Crowdstrike

My current job's basic infrastructure is still based off of a DOS-prompt style code and response system and a horrible Windows95 GUI. However, as someone who grew up on a Commdore64, then upgraded to Windows 3.1, and my first laptop had Windows95, this is a very familiar system. My coworkers on the other hand...
 
Last edited:
Cap'n Jack said:
Why does crowdstrike (and mcafee, and others) make products for apple and linux operating systems as well as windows? Some hypothesis include:
- All the operating systems have security issues and microsoft is no longer unique in having security holes​
- These vendors are selling people products that they don't really need for operating systems other than windows?​
- Managers are buying security products for all operating systems just to cover themselves and they can say all systems are equally protected? (The due diligence comment mentioned earlier)​
I go with the first and third options.​
On United Airlines, I can do a lot of reservation functions from my tablet or phone running android or iOS. I'm pretty sure those aren't the same OS they run on the back-end server.​
Click to expand...
To the question, you're right, it's 1 and 3. But the risk of an attack isn't just the compromise of the single system. You're correct, all OS's have vulnerabilities that can be exploited. The issue with Windows bases OS's is that they are designed to function in a network environment where the compromise of one system can lead to the compromise of all systems. As an example, I've not heard of a ransomware attack that was NOT facilitated by this Windows specific connectivity. I'm not saying it's impossible, but it's far from the normal.

As to being able to do reservations from Android or IOS, you're correct, that's a great way to do it; and it's a modern way for an entire business to operate. But...many businesses are still running with their employees effectively on the same network as the back end systems that need to be up 24/7. This type of system is typical of an enterprise Windows environment, and it puts the business in a spot where the compromise of one line employee's system could lead to the compromise of the enterprise. Crowdstrike, and other EDR (endpoint detect and response) software is specifically designed to reduce that type of threat. Other technologies that are sometimes used include some type of "zero trust network" that generally attempt to reduce the impact from compromised single systems taking down an enterprise. Entire categories of software and companies have been built around band-aiding this kind of risk.
 
pfarber said:
you mean a terminal logged into a remote mainframe? sure there are some gui's for some tasks... but it's all just a front end for some old IBM 360 in a basement somewhere
Click to expand...
Pretty much! In the old days, green screen terminals to mainframes were reliable, cost effective, and generally pretty secure. The current equivalent of that we use every day - a computer, of any brand, that uses a web browser, of any brand, to connect to back end servers. Using web based tools for most employees drastically reduces the risk to a company compared to having a bunch of Windows computers all connected together.
 
Had a Delta flight out of MSP tonight scheduled 6:30p local time, got notification in the morning of a 2 hr delay. Colleague had a flight at 7a cancelled yesterday then he rebooked on an afternoon flight, went to airport, returned rental car, was delayed 3 hours then cancelled. I was tracking “my plane” on FlightAware and it was initially supposed to be LAX->SEA->MSP, saw both those legs cancelled. Then it showed it being an LAX->MSP flight getting in at 10:15p local while Delta kept saying my flight would depart 8:30p with just that initial 2 hour delay. Decided at that point mid afternoon to cancel my delta and book JetBlue Tuesday just to not deal with the ********.

Have been following along since then out of curiosity and they have kept delaying in hour long increments despite the plane arriving from LAX an hour ago, so clearly no crew. Now says it’ll takeoff in an hour but I don’t buy it and think it’ll wind up getting cancelled. Even if it doesn’t, it won’t arrive until like 4am local time at this point. I totally get Delta’s issues with crew scheduling, etc. but the lack of communication and continual last second delays is kinda ******** to me. They’ve known this flight wouldn’t take off at 8:30 all day, as I’ve known that. And if it does wind up being cancelled entirely, I find it hard to believe they wouldn’t have known that ahead of time either.

Even if it does takeoff in an hour, I’m just glad to not be dealing with sitting around at the airport waiting while it keeps getting delayed, risking getting stuck past midnight without bags, rental car, etc. Delta has some explaining to do that’s for sure
 
T Bird said:
Delta has some explaining to do that’s for sure
Click to expand...
Same here. I was supposed to be at EAA, flying into MKE Friday night. I'm still in Houston, thanks to delays, cancellation, re-booking, more delays, more cancellations, re-booking, more cancellation, and finally giving up.
Delta needs a better systematic approach to disaster recovery.
 
About 15 years ago I convinced a friend to dump everything Microsoft he was using in his business. Honestly, it was a really tough sell.
I installed Linux servers, and employees got Linux desktops and laptops. Back then it was 2 locations in 2 cities and maybe 12 employees. He is now 20 locations in 18 cities and over 100 employees.
He woke me up to tell me the news about the Crowdstrike outage.
He also sent me a gift certificate for $1,000.00.
:happydance:
 
This guy (retired Microsoft programmer) explains it well. Shocking that they used an update that was presented as data to send in executable code, in order to bypass the slowness of the WHQL qualification process.

 
AV8R_87 said:
This guy (retired Microsoft programmer) explains it well. Shocking that they used an update that was presented as data to send in executable code, in order to bypass the slowness of the WHQL qualification process.
Click to expand...
Their cyber-security software is now acting like a virus...and having a similar effect.
 
Shepherd said:
About 15 years ago I convinced a friend to dump everything Microsoft he was using in his business. Honestly, it was a really tough sell.
I installed Linux servers, and employees got Linux desktops and laptops. Back then it was 2 locations in 2 cities and maybe 12 employees. He is now 20 locations in 18 cities and over 100 employees.
He woke me up to tell me the news about the Crowdstrike outage.
He also sent me a gift certificate for $1,000.00.
:happydance:
Click to expand...
Which Linux version(s) do you prefer/recommend? (Looking ahead to the end of Windows 10 support.)
 
An attorney discusses potential liability issues for Crowdstrike.

 
Palmpilot said:
Which Linux version(s) do you prefer/recommend? (Looking ahead to the end of Windows 10 support.)
Click to expand...
I'm a Ubuntu fan for servers.
For a number of years I've been using Linux Mint on Laptops and Desktops. It's based on Ubuntu, so minimum problems with interaction, it's good, but not perfect.
The few times I've encountered a problem I had never seen before, I've, eventually, been able to find someone with an answer.
 
You must log in or register to reply here.
Back
Top