Major worldwide IT outages

Michael Hodgson · July 22

1 minute ago, PeterStiles said:

Except everyone watching Lewis Hamilton's car go round and round in circles of a weekend. Crowdstrike are one of their sponsors and plastered all over the place...

He is a local lad but I've never seen him breaking the High Court injunction against "car cruising" in Stevenage. In case you're wondering what that means, this is from the Borough Council's website

The injunction – which has a power of arrest attached – was granted for a period of five years, until 2028.

The following activities are subject to restrictions in the district of Stevenage:

Drive at excessive speed, or otherwise dangerously
Driving in convoy
Racing against other motor vehicles
Performing stunts in or on motor vehicles
Sounding horns or playing radios
Dropping litter
Supplying or using illegal drugs
Urinating in public
Shouting or abusing, threatening, or otherwise intimidating another person
Obstruction of any other road user

adb968008 · July 22

4 hours ago, Coldgunner said:

A piece of software is only as smart as the person that programmed it afaik. I know AI has come on leaps and bounds, but still struggles with some of the human qualities like perception, anticipation etc.

Also when it comes to cars, I have a theory that the more assistances added, the lazier and potentially more dangerous the driver becomes. I mean, introduce full autopilot into a car and what's stopping the driver having a snooze or reading a book instead of paying attention. Bad enough people already mess about with phones and do their makeup behind the wheel.

You could test that theory by looking at aviation.

in 25 years computers have gradually increased their role exponentially to todays modern cockpit which is mostly automated.

Then look at the increase in volume of modern aircraft types… hundreds then, to thousands now of each mainstream type in the sky.

and proportionate number of air crashes… which has decreased substantially since the 1990’s.

dont take my word for it…

https://www.iata.org/en/publications/safety-report/executive-summary/

Edited July 22 by adb968008

AndrueC · July 22

1 hour ago, Michael Hodgson said:

It wasn't a Microsoft mistake. The software that got cocked up wasn't something consumers make use of themselves. Nobody outside the industry had even heard of Crowdstrike.

I'm well aware of that. If you look at my post you'll see that I was replying to the specific comment about Linux server reliability. The clue is the way it's quoted first 😉

It might also be worth noting that Linux has its own issues with Crowdstrike. A different issue with different causes but still..

But no my comment was simply something of a defence of Windows. I believe that Windows can be secure. Windows NT was developed by a team led by Dave Cutler (who previously led the team that developed VMS) and he is no fool. There's an excellent book describing in great detail how NT is designed. The internal object model embraces security and always has done through Access Control Lists.

The problem is that the target market doesn't want and/or can't handle proper security. You can lock NT down at least as much as Linux but most Windows users will scream and throw their computer out of the window rather than put up with it.

Edited July 22 by AndrueC

Oldddudders · July 22

Lauda Air not withstanding.

KeithMacdonald · July 22

Quote

In the YouTube video below, retired software engineer and Windows developer Dave explains the cause of the recent CrowdStrike IT outage. Dave discusses the significance of CrowdStrike being on machines in the first place and the consequences of a kernel driver failure. He also shares his experience as a Microsoft developer in the 1990s and the importance of understanding the differences between kernel mode and user mode. He then delves into the concept of kernel mode and user mode, explaining that only a few things, such as thread scheduling, Heap manager, and device drivers, run in kernel mode due to its access to hardware.

GrumpyPenguin · July 22

I had never heard of Crowdstrike before this current issue.

I don't watch overpaid people drive similary powered computers with four wheels chasing each other round & round either so why would I know about Crowdstrike.

bmb5dnp1 · July 23

5 hours ago, AndrueC said:

I'm well aware of that. If you look at my post you'll see that I was replying to the specific comment about Linux server reliability. The clue is the way it's quoted first 😉

It might also be worth noting that Linux has its own issues with Crowdstrike. A different issue with different causes but still..

But no my comment was simply something of a defence of Windows. I believe that Windows can be secure. Windows NT was developed by a team led by Dave Cutler (who previously led the team that developed VMS) and he is no fool. There's an excellent book describing in great detail how NT is designed. The internal object model embraces security and always has done through Access Control Lists.

The problem is that the target market doesn't want and/or can't handle proper security. You can lock NT down at least as much as Linux but most Windows users will scream and throw their computer out of the window rather than put up with it.

Hello,

I'm afraid that I can't agree that Windows NT based systems can be as secure as a Linux system, the fundamental design of Linux ensures that it is virtually impossible for malware to do any system wide damage (anti virus/ malware software is very much an optional extra on Linux but is essential on Windows). When combined with all the tools that Linux has "out of the box" (eg SELinux), system security is much better. Even if you could add all these levels of security to a Windows system it would be unusable. My basic point is that Windows is fundamentally flawed (from a security point of view) by bad design/implementation decisions taken many years ago whereas Linux/Unix systems were designed to be multiuser and networked from the start. If you accept that proposition then there would be no Crowdstrike to create problems if the systems had been designed differently. As an aside, I'm a computer scientist (well computational biologist) and my research career began on VMS machines and I think a lot of their much vaunted security was due to how obscure it was to manage and use them ! Nice to hear that you're a VMS person too, I've got a collection of VAX and Alpha VMS machines (along with SGIs and Sun's etc) that I saved from skips when universities threw them out that I like to play with every so often, useful for teaching too.

Dave

jjb1970 · July 23

Consumers embraced computers when they became a tool which didn't require expertise to use. Most people aren't interested in computers, they're interested in the services they provide.

Many years ago I read an article which compared computers with electric motors. Few people want or buy an electric motor, most want the functionality provided by a machine powered by an electric motor.

People want to use the Web, apps, do word processing, digital imaging, content creation etc. For most a computer is a tool, how it works is not their interest no more than a typical airline passenger understands how aeroplanes and engines work or a typical driver really understands what's under the skin of their car.

In that context it's entirely understandable why typical users just buy commercially available devices using Windows, Android or Apple alternatives.

AndrueC · July 23

6 hours ago, bmb5dnp1 said:

I'm afraid that I can't agree that Windows NT based systems can be as secure as a Linux system, the fundamental design of Linux ensures that it is virtually impossible for malware to do any system wide damage (anti virus/ malware software is very much an optional extra on Linux but is essential on Windows). When combined with all the tools that Linux has "out of the box" (eg SELinux), system security is much better. Even if you could add all these levels of security to a Windows system it would be unusable. My basic point is that Windows is fundamentally flawed (from a security point of view) by bad design/implementation decisions taken many years ago whereas Linux/Unix systems were designed to be multiuser and networked from the start.

Firstly Windows NT was (as my post indicated) designed to be a secure, multi-user system from the start the same as Linux was. Secondly Linux is not immune to malware. A significant reason for the relative lack of malware has been lack of interest by the attackers. Most attackers are (or have been until relatively recently) been attacking 'users' and as a niche operating system Linux just didn't make for a juicy target. As that article says such attacks are rapidly increasing likely due to the move toward the cloud.

But the problem with Windows these days is the basic dichotomy between usability and security. Some of that is due to the nature of ecosystem that Microsoft has fostered. Users are used to being able to do anything they want with their computer and dislike being nannied. They also dislike having to understand how their computer works.

Windows can be configured to be a lot more secure and in the hands of a knowledgeable and sensible person is a very low risk environment. Unfortunately that doesn't suit most of its customer base. So it depends whether you consider that to be a fault of the OS or not. I don't. I blame the users rather than the OS.

DY444 · July 23

Fairly predictable that this has descended into the usual ios/linux good, windows bad partisan pile on from enthusiasts of IBM (Imperative to Blame Microsoft). Blaming Microsoft for the consequence of applications run on its OS is like blaming a car manufacturer when bad driving causes a crash of one of its vehicles.

As to the "windows shouldn't allow it" argument, it is being widely reported today that the EU forced MS to make the windows kernel more accessible to third party vendors thus preventing a tight policing of its use. If MS had defied the EU then two things would have happened; it would have been heavily fined and the self-same IBM enthusiasts would have piled on about law breaking and abuse of market position.

No. This issue is down to CrowdStrike's unbelievable incompetence in pushing out this fatally flawed update and a regulatory environment that allowed them to be in a position to do so.

ColinK · July 23

I wonder how many 00 scale people on our layouts will be seeking compensation because no trains were able to run?

Coldgunner · July 23

15 hours ago, adb968008 said:

You could test that theory by looking at aviation.

in 25 years computers have gradually increased their role exponentially to todays modern cockpit which is mostly automated.

Then look at the increase in volume of modern aircraft types… hundreds then, to thousands now of each mainstream type in the sky.

and proportionate number of air crashes… which has decreased substantially since the 1990’s.

dont take my word for it…

https://www.iata.org/en/publications/safety-report/executive-summary/

Its an interesting point, as I believe most larger civil aircraft have automated avoidance systems too, where the planes 'talk' to each other, one climbs and one decends. That said, I believe pilots are permitted to read books and magazines during the cruise portion of a flight, but the comms and systems are still monitored.

Coldgunner · July 23

15 hours ago, AndrueC said:

I'm well aware of that. If you look at my post you'll see that I was replying to the specific comment about Linux server reliability. The clue is the way it's quoted first 😉

It might also be worth noting that Linux has its own issues with Crowdstrike. A different issue with different causes but still..

But no my comment was simply something of a defence of Windows. I believe that Windows can be secure. Windows NT was developed by a team led by Dave Cutler (who previously led the team that developed VMS) and he is no fool. There's an excellent book describing in great detail how NT is designed. The internal object model embraces security and always has done through Access Control Lists.

The problem is that the target market doesn't want and/or can't handle proper security. You can lock NT down at least as much as Linux but most Windows users will scream and throw their computer out of the window rather than put up with it.

I recall the Windows 2000 / ME era. I upgraded my home PC from 98 to 2000, so from the 9x architecture to NT. I loved Windows 2000, it didn't have the fancy toys and funkyness of ME, but ME was an unstable POS. 2000 could stay booted for days with minimal impact. Most decent games still worked on 2000 fine, and it just felt like a more solid system. ME required regular reboots and was stuck with <512mb memory.

Look where we are now, the NT based system developed further and 9x rightfully went the way of the Dodo. I'm not a dev, sysadmin or otherwise, just a support guy who likes gaming, but I thought 2000 was streets ahead of its ME 'successor'.

GrumpyPenguin · July 23

Yes, yes, yes, we've all heard the "Linux is better than Windows" till we are sick of it.

For most of us we have Windoze, for better or worse, it's like a dysfunctional marriage & we are stuck with it.

We used to hear the same about Apple/OS.

However, so much software will not/could not/did not (some may now) run on Linux/Apple/OS - Sage, PA Testing software, Electrical Test Measurements to name a few.

If everyone was running Linux like we run Windows then you could be sure that the hackers would be targeting it

adb968008 · July 23

40 minutes ago, GrumpyPenguin said:

Yes, yes, yes, we've all heard the "Linux is better than Windows" till we are sick of it.

For most of us we have Windoze, for better or worse, it's like a dysfunctional marriage & we are stuck with it.

We used to hear the same about Apple/OS.

However, so much software will not/could not/did not (some may now) run on Linux/Apple/OS - Sage, PA Testing software, Electrical Test Measurements to name a few.

If everyone was running Linux like we run Windows then you could be sure that the hackers would be targeting it

I still remember using Lotus and OS/2, coding BASIC on my cassette driven BBC Micro, playing Chuckie Egg on alan sugars early device and hacking around on VMS using ADA to code on it…

Are screens still called VDUs these days ?

me dinosaur ?

if you want a spreadsheet go code it yourself, define a 2D array and put your variables in.

Edited July 23 by adb968008

AndrueC · July 23

Windows has the potential to be more secure through more draconian configuration although the constant trickle of bug reports is concerning and begs questions about Microsoft developer's skills. The repeated bugs introduced through updates is more worrying and begs further questions about their QA skills.

To be fair a lot of security issues relate to applications rather than the OS but are in some case allowed to become a problem because the OS has to retain compatibility and allow things it perhaps shouldn't.

2 hours ago, GrumpyPenguin said:

If everyone was running Linux like we run Windows then you could be sure that the hackers would be targeting it

For me that's at the heart of the debate. What would it be like if Linux displaced Windows. Could it displace it?

My feeling is that Linux is just not compatible with the 'common user' ecosystem we have today. Either Linux would have to change to become more like Windows or else the average user would have to become more technically aware and more sensible.

The first is possible but would be a technology crime. The second I fear is never going to happen.

My conclusion is: Windows is not a bad operating system. It's actually a pretty good one and certainly one that is 'good enough' for the markets it serves.

spamcan61 · July 23

OOH and here's another one, 100% preventable system fallover leading to lack of emergency calls:-

https://www.theregister.com/2024/07/23/atandt_outage_fcc_report/

KeithMacdonald · July 23

On 19/07/2024 at 11:04, woodenhead said:

I am about to supply a change to some of my own code on a script.

Wish me luck.......

😄

Have you checked it into version control?

Had it reviewed?

Testing evidence attached to ticket?

Release approved?

adb968008 · July 23

Its some what funny that security sells itself on outsourcing trust to them, and prove untrustworthy with it.

I wonder how many businesses are now going to restrict auto updates, and how much testing overhead that will create ?

Edited July 23 by adb968008

Oldddudders · July 23

36 minutes ago, adb968008 said:

Its some what funny that security sells itself on outsourcing trust to them, and prove untrustworthy with it.

I wonder how many businesses are now going to restrict auto updates, and how much testing overhead that will create ?

Events of this magnitude will always trigger responses in firms that found themselves helpless, and most of those will involve a higher profile for IT, and more work for more competent persons - as well as a few cowboys. Good for employment and salary levels.

PMP · July 23

6 hours ago, Coldgunner said:

Its an interesting point, as I believe most larger civil aircraft have automated avoidance systems too, where the planes 'talk' to each other, one climbs and one decends. That said, I believe pilots are permitted to read books and magazines during the cruise portion of a flight, but the comms and systems are still monitored.

There’s no automated avoidance system. The systems generically known as TCAS provides a warning to the flight crew, they then act upon the warning.

Michael Hodgson · July 25

On 23/07/2024 at 17:29, PMP said:

There’s no automated avoidance system. The systems generically known as TCAS provides a warning to the flight crew, they then act upon the warning.

My understanding is that the Automatic Pilot will obey a TCAS Resolution Advisory if Automatic Pilot is engaged. This would usually be the case for most of a long-haul flight - the boring bit when the pilots might as well be reading a book. Though they would be expected to put their book down if TCAS or any other monitoring systems suddenly starts shouting at them!

The crew would have to react if it were not engaged (more likely at take-off/landing) . And of course only larger airliners are fitted with these systems - light aircraft typically don't have TCAS, but can of course present a collision risk to bigger aircraft. TCAS should be still able to detect such aircraft as long as they are fitted with working transponders.

MJI · July 25

Windows problems is that they keep fiddling with the UI, and forcing their own choices.

My work PC changed itself to 11 and getting it half usable was a nightmare, stuck with a worse version of notepad, and paint.

And THREE different styles of scroll bars all looking different.

10 was not bad, but no 7. 2000 to 7 was the high spot of MS Windows, to be honest the main use for it is running anything WIN32 or WIN64.

Anyway it drove me so mad I put Linux Mint onto a new PC, and it runs lovely.

I did put a 10VM on as well, for those odd programs WINE will not cope with, or the Linux version will just not install (Chitubox), but it is locked down, no updates, VirtualBox configured to show not trusted boot. And does not need the internet.

GrumpyPenguin · July 26

11 hours ago, MJI said:

Windows problems is that they keep fiddling with the UI, and forcing their own choices.

Indeed, as a user I just want to...... err, use the PC.

I'm not interested in the latrest features, I'm not interested in AI offering to "help me". I'm quite happy with my older versions of MS Office, I don't want to keep learing new feature of different ways of doing things.

I hate the way Outlook seems to keep changing my settings.

It's the same with so called "smart" phones.

Why can't IT people just leave it alone if we want to be able to use what we know and are familier with ?

spamcan61 · July 26

38 minutes ago, GrumpyPenguin said:

Why can't IT people just leave it alone if we want to be able to use what we know and are familier with ?

Because there's no money in it for them if they do that.

I agree 100% with what you say, I'm more than a little fed up with having to re-learn the Office GUI on a regular basis just becuase they've added some more features I didn't ask for and don't want...but it's at work so I have no option but to use it.

Major worldwide IT outages

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Create an account or sign in to comment

Create an account

Sign in