[Discuss] CrowdStrike Fiasco

[kentborg at borg.org (Kent Borg)]

On 7/22/24 15:56, jim at gasek.net wrote:
> Shame on you if you accept and deploy a vendors patches without testing.

Isn't that what Falcon customers are paying for, automatic installation 
of updates? Isn't that the religion at the moment? Aren't some people 
trying to make selling Internet of Shit (I mean Internet of Things) 
devices illegal if they *don't* automatically deploy updates?

The idea that Crowdstrike is so confident that they don't roll out new 
revisions a little gradually is pretty damning.

And for a product that can BSoD Microsoft machines?is there any way they 
could make that failsafe? Have it rollback when there is a problem? Or 
does cool-aid drinking make that a non-starter, because Crowdstrike 
moves fast and breaks things on purpose?


> The safety of the computing environment of the entire world should not be in the hands of a couple people, period.

Agreed.


And what happens when Okta breaks?or is broken into? Most everything 
stops working. Because "best practices" (AKA the "current popular 
fashions") say single-sign-on using Okta is the religion /du jour/, right?


-kb, the grumpy old Kent who hated the term "best practices" the very 
first time he heard it, many years ago.