsibilities.

    4. Glen Turner 666

      Re: Blame Microsoft, not Crowdstrike

      What Crowdstrike was doing -- intercepting system calls and analysing combinations of those for malware behaviours -- was innovative. Thus there were no operating facilities, and a hack to use a device driver to gain access into the kernel of the operating system had to be used. That device driver would offer functions to loadable programs which did the sensing and analysis -- an architecture not too different to IBM mainframe "channel programs" to do I/O, and thus Crowdstrike "channel files".

      But this doesn't let Microsoft off the hook. After this initial period of experimentation, and after creating its own endpoint detection software, there should have been proper operating system support for these sensors and analysis. Then the device driver -- with its excessive access, and a security issue in its own right -- could be replaced.

      Offering a operating system facility would also have removed the largest problem with channel programs: the need for their runtime not to fail, the need for a perfect compiler. Operating system facilities get far more testing, and denial of service opportunities taken far more seriously, than in a third-party device driver. As it is, Microsoft and Crowdstrike have no choice now bit to build robust operating system support, because every item of malware is going to be looking at leveraging endpoint detection and response systems.

  4. Martin Gregorie

    ..and constrained US citizen's world view

    Its surprisingly difficult for Non-USA residents to realise just how small the world-view of the average US citizen can be until you've lived there for a year or so, and to understand that this applies just as much to citizens of cities like New York, Denver and Los Angeles as it does to people living in the midwest states, Texas, West Virginia, etc.

    In my opinion this limited world-view is largely the due to the limited coverage of almosy all news sources in the USA. Simply put, there is very little foreign news in newspapers and on TV 'News' and radio stations. Throughout the country: indeed, in many states news coverage doesn't extend as far as neighbouring states unless there's a juicy murder or disaster happens there.

    Back in the mid-70s I spent a year working in New York: even there the news on local radio and TV stations was about 95% sports and local news and there was nothing but local coverage in any of the papers apart from The New York Times. Even national US news coverage seemed to extend no further than the state-level Presidential Election razzmatazz: I was there in the year that Ronald Reagan was elected and found the coverage of that very difficult to miss. Middle Eastern, i.e. Israeli, events would be reported, largely to the large Jewish population in NYC, but there was very little non-US news apart from this.

    One of my best friends there, another free flight model flier, had never taken a holiday outside the USA despite having done his National Service in Germany before Vietnam kicked off. However, he and his wife did visit Britain and Europe around 2000: AFAIK this was the only foreign holiday he ever took.

    If you keep the lack of world news coverage within the US of A in mind and combine it with the general lack of news about other US states you'll not be surprised about what the typical US ciiizen doesn't know about the world outside the state he lives in.

    1. Anonymous Coward
      Anonymous Coward

      Re: ..and constrained US citizen's world view

      Your comment is 100% true but could have been somewhat shorter if the following was taken into account.

      The US of A view is that the world *IS* the US of A, with this *truth* you can understand completely the average citizens point of view and apparent lack of interest in the rest of the world !!!

      This is fed by the knowledge that only the US of A counts, in any argument, and is the only country of importance.

      The US citizens world view is *not* constrained ... just that they have a different definition of the word 'World'. !!!

      :)

    2. Gene Cash Silver badge

      Re: ..and constrained US citizen's world view

      Shoot, even though there are a lot of places I want to visit, I'll never make the huge effort and expenditure required to go to some other country. Heck, I haven't left the state except for a small handful of times. It's a horrible nightmare finding temporary accommodations elsewhere and traveling there and it never ever works out well.

      Traveling by car is a multi-day (sometimes multi-week) horrible slog with other people constantly trying to kill you. Train is ok, but American trains don't actually go anywhere useful. I don't fly, because I don't like getting felt up by TSA goons or having to spend more time at the airport than at my destination.

      Even if we had transporters or stepping disks, you'd still have to find somewhere halfway decent to stay. Fuck that.

      I do have to say I have a bunch of acquaintances and co-workers who are not aware of the war in Ukraine.

      1. Anonymous Coward
        Anonymous Coward

        Re: ..and constrained US citizen's world view

        Not sure if you are 'playing' to my admittedly unfair generalisation or this is the 'truth' !!!

        Either way ... Well played !!!

        :)

    3. Anonymous Coward
      Anonymous Coward

      Re: ..and constrained US citizen's world view

      That seems a touch exaggerated.

      I mean, I haven't been to that many countries, just France, Switzerland, Italy, the Bahamas, and Canada. I don't bother with the TV news, I'm on the net, might as well get my news here. I get most of my local news from a site that started out as a blog, and kind of expanded from there, because the local TV stations are worthless and the local paper is owned by USA Today. I don't have the opportunity to travel much any more, so I watch travel videos from all over the place. There's lots of places I'd like to visit that I probably never will. I've been to about half the states, I'll pass on Nebraska, but I'd like to get to Washington and Oregon, and back to California. I was in Chicago last week, drove through Kentucky, Indiana, Michigan and Ohio, I don't live in any of those.

      But world news is easy to come by, though of course these days it's dominated by Ukraine and the Israeli genocide. I'm here on El Reg, lots of Brit stuff here.

      One guy I know spent a semester teaching in Latvia recently, he does international teaching tours periodically. It's been a while since I've been to NYC or NOLA, but I've been to both, I've seen all 3 US coasts, driven Route 66, and regularly watch a UK Youtube channel about road trips and another about canals. I am handicapped in that I'm terrible at learning languages, I can read French but can only catch a few words if it's spoken, only know a little Spanish, and German is unintelligible to me, but automatic translation that was scifi when I was a kid is real now.

      Maybe my experience isn't typical. But it's also not that uncommon.

      1. Anonymous Coward
        Anonymous Coward

        Re: ..and constrained US citizen's world view

        To be fair, I said average *not* every !!!

        I know there are americans who are the diametric opposite, I have met and worked with *many* !!!

        It is difficult to get accurate/meaningful stats on how many americans have an interest in foreign affairs and/or travel abroad more than once in their lifetime.

        Visiting a country under a military banner *does* count but is not the best way to get an idea of the 'rest of the world' or for a foreign country to get an fair impression of the average american citizen.

        The impression I have got is probably unfair *but* does tend to indicate that there is a sizeable number of US citizens who 'don't care' about anything outside of the americas, in general.

        Whether this is a majority is subject to debate as you can find stats to prove/disprove virtually any proposition ... and as we all know 'stats' can prove anything if you try 'hard enough' and apply the 'correct' level of myopia !!!

        :)

    4. goblinski

      Re: ..and constrained US citizen's world view

      What you describe is proper to pretty much any country which views itself as important on the world (or regional) stage, which is - pretty much any country with a population north of 150-ish million people. It just reaches critical mass.

      Being powerful and being constantly asked for money doesn't help to change the pattern (and I'm not only speaking for the US here). If you allow the population of such a country to stop, take a breath and actually think about what their country is doing in other countries, the whole thing will grind to a halt.

    5. heyrick Silver badge

      Re: ..and constrained US citizen's world view

      Well, there's Russia, the enemy/friend (depending on who you ask). There's "Yerp" where the stuffy old countries are (go on, name four). There's that place with the Arabs and the oil, sorry I mean the oil and the Arabs. And everything else (*) is marked "Here be dragons".

      * - Except New Zealand that may or may not even exist depending on what map you're looking at. But since New Zealand is basically Mordor, maybe it is fictional?

    6. Handlebars

      Re: ..and constrained US citizen's world view

      In defense of Americans taking domestic holidays, is a big place with lots of holiday options.

  5. Anonymous Coward
    Facepalm

    It's like déjà vu all over again Yogi

    Faulty software update can trigger cascading effects on our critical infrastructure

    2010: The Dangers of a Software Monoculture

    2005: The Six Dumbest Ideas in Computer Security

    1. Pascal Monett Silver badge
      Thumb Up

      Re: It's like déjà vu all over again Yogi

      I am bookmarking those links for future reference.

  6. Zippy´s Sausage Factory
    Windows

    Transparency? Redmond's heard of it.

    Only because they were forced to stop relying on undocumented APIs in the 90s. If that had never happened we'd be finding nothing on Microsoft.com except order forms for CD ROMs full of manuals. Want Word help files? $15. Excel? $15. All of Office? $150 on a DVD ROM, and that's at a discount...

  7. Anonymous Coward
    Anonymous Coward

    Must be an election year...

    Better haul someone in for questioning so Congress Clowns can look busy for the cameras.

    I am not a Crowdstrike fan, but I have to admit they have owned this problem from the moment it happened. They have not shied away from any responsibility. I cannot come up for any other explanation for Congress getting involved, other than they want to make themselves look good.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like