I am not in IT so, unlike IT, I do not have to spend this weekend opening Bitlocker machines and manually swapping out .sys files. Microsoft trusting American kernel software has proven unwiser than trusting, oh, Kaspersky. Russia's doing fine spasibo.
The offending software was "Falcon", by CrowdStrike (I keep wanting to say cloudstrike). They got into the news in 2016 being blamed for the hack on the DNC; Peter Woit among other educated partisan fakers believed them, rather pretended to believe them. CrowdStrike later admitted they made it up, claiming the Maddow Defence that this was "opinion" (no, Alex Jones doesn't get to use that defence, silly). CrowdStrike are big in DEI as you can see in their "we got this" ad, get it on youtube while ya can.
King Kunta on Reddit noted that Falcon was a security timebomb and called a "put" on r/wallstreetbets... like an hour before the bomb dropped. Yeeeaaahhh... I'd not try getting through to his phone anytime soon, he should probably get a lawyer.
How did CrowdStrike get here? They had hired some new people last March. I like to assume they were good people. It seems they had some problems in the chain from dev to QA before doing a push first thing on Friday morning.
No comments:
Post a Comment