ninthEAST reposted this
CrowdStrike: Automated Recovery from Blue Screen on Windows Instances in GCP
CrowdStrike Dear CEO, YOUR FIRED! Any company that greedily absorbs more than 80% of any market has an obligation to ensure their software has high quality, redundancy, and is not, nor ever should be the #SPF single point of failure in any system. I for one will not trust any software updates from Microsoft now. Automated overnight software updates are now the default, a service on which the entire computing world depends for just in time fixes, repairing security holes, getting new features for free, etc. Well, we see what free got us, we see what one failure in communication, training, process step missed, of inattention to software quality has gotten us. The dirty little secret in software is that less than 1% of the software is actually tested under real time circumstances. Most perform the perfunctory ‘happy path’ testing and call it a day. Quality control is sacrificed for new features, barely tested. As an application gets larger the proportionate testing demands becomes exponentially larger, but the budgets of most quality control departments are woefully inadequate. Manically adding an AI bot to perform the testing when all the use cases remain a mystery does not solve the problem. #SPF = #SinglePointofFailure
I didn’t understand all the steps but does this means cloud instance don’t have recovery mode to delete the crowdstike sys file and reboot instance ?
I think this is helpful, a similar approach can be implemented for Azure and AWS instances running CrowdStrike by doing detach/remove/attach steps programmatically, it's not easy but can be done.
Step 1: restore backup
I'll keep this in mind
Very informative
Was it reviewed& approved? QC Passed?
Chief Security Officer / Chief Information Security Officer / Chief Privacy Officer
2moCrowdstrike must be kidding. This does nothing to protect against a future failure on their part. They have pushed the recovery only responsibility to the Businesses who use their Cloud. Their system and Microsoft's systems must be re-engineered to allow the end customer to test their updates BEFORE applying CrowdStrike changes. This is a completely unacceptable failure of the Cloud SHARED RESPONSIBILITY model.