• elrik@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    Doubtful. By far, most servers responsible for Internet traffic are not running crowdstrike software.

    This incident was a bunch of fortune 500 companies caught with their pants down.

    • flop_leash_973@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      5 months ago

      If all of the parts of the internet that the average person finds useful goes down, then it matters little that technically “the internet” is not down. If it can’t be useful then it is as good as “down”.

    • Nollij@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      Who do you think runs those servers? What do you think those companies run on their Linux servers?

      • elrik@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        Those companies aren’t “the Internet.” They’re products connected to the Internet.

        The OP argument is like saying the Internet is dead because Netflix is down.

        • CookieOfFortune@lemmy.world
          link
          fedilink
          arrow-up
          0
          ·
          5 months ago

          A lot of people would say the internet was down if a large number of those products weren’t available. Also companies like Google do own parts of the physical Internet infrastructure.

  • Carighan Maconar@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    5 months ago

    And keep in mind, the falcon sensor exists for Linux. All those big companies largely use it.

    Essentially we just got lucky that their buggy patch only affected the windows version of the sensor in a showstopping way. Could have been all major OS.

    • 1984@lemmy.today
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      5 months ago

      I don’t think the Linux culture is very similar to the windows culture. At least for me personally, I wouldn’t use crowdstrike and let them install whatever they want into my environment.

      Maybe it’s just me.

      • candybrie@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        5 months ago

        Essentially no one has crowdstrike on their personal machines. Not Windows users, Mac users, or Linux users. So it’s corporate/large organization culture that matters. And they absolutely use it.

      • yeather@lemmy.ca
        link
        fedilink
        arrow-up
        0
        ·
        5 months ago

        Welcome to the world of big retailers! They would rather run Linux with crowdstrike than make their own system.

      • Takios@discuss.tchncs.de
        link
        fedilink
        arrow-up
        0
        ·
        5 months ago

        We tried to fight against having to install Crowstrike on our Linux servers but got overruled by upper management without discussion. I assume we are not the only ones with that experience in the world due to the need to check a checkbox for some flimsy audit.

        • Damage@slrpnk.net
          link
          fedilink
          arrow-up
          0
          ·
          edit-2
          5 months ago

          You’re actually confirming their point about culture though. The fact that you couldn’t stop them doesn’t mean that it also happened to everybody else: some management may have listened. Linux users abhor adding weird shit to their OS, Windows users do it all the time.

      • Carighan Maconar@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        5 months ago

        It’s not your machine, your choice of distro, or your choice of specific packages to use or not use. It’s a work tool you get handed as part of a job. So whether CrowdStrike runs on it or not is not your decision and you aren’t allowed (and usually not capable) to change that.

        That’s an entirely different situation from one where you get a PC to do with as you please and set up yourself, or a private machine.

        Plus we’re mostly talking endpoint devices for non-technical users with many of these difficult-to-fix devices as techs have to drive out to them. The users expect a tool, and they get a tool. A Linux would be customized and utterly locked down, and part of that would be the endpoint protection software.

    • Fonzie!@ttrpg.network
      link
      fedilink
      arrow-up
      0
      ·
      5 months ago

      The issuw didn’t affect Linux and macOS systems with Crowdstrike Falcon installed, though, only Windows systems.

      On Windows, booting into Safe Mode and removing C:\Windows\System32\Drivers het bestand C-00000291*.sys temporarily solves the BSOD issue, as well.

      • Brkdncr@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        5 months ago

        The point is that it could have. Or maybe some unknown 0-day gets used by someone out to cause chaos instead of collect random.

        • Fonzie!@ttrpg.network
          link
          fedilink
          arrow-up
          0
          ·
          5 months ago

          That’s true

          On one hand I hope people are smart enough to run updates to critical systems on a test environment, first. On the other hand I’ve learned that that is not at all the case yesterday.

          • Brkdncr@lemmy.world
            link
            fedilink
            arrow-up
            0
            ·
            5 months ago

            Many security products have no test option. One I’m using has a best practice of a 15 minute delay between test and prod and no automation to suspend besides relying on the vendor to pull the update it within 15 mins if it were to go full crowdstrike.

  • Possibly linux@lemmy.zip
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    Then the internet would blame it all on Linux.

    However, the recovery process would be much faster. The Linux kernel would try to load the kernel module and if it fails it would skip it.