Bas' Take on Tech: Crowdstrike, Southwest and Windows 3.11
Hi there,
thanks for reading my tech newsletter about the recent buzz in tech.
Have a great week ahead!
đ€ The Crowdstrike Issue
What is CrowdStrike?
Crowdstrike is a world-leading US company in the field of IT security. One of its products, called Falcon Sensor, is used to monitor activity in real time, detect malicious activity in data traffic and block attacks. According to media reports, a faulty Falcon update may have caused the disruption.
For many Crowdstrike customers, nothing worked at all on Friday morning because their computers only displayed the infamous âBlue Screen of Deathâ error message and no longer booted up. Many users who are not direct Crowdstrike customers but use the Microsoft 365 service, for example, were also affected.
Behind the scenes
Apparently, a file full of null bytes caused the Falcon service to crash. Since the Falcon service runs privileged at system startup, the clients were caught in an endless loop.Â
Microsoft and Crowdstrike are two different companies. Why did the Crowdstrike Falcon service have such extensive system permissions? Microsoft blames an EU regulation from 2009. Following a complaint, Microsoft reached an agreement with the EU in 2009, in which security software manufacturers must be given the same access to Windows as Microsoft. This has now proved fatal, according to Microsoft.
Critical infrastructure was affected, for example, numerous flights were cancelled. Interestingly, Southwest Airlines was less affected. Insiders suspect that the infrastructure there is still running on Windows 3.11. Not a joke.
In 2010, there was a problem at security manufacturer McAfee, which also paralyzed the internet at the time.
The McAfee CTO at the time, George Kurtz, is now the founder and CEO of Crowdstrike, which, along with Dmitri Alperovitch, an American with Russian roots and founder of a geostrategic think tank in Washington, has given rise to all kinds of conspiracy theories.
From a due diligence point of view, the only thing that remains to be said is that system-critical software that can lead to a total failure by mistake because it updates itself via the Internet can also lead to such a disaster on purpose. Trust in Crowdstrike must have been high, especially since the software is not suitable for use with critical infrastructure according to its own license terms (section 8).
Reddit also wonders why Crowdstrike should be worth 83 billion dollars.
đ What else?
I have changed this newsletter from âoccasionalâ to at least once every two weeks. The new format not only contains curated news and insights from the tech world but also sets the stage for fellow developers.Â
I will ask people about their journeys in the tech world and also in life. Iâm pretty sure there is much to learn from listening to other peopleâs experiences, and I am excited to share that with you!Â
Of course, I need your help with this.Â
Please tell me if you want to share your story with my 600+ readers!
What is something you learned?
What are some books that recently influenced you?
What do you want to share with others about your life, your productivity, your career, and your health?
Reach out to me on this form.Â
Let me know how I can make the newsletter better.Â
I set up a short feedback form here.Â
It would mean the world to me if you spent a minute or two filling it out!
Best,