Crowdstruck (Windows Outage) - Computerphile

Computerphile
Computerphile
23,792
0
Published 2024-07-23
Nearly nine million Windows machines were taken out by the Crowdstrike problem in July 2024, but why was the impact so problematic? Dr Steve Bagley and Dr Mike Pound of the University of Nottingham discuss the problem.

www.facebook.com/computerphile
twitter.com/computer_phile

This video was filmed and edited by Sean Riley.

Computerphile is a sister project to Brady Haran's Numberphile. More at www.bradyharanblog.com/

Thank you to Jane Street for their support of this channel. Learn more: www.janestreet.com/
All Comments (21)
  • @james_chatman
    I got dragged into this and I'm now at 48 hours of overtime. Thanks CrowdStrike.
  • @oourdumb
    The real worry is the lack of QA at Enterprise companies. A state actor infiltrating one of these orgs would be absolutely devastating.
  • @solimm4sks510
    Heh the BSOD at 0:40 is cool "For more information about this issue and possible fixes, do not ask us"
  • @vincei4252
    In the modern version of Battlestar Galactica, Admiral Adama absolutely refused to have Galactica networked to other systems and ships in fleet because of the risks to their it critical system. Yet here we are, allowing a root kit to operate unconstrained on millions of machines. Fun times ahead.
  • @minxythemerciless
    The guilty in this instance are both CrowdStrike and their Customer Security Managers. CrowdStrike has a history of shipping stuff that breaks systems, most recently their Linux product. The Customers said: Yes CrowdStrike just put whatever you want on our systems without monitoring. And by the way, we have no adequate disaster recovery plan. As a corollary, letting CrowdStrike put stuff on your systems also allows bad people to compromise CrowdStrike and deliver unlimited hurt. If I was a baddie I'd spend my every effort to subvert CrowdStrike!
  • @adityavardhanjain
    I was waiting for this video with extreme excitement for the last 2 days. I jumped on YouTube as soon as I saw the notification.
  • @piranniayt
    Perfect storm: no fuzzy testing the driver code, no staged deployment, no os blue/green boot partition
  • @LunarcomplexMain
    I swear this is only the beginning for tech companies that are losing valued senior staff over the many, many decades...
  • @satysin630
    Nice touch with the 13.37% in the BSOD 😁
  • @bilalsadiq1450
    If Dr Bagley and Dr Pound had a podcast, I'd definitely listen to them talk for hours lol.
  • @zhandanning8503
    when the computer goes down, that is a sign to photosynthesize, nice
  • @eructationlyrique
    Linux has a feature that allows the sandboxing of channel updates using eBPF, although Crowdstrike doesn't use it yet. In theory, that could have prevented the BSODs had Windows had a similar feature. Also, I don't ncessarily agree that Windows is blameless here. While Crowstrike is definitely at fault, Windwos did certify their driver, and that validation somhow didn't include testing for corrupted or invalid channel files. There's no reason the driver should blindly trust those files without validation.
  • @luicecifer
    "Well, well, well. Tell me, young gentlemen, why is it always you two when something bad happened??"
  • @lenwe33
    13.37% complete... ISWYDT 🙃
  • @lborate3543
    My local pub went down.. no fish and chips for me..
  • @phasm42
    Crowdstrike sounds like a nickname for Mustangs 😅
  • @sunefred
    Falcon is using definition files which are NOT part of the WHQL process which Falcon obviously is! I don't know how this works on Linux or MAC, but maybe it should not be allowed for Windows driver makers to deliver anything to the kernel that does not go through the WHQL certification.
  • @Moose_33
    Yesssssss, twas waiting for this. You beautiful channel you. The dynamic duo returns