In my earlier video, Global IT Outage: What it means for you, I discussed the outage caused by CrowdStrike’s wonky update.
Since the publication of that video, I’ve read a fair load of nonsense.
It’s Microsoft’s fault! It’s the European Union’s fault! It’s the fault of everyone else except CrowdStrike.
Well, no.
Microsoft’s Fault?
On the day of the Big Crash, mainstream media was falling all over itself to declare the issue a “Microsoft bug”. One problem: That’s total nonsense. Not sure why I expected anything less from the good old MSM…
Now, regular readers know that even though I offer many solutions to MS-related techie issues, I’m no raging fan of Microsoft. I use Microsoft software because, as a techie, I happen to support a community of users who all use Microsoft’s products.
So, it wouldn’t be very productive or even nice of me to choose linux or Mac for myself and just leave all those Windows users in the ditch.
But let’s be perfectly frank: In recent years, the quality of MS software – and specifically their updates – has been sorely lacking. However, it wasn’t Microsoft’s update that crashed 8.5 million computer systems around the world. That gold medal goes to CrowdStrike.
Some say that, well, the problem is that MS shouldn’t allow kernel-level code to run in their OS. To a degree, they have a point. MacOS, for example, doesn’t allow that, and so their systems are seen as more stable.
MacOS is also infamous for being so tightly locked down in every way that power users like me really can’t stand it.
Furthermore, let’s remember that many other bits of software are out there doing super-core-OS-level shenanigans, and they haven’t borked millions of PCs recently. It’s not like CrowdStrike’s Falcon is the only app in the world that uses a kernel-level driver. Heck, some games include a kernel-level driver to prevent cheating!!
Nvidia didn’t crash 8.5 million key puters. Neither did Kaspersky, or Avast, or Malwarebytes. Again, that distinction goes to CrowdStrike – and CrowdStrike only. Even if CS should have used a Windows security API instead of kernel-level code, why on Earth should I condemn Microsoft for a problem caused by CrowdStrike?
The European Union’s Fault?
Next, we hear it’s the EU’s fault.
The EU has gifted us with many exciting and innovative technical solutions, such as the GDPR, endless cookie prompts, and so on.
Every single one of these “innovations” were based on actual good ideas. The problem was that the people implementing them are most certainly NOT technically inclined. They’re a bunch of politicians pretending that they understand the complex nature of technology.
For the most part, they’re just regular people trying to do good things (like protect privacy) but in seriously idiotic ways.
When confronted with the reality of the situation they created, naturally they won’t back down because they like their cushy jobs.
In any case, it has also been suggested by many that the EU is at fault because Microsoft’s OS allows kernel-level mojo. That’s completely absurd.
There’s an EU law that says MS must give security companies the same low-level OS access that its own security software (i.e. Defender) has.
Without going into the details of Windows development going back to the days of Windows NT and Windows 3.11, let’s just say that MS made design decisions that – most of the time – actually work pretty well. None of that really had anything to do with the EU. In fact, MS apparently never balked about allowing kernel-level access before now! Neither did anyone else as far as I can remember. It’s understood by developers and MS alike that if you include a signed kernel-level driver, you darn well better make it good because if not, your app will blue-screen everyone’s puters.
Again, security software benefits from core OS-level access to do what it does well. To me, this is simple common sense. And again, endless discussion of API vs kernel-level access to OS inner workings is just a giant distraction from the core issue: CrowdStrike issued a shite update that wrecked 8.5 million puters. That’s it! There’s nothing else to understand here.
Here’s an idea: Hey, CrowdStrike! When Falcon loads up an ‘update’, how come it doesn’t actually check that update – to make sure that it’s not, oh I dunno, maybe a file filled with all zeroes – before it applies the update?? What a brilliant idea, eh?!
But, but… If Windows was secure, you wouldn’t need CrowdStrike!
Indeed! And if wishes were horses, beggars would ride. Or… something like that.
Windows also happens to be seen as “less secure” because it is easily the most attacked operating system. Some even say that’s by design/cooperation with old-school antivirus software makers – but, I digress.
But really, this is simple common sense: If I’m a hacker trying to steal money and wreck things, naturally my Target #1 will be the most widespread OS that controls the most ‘stuff’ and has the most users.
Statistically, I’m more likely to succeed at my nefarious mission if I choose a really big, dynamic, complex target audience.
You might have noticed that incidences of malware hitting mobile OSes are far higher in Android than iOS. Now we’re not even talking about Microsoft anymore; we’re talking about Google vs Apple. And again, Android is hammered far more than iOS simply because the installed pool of potential targets is ENORMOUS when it comes to Android.
In certain respects, iOS and linux and macOS ARE more secure… But do a simple search for known exploits of those OSes that have been patched, and the list reads like a summary of Windows security boo-boos. What’s more, many security patches on non-Windows platforms have historically taken months or even years to be pushed out to end user devices. So much for being more secure!
The Exciting Conclusion
So no, the global IT outage was not Microsoft’s fault. It wasn’t the EU’s fault. It was also not your grandmother’s dog’s fault.
The fault of the IT outage was CrowdStrike’s crap update. Period, end of story. So where’s the backlash? Why is everyone trying to blame MS, the EU, and anyone but CS? That doesn’t make sense. Unless…
We have the fact that an FBI guy is directing the show at CS. We also have CrowdStrike’s past involvement in the ‘Russian hacking’/DNC debacle. And then we have the recent report declaring that many local American police officers no longer trust the FBI because they apparently feel the FBI is politically biased.
Well, duh.
I confess I am not a Windows programmer. But I am a programmer, and I can see obvious nonsense from a mile away. I said in my video, and I think it bears repeating here:
Either someone at CrowdStrike was very seriously incompetent, or the update was maliciously pushed – IOW, CS was hacked. Note that while everyone is discussing ad nauseam who’s fault it IS NOT (CrowdStrike’s), no one has even mentioned a hack attack again…
Well, we wouldn’t want to compromise our complete control over much of the rest of the world’s key IT systems, now would we? Hang on, now! That’s a conspiracy too far, right…? Right?!
Interesting.
Based upon all of the past and present factual evidence; CrowdStrike deliberately crashed the system; and if allowed to do so, will do so again.