The analysis of the failure is in and it is interesting:
The problem was caused by a null pointer dereference in the kernel.
The null pointer issue came from a module of "pcode" that is executed in
the kernel module.
The pcode file was all zeros.
When the pcode was loaded, it was run, and violla!
On 7/24/24 08:21, ma...@mohawksoft.com wrote:
Thoughts:
(1) loading pcode into a kernel driver. Are you kidding me?
What is pcode? Pascal…?
(2) loading pcode (in any environment) without basic sanity checks
(checksum, structural verification, etc.) is total incompetence. This is a
disaster w
On Wed, 24 Jul 2024 08:39:47 -0700
Kent Borg wrote:
> On 7/24/24 08:21, ma...@mohawksoft.com wrote:
> > Thoughts:
> > (1) loading pcode into a kernel driver. Are you kidding me?
>
> What is pcode? Pascal…?
I believe pcode in this context is the virus/malware definitions.
--
\m/ (--) \m/
___
> On 7/24/24 08:21, ma...@mohawksoft.com wrote:
>> Thoughts:
>> (1) loading pcode into a kernel driver. Are you kidding me?
>
> What is pcode? Pascal?
I'm not sure which flavor of "pcode" which is a portable code, like java
byte-code.
>
>
>> (2) loading pcode (in any environment) without basic sa
I'd guess their pcode is like a big compiled regular expression that
makes scanning for multiple, perhaps complex, patterns relatively efficient.
The failure does seem incompetent to the point of negligence and I
wouldn't be surprised to see it tested in court: big companies lost
large amounts
> I'd guess their pcode is like a big compiled regular expression that
> makes scanning for multiple, perhaps complex, patterns relatively
> efficient.
>From what I understand, I think it is far more capable then mere regex.
>
> The failure does seem incompetent to the point of negligence and I
>
On 7/24/24 10:06, Daniel M Gessel wrote:
The failure does seem incompetent to the point of negligence and I
wouldn't be surprised to see it tested in court: big companies lost
large amounts of money; lawsuits may start happening soon.
That would be nice.
This was one of the biggest bugs ever.
On Wed, 24 Jul 2024 10:39:33 -0700
Kent Borg wrote:
> That would be nice.
>
> This was one of the biggest bugs ever. Delta Airlines is still having
> problems today.
So is Mass General, or they were yesterday.
--
\m/ (--) \m/
___
Discuss mailing li
ma...@mohawksoft.com writes:
> (3) Unstaged rollout: amateur hour nonsense.
But if you've got 10,000 Windows machines, think of the labor it saves!
I'd love to see (but never will) some big corporation's cost/benefit
analysis of the Crowdstrike mess -- how much did they save by not
staging rollou
So is Mass RMV, they have to go out to all the inspection systems and
apply the fix onsite. And I suspect they don't care much about the
EULAs...
On Wed, Jul 24, 2024 at 1:53 PM Rich Pieri wrote:
>
> On Wed, 24 Jul 2024 10:39:33 -0700
> Kent Borg wrote:
>
> > That would be nice.
> >
> > This w
On 7/24/24 11:42, Dale R. Worley wrote:
I'd love to see (but never will) some big corporation's cost/benefit
analysis of the Crowdstrike mess -- how much did they save by not
staging rollout of security patches, how much did they lose from the
disaster.
A gradual roll out doesn't cost any *mone
On 7/24/24 12:59, Kent Borg wrote:
Remember, "QA" is a dirty word these days.
I clicked on their "Careers" page and searched for "qa".
Out of 400-something open jobs, I got 15 hits. Of those only three have
QA in the title. All three are in India. Two of these are QA for
"marketing websites"
>
> Probably they had a really complicated test that was supposed to catch
> this, but really complicated tests are themselves buggy. Who tested that
> the test catches the failures it is supposed to test? Not the
> non-existent QA department…
>
>
> -kb
>
It's hilarious because this is literally t
Also CrowdStrike's preliminary post-incident review is out. Bleeping
Computer cites, "Rapid Response Content uses automated testing instead
of being tested locally on internal devices, which would likely have
detected the issue."
In other words, CrowdStrike's testing does *not* include installing
On 7/24/24 16:18, Steve Litt wrote:
Before you call lawsuits nice, contemplate that it might cause
employment contracts to have indemnification clauses. For developers,
this would be anything but nice.
I would like computers to be treated a little more the way we treat
normal stuff.
When Boe
15 matches
Mail list logo
