Friday, July 19, 2024

So, One Dumbshit Act Cripples Computer Systems Around the World

A faulty software update caused technological havoc worldwide on Friday, grounding flights, knocking down some financial companies and news outlets, and disrupting hospitals, small businesses and government offices.

If a "faulty software update" can do that much damage, how much damage could be done by a malicious act? The damages from this are likely in the many millions of dollars range, just in aviation alone. How many have died because EMS wasn't timely dispatched? The lawsuits will be interesting.

But clearly, the computer networks are incredibly fragile for systems so vital to modern living.

11 comments:

  1. Reality was it was systems that use Cloudflare a cloud based system security service, those are typically winders based.

    Those of us that do not use winders and don't tie our horse to
    the cloud never noticed it. Well we did notice those services
    that were tied to that going down.

    I find it silly when people use the cloud for the PC when a 2TB
    drive (2TB SSD typically under 150$) is cheap and a box of them
    is still cheap. Why, your always at risk if their stuff breaks
    either power, hardware, or software, and if local connectivity
    to the cloud breaks your screwed. You loose your rented cloud
    based software, your data, even your ability to electronically
    pay for those things.


    Eck!

    ReplyDelete
  2. Ditto Eck...I have a safety deposit box with WD Passport drives just as you say.

    For nearly 15 years I was the lead sysadin for the backend IT of a small liberal arts college where I learned how protective systems can bring down your IT, like when the server room's monster UPS...fails....and takes down everything. The thing that is supposed to make to more resilient kills you.

    Or how you DON'T want to host all your DNS locally (Dynamic Name Resolution, changes URL names into real addresses)...because if you lose your Internet in an ice storm, your domain disappears from the net, and you get panicked parents calling up and asking you why Bard College "doesn't exist" any more. I not only found external DNS service, but one away from major cities, fault lines and not in the thunderstorm capital of the world (that's FL).

    You tries and you tries and you tries....and sometimes you faceplant. The kissoff is when you get fired for something that wasn't your fault. Such is life.

    ReplyDelete
  3. Stewart,

    Almost made that error... then the net went down and the test system failed. The result is if its yours its indoors, if its theirs' or
    internet then outdoors. I do rely and expect the internet to be
    durable. The end points however are expected to be fragile.

    I go the multiple system route. Each a copy has a copy of the
    data as the OS is easily replaced. All but one, that one is
    a copy again but its not on line as in "airgapped" and has no
    wifi or bluetooth. Archive updates are via Eitherpipe and then
    disconnected and powered down. I have the teeshirt, sports
    jacket on backups.

    As to the big "tech outage", Cloudstrike is not the world but it
    did make a large number of microsoft dependent sites. You use a
    OS with weak security that needs a lot of help your already
    exposed. However the news has made a really bigger deal of it,
    think "the sky is falling" and hens running around saying that.


    Eck!


    ReplyDelete
  4. Southwest Airlines wasn't affected by this, as they are still using. . . wait, , , Windows 3.1

    ReplyDelete
  5. Eck!,

    If CrowdStrike had been cloud-based, it would not have needed a kernel-mode driver; and vice versa.

    Business use of "The Cloud" is about transforming OpEx into CapEx.

    During the pre-release period for 32-bit Windows, 1992-93, Microsoft decided to publish only the bare minimum documentation for kernel-mode driver development. It looked like you could use it, but when you started actually trying to code, test, and deploy, you realized that a lot was missing. To get the real doco, you had to go to Redmond for training under NDA, for a very high price. This was partly because some of the functionality simply hadn't been implemented yet and claiming "publicly" that it worked could have created liability. It was also because Microsoft, at that time, saw the comparatively closed Macintosh software ecosystem as the model to emulate, as the only way to prevent support costs from escalating out of control. But decisions of that kind have a way of locking you in for all future time.

    ReplyDelete
  6. Funny how one airline, Southwest, wasn't affected by the outage due to the fact that they still operate on Windows 95. Read it here:
    https://www.sfgate.com/travel/article/southwest-escapes-problems-worldwide-outage-19584828.php

    ReplyDelete
  7. I read about an incident where the captain of a ship -- don't recall if was commercial or military -- decided to test their backup navigational system. Turned the GPS off and ... the backup system promptly crashed. Turned out that it got the needed precision time not from a precision internal clock periodically synced with GPS, but directly from GPS itself.

    The post didn't elaborate as to whether anything was/could be done to actually *have* a backup system or not.

    ReplyDelete
  8. The average laptop is a minimal backup system, It boots and runs
    without GPS or connection to the internet. My systems have a more
    sophisticated system for battery power. Backup in the general sense
    is refers to copies of data if the original is inaccessible or
    damaged. Without GPS or Network time the clock would need
    checking but short term (days to weeks) time would be accurate
    for many things.

    For the Navigation case, you need accurate time to navigate.
    Basic navigation relies on time, speed, and heading from a
    known point. GPS provides accurate time and a known location
    for confirmation as well as speed. Its known as dead reckoning.
    Shutting down GPS would be like putting on a blindfold and
    trying to walk across a room full of junk. So the result
    should be expected shutdown unless the backup system had
    its own GPS.

    Of course a compass and a sextant still works. And RDF
    still works as broadcast stations rarely more about.

    Eck!

    ReplyDelete
  9. As to the internet getting hit....there was this ad....
    Picture of the rising sun breaking through some trees onto a backhoe with its hoe in the air
    Caption: Good Morning! Your internet is going down.

    ReplyDelete
  10. All the photographs post 1990 will be lost eventually. The medium currently used, is by no means as permanent, as the old school film and prints.
    This digital world is going to disappear even faster , than it came upon us.

    ReplyDelete

House Rules #1, #2 and #6 apply to all comments. Rule #3 also applies to political comments.

In short, don't be a jackass. THIS MEANS YOU!
If you never see your comments posted, see Rule #7.

All comments must be on point and address either the points raised in the blog post or points raised by commenters in response.
Any comments that drift off onto other topics are subject to deletion.

(Please don't feed the trolls.)

中國詞不評論,冒抹除的風險。僅英語。

COMMENT MODERATION IS IN EFFECT UFN. This means that if you are an insulting dick, nobody will ever see it.