…according to a Twitter post by the Chief Informational Security Officer of Grand Canyon Education.

So, does anyone else find it odd that the file that caused everything CrowdStrike to freak out, C-00000291-
00000000-00000032.sys was 42KB of blank/null values, while the replacement file C-00000291-00000000-
00000.033.sys was 35KB and looked like a normal, if not obfuscated sys/.conf file?

Also, apparently CrowdStrike had at least 5 hours to work on the problem between the time it was discovered and the time it was fixed.

  • Imgonnatrythis@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    0
    ·
    4 months ago

    Maybe. But I’d like to think I’d just say something clever like, “says here that this year the pummel horse will be replaced by yours truly!”

    • Takios@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      0
      ·
      4 months ago

      Problem is that software cannot deal with unexpected situations like a human brain can. Computers do exactly what a programmer tells it to do, nothing more nothing less. So if a situation arises that the programmer hasn’t written code for, then there will be a crash.

      • deadbeef79000@lemmy.nz
        link
        fedilink
        English
        arrow-up
        0
        ·
        4 months ago

        Poorly written code can’t.

        In this case:

        1. Load config data
        2. If data is valid:
          1. Use config data
        3. If data is invalid:
          1. Crash entire OS

        Is just poor code.

          • CeeBee_Eh@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            ·
            4 months ago

            You know there’s a whole other scenario where the system can simply boot the last known good config.

              • CeeBee_Eh@lemmy.world
                link
                fedilink
                English
                arrow-up
                0
                ·
                edit-2
                4 months ago

                The following:

                • An internal backup of previous configs
                • Encrypted copies
                • Massive warnings in the system that current loaded config has failed integrity check

                There’s a load of other checks that could be employed. This is literally no different than securing the OS itself.

                This is essentially a solved problem, but even then it’s impossible to make any system 100% secure. As the person you replied to said: “this is poor code”

                Edit: just to add, failure for the system to boot should NEVER be the desired outcome. Especially when the party implementing that is a 3rd party service. The people who setup these servers are expecting them to operate for things to work. Nothing is gained from a non-booting critical system and literally EVERYTHING to lose. If it’s critical then it must be operational.

                • The 3rd party service is AV. You do not want to boot a potentially compromised or insecure system that is unable to start its AV properly, and have it potentially access other critical systems. That’s a recipe for a perhaps more local but also more painful disaster. It makes sense that a critical enterprise system does not boot if something is off. No AV means the system is a security risk and should not boot and connect to other critical/sensitive systems, period.

                  These sorts of errors should be alleviated through backup systems and prevented by not auto-updating these sorts of systems.

                  Sure, for a personal PC I would not necessarily want a BSOD, I’d prefer if it just booted and alerted the user. But for enterprise servers? Best not.

                  • CeeBee_Eh@lemmy.world
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    4 months ago

                    Sure, for a personal PC I would not necessarily want a BSOD, I’d prefer if it just booted and alerted the user. But for enterprise servers? Best not.

                    You have that backwards. I work as a dev and system admin for a medium sized company. You absolutely do not want any server to ever not boot. You absolutely want to know immediately that there’s an issue that needs to be addressed ASAP, but a loss of service generally means loss of revenue and, even worse, a loss of reputation. If you server is briefly at a lower protection level that’s not an issue unless you’re actively being targeted and attacked. But if that’s the case then getting notified of an issue can get some people to deal with it immediately.