• mobius_slip@beehaw.org
    link
    fedilink
    arrow-up
    4
    ·
    4 months ago

    Microsoft chose to work with these people and accepted their faulty input. How is it not Microsoft’s fault?

    • orcaA
      link
      fedilink
      arrow-up
      9
      ·
      4 months ago

      It’s what happens when you put too many eggs in one basket. You see a similar house of cards when you look at package managers in the software dev space. Single point of failure.

      The reality though is that Windows computers not running the CrowdStrike agent were not affected. This one falls on CS, but there is a much larger problem at play. Also, auto-updates are a plague, especially on a kernel level. That’s just insanity.

      • IrritableOcelot@beehaw.org
        link
        fedilink
        arrow-up
        9
        ·
        4 months ago

        Yeah the issue is that so many companies were at the intersection of two monopolies – either one failing has catastrophic effects, and there’s no backup plan.

        • orcaA
          link
          fedilink
          arrow-up
          2
          ·
          4 months ago

          A backup plan probably involves using some other company/service that can suffer the same fate 😭

          • IrritableOcelot@beehaw.org
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            4 months ago

            I mean any technology solution can suffer the same fate, but you would hope that it wouldnt be an issue at the same time if they’re separate tech stacks.

            • orcaA
              link
              fedilink
              arrow-up
              1
              ·
              4 months ago

              The real solution is to not make anything that’s mission-critical reliant on Windows.

              • IrritableOcelot@beehaw.org
                link
                fedilink
                arrow-up
                2
                ·
                4 months ago

                Specifically to make something which is not mission-critical reliant on any underlying software…but that’s almost impossible. Not reliant on the base operating system would be a nice start.

                • orcaA
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  4 months ago

                  I have friends still dealing with all kinds of airline troubles (basically stuck in cities for a week past their return date) and I can’t believe anyone would have so many mission-critical systems using Windows. Their infrastructure must be a mess.

    • Yoruio@lemmy.ca
      link
      fedilink
      arrow-up
      7
      ·
      edit-2
      4 months ago

      If you had a Samsung fridge, and you willingly put a bomb in the fridge, would you blame Samsung when your fridge explodes?

      Microsoft gives you the freedom to install software that runs with the same level of privilege as the kernel itself. You’re the one that chose to install defective software, and then give it kernel level permissions. You put a bomb in your computer and now you’re blaming Microsoft after the bomb exploded.

      Microsoft didn’t make the decision to allow the faulty input, the person who installed the software did, when they gave it permission to run in kernel mode.

    • The Cuuuuube@beehaw.org
      link
      fedilink
      English
      arrow-up
      6
      ·
      4 months ago

      Most of who got hit though was people who contracted with crowd strike directly though. Its not like Microsoft pushed crowdstrike onto people.

    • andrew@radiation.party
      link
      fedilink
      arrow-up
      5
      ·
      4 months ago

      Because Microsoft isn’t responsible for every program that runs on their OS.

      CrowdStrike is an EDR that enterprises choose to install. The bug was caused by a dodgy content bundle update, which is something that’s meant to be 100% safe but evidently they found and triggered a bug.

    • Abnorc@lemm.ee
      link
      fedilink
      arrow-up
      1
      ·
      4 months ago

      Not every enterprise runs crowdstrike, so it’s not Microsoft’s fault. I was having trouble finding out what happened because our computers were working normally, lol. The XKCD comic tipped me off.