szescstopni @szescstopni@qoto.org

#crowdstrike #funny #meme

This thread, my god... I'm literally speechless.

https://digipres.club/@foone/112817523308786223
@foone - good lord. I pulled a microSD card out of a Raspi inside an IoT product and it appears they had some developer use a raspi to develop/test some software,  and then they just yanked the SD card out of that machine and duped it on to all of their deployed products.

it's got .bash_history of the development process! there's git checkouts of private repos! WHY WOULD YOU DO THIS?

Lazyweb. Identify this movie:

Late 80s or early 90s. Super low budget, like Full Moon Entertainment level. Late teen male and female leads. Set in an early-post-apocalypse world, so basically our lives reality today.

There's a scene when they go into an ER and the PA is playing a loop including the line, "You have the right to SUE your doctor. To SUE your doctor, pick up te courtesy phone and dial FIVE."

There may have been killer robots?

happy to report our telescope operations are extremely safe from the recent crowdstrike outage.

Two incomes are better than one so make certain your partner has two jobs.

If your partner doesn’t have two jobs, then get two partners.

Follow me for more financial advice.

@malwareminigun @GossiTheDog

According to industry analysts, the world production of snake oil is expected to surpass that of fossil oil in 2027. Huge, billion-barrel reserves are being discovered and tapped almost daily, mostly in California.

Have you tried turning it off and never turning it back on again?

Crowd Strike thing is basically an "Ever Given stuck in Suez Canal" of IT industry.

All the techies losing hair, sleep, and family time trying to get this un-stuck are the excavator operator trying to get things un-fucked.

#CrowdStrike #InfoSec

CrowdStrike is a small, local, struggling, resource-constrained mom-and-pop infosec shop which should not be regulated because that would kill it, and also is a globally-recognized security vendor of advanced AI-based EDR tools that you should definitely use because the company is massive and has all the resources in the world that they can put to making their tools top-of-the-line, not like those FLOSS amateurs.

Obviously.

#CrowdStrike

Hey fellow #Linux users, despite #CrowdStrike only affecting #Windows, this is not really a windows problem.

This is an "automatic update that got forced onto everyone with insufficient testing while also having way too many permissions" problem.

If you think big corps wouldn't run something similar on Linux, I have a an NFT of a bridge to sell you.

Let's cut the bullshit and spell out a few things. The IT security industry is about as trustworthy as the food supplement and vitamin industry, but somehow they escaped the same reputation. Their products are overwhelmingly based on flawed ideas, and the quality of their software is exceptionally bad. And while not everyone will agree with the harshness of my words, I'll say this: Essentially everyone in IT security who knows anything in principle knows this.

Everything seems to go back to Reagan. https://theintercept.com/2022/08/25/student-loans-debt-reagan/

Tip for software companies. Your stock price can't crash when you release a bad update if your update manyages to take out the stock exchanges

In all seriousness tho -

#hugops to the poor bastards who have to clean this up and especially to the poor bastard who now has the epic 'time I brought down prod' story - no matter who contributed the bug, it was a systemic failure of crowdstrike's QA process that allowed this to escape into the wider internet; the aim is not to rely on people not to make mistakes, but to build systems in such a fashion that mistakes can be caught and corrected before they become an issue for others.

Individual heroism never makes up for systemic failures, y'know?

My computer works. Can’t reproduce fault, closing ticket