i saw the news & immediately texted the friend i know at crowdstrike with a wall of troll emojis to dunk on them, like the good baptist girl i was raised to be, lollollol
my annoying "well actually" take which can be SAFELY IGNORED I PROMISE is (1) it'll be sort of hard to understand the full story of What Went Wrong until we get a full postmortem; it's entirely possible crowdstrike does ordinarily have reasonable best practices but some godawful confluence of multiple things failing all at once caused a really-difficult-to-see-in-advance disaster, a la point #3 in how systems fail https://how.complexsystems.fail/ , so i'm suspending judgment til we get a clearer picture of what happened, but also (2) the real solution to this problem is "don't run closed-source third-party ring-0 code" because the potential failure modes are so egregiously catastrophic, but eh that's kind of a moot point because for various Mostly-Bad-But-Sometimes-Okay-ish Reasons (e.g. compliance) people seem to still think Antivirus Software Is The Answer and it's effectively *impossible* to write antivirus software that isn't ring-0 code, so we're stuck with it, but anyway (3) at the end of the day the incentives in this space all kind of point toward... this sort of thing happening? "no one ever got fired for buying IBM" and now all our infrastructure uses the same 3 clouds lmao FUCK
no subject
my annoying "well actually" take which can be SAFELY IGNORED I PROMISE is
(1) it'll be sort of hard to understand the full story of What Went Wrong until we get a full postmortem; it's entirely possible crowdstrike does ordinarily have reasonable best practices but some godawful confluence of multiple things failing all at once caused a really-difficult-to-see-in-advance disaster, a la point #3 in how systems fail https://how.complexsystems.fail/ , so i'm suspending judgment til we get a clearer picture of what happened, but also (2) the real solution to this problem is "don't run closed-source third-party ring-0 code" because the potential failure modes are so egregiously catastrophic, but eh that's kind of a moot point because for various Mostly-Bad-But-Sometimes-Okay-ish Reasons (e.g. compliance) people seem to still think Antivirus Software Is The Answer and it's effectively *impossible* to write antivirus software that isn't ring-0 code, so we're stuck with it, but anyway (3) at the end of the day the incentives in this space all kind of point toward... this sort of thing happening? "no one ever got fired for buying IBM" and now all our infrastructure uses the same 3 clouds lmao FUCKbut also: