Blue Screen of Lattepunk
Lattepunk
How Do You Normally Drop Your Stock Price by 25%?
Some of you may have heard, last Friday, Microsoft’s Windows operating system kind of messed things up. All over the world. It came across my attention, like, a few times. At least. Blue screens of death were appearing in airports, banks, hospitals, you name it. But happened? And more importantly, who’s to blame?
Before I continue, I want to stress I’m not an IT Administrator. I just like tech and have read a bunch about what has been happening. With that out the way…F$%^1NG MICROSOFT, AMIRITE? But in a shocking twist of events, Microsoft actually said this is Europe’s fault. The Europeans!? Who saw that coming? Once the dust settled, by this I mean as soon as it happened, the true culprit was known. CrowdStrike.
You mean, Mercedes Formula 1 Team Sponsor CrowdStrike!?
Spot on reader! You may also know them from this Super Bowl ad in February:
Crowstrike is a security company that big business use to protect themselves from malware. I’m oversimplifying it, but they make a more complex version of an antivirus program that’d you or I would install on our computers. They have a lot of clients across the globe, they could afford a Super Bowl ad for crying out loud, as you may have found out by everything shutting down. So where are we so far:
Who - CrowdStrike
What - Blue Screen of Death on Windows
When - Friday, July 19th 2024
Where - Earth
It was obviously a mistake. CrowdStrike pushed an update to their software that made Windows fail upon booting up. This affected 8.5 Million Windows computers, about 1% of all Windows computers, with systems still down as of writing. So CrowdStrike’s software runs at the kernel level. When the computer turns on, everything in the kernel starts running, then all your other things start turning on. Windows the operating system turns on after the kernel has run all its stuff. It needs to start before everything else to see if there is any malware starting up with the computer. Here’s a useful image to envision it:
The update they pushed to their software was buggy. So when the computers tried to start everything else up, it caused it to fail. That resulted in the mess of blue screens you probably saw all over the internet. Since the error was happening before Windows could start, that led to wild fixes like rebooting 15 times in hopes that the system would just boot before the kernel program failed.
One mistake cause so much critical infrastructures to fail. Isn’t that crazy? Could this have been avoided? The answer is obviously yes, but it’s not that easy.
An update to any application gets tested internally by the company making it. But the thing is, the company can’t possibly test every single configuration of computer that their software runs on. Try to buy a Windows computer, how many options do you have? CrowdStrike can’t possibly test for each and every one of them. So is this solely CrowdStrike’s fault?
What about the companies that use CrowdStrike? They know what types of computers they have. Couldn’t they have a “dummy” computer that they could test out the software on before pushing it to the rest? That’s also complex. So the way CrowdStrikes software works makes it so it’s able to push updates for itself in the background. Giving that it’s meant to protect its clients from malware, that’s not a bad thing! When a company who’s service you are paying for is meant to stay ahead of the bad guys, is it really a smart idea to hold an update back to test it when you could be leaving those same very important computers susceptible to an attack? I’d argue a bad update is easier to deal with.
This is all still playing out. CrowdStrikes CEO has to testify this Friday and IT admins everywhere need to scramble to fix their company’s computers, while not falling for fake repair manuals that install malware. All this after CrowdStrike already pushed out a fix. The fix was live 78 minutes after the original buggy update. 78 minutes!!!
Can we avoid this in our personal lives? The answer: maybe?
You could have a dummy device that you test all updates on before you push them to your main devices, but that’s both expensive and time consuming. This comes down to trust. Do you trust the developers of the software you’re using? If the answer is no, then why are you using their software? If the answer is yes, then you need to understand that these developers are humans. And humans make mistakes.
Recommendations (left you dry last week so I’m loading you up this week):
Read:
The Hunt for the Most Efficient Heat Pump in the World (by Chris Baraniuk, Wired) (I’ve been considering this for my home)
How to Get Rich From Peeping Inside People’s Fridges (by Nicola Twilley, Wired)
The World’s Most Popular 3D-Printed Gun Was Designed by an Aspiring Terrorist (by Rajan Basra, Wired)
Google’s Nonconsensual Explicit Images Problem Is Getting Worse (by Paresh Dave, Wired)
The problematic chemicals fueling America’s EV revolution (by Jana Cholakovska, Pooja Sarkar, Alec Gitelman, Emilie Rosso, & Clare Fieseler, Grist)
The most common type of EV battery is a growing source of 'forever chemical' pollution, scientists say (by Catherine Boudreau, Business Insider) (Here I thought I was helping)
Priscila, Queen of the Rideshare Mafia (by Lauren Smiley, Wired)
Barbosa couldn’t have predicted where her striving would end: that she’d become the heavy in a web of fraud. That she’d expose the gig economy’s embarrassing blind spot. That, one day, multibillion-dollar companies like Uber and DoorDash would cry victim. Her victim. Or that she’d fall so far, or that her relationship with Uncle Sam would grow so deeply twisted and codependent.
Two Reporters Covering Education in the Midwest Followed the Money … to a School in New York (by Jennifer Smith Richards and Jodi S. Cohen, ProPublica) (I’ve been fascinated with Shrub Oak since I first read the original report by ProPublica. The saga just continues here)
Defeated by A.I., a Legend in the Board Game Go Warns: Get Ready for What’s Next (by Daisuke Wakabayashi and Jin Yu Young, New York Times) (AI proves that it’s better than you at your thing. If the tech bros get their way, this could be a story about us)
It’s never been easier for the cops to break into your phone (by Gaby Del Valle, The Verge) (He used a Samsung device, but the market for these types of devices aren’t going anywhere)
Lab-Grown Diamonds Are Everywhere. This Company Thinks It Has the Secret to Making Them High-End (by Chris Hall, Wired) (Does saying “I love you” truly have to be so expensive? Maybe not!)
Inside the Risky U.S. Probe of Allegations That Drug Mafias Financed a Campaign of Mexico’s President López Obrador (by Tim Golden, ProPublica)
Drug Traffickers Said They Backed an Early Campaign of Mexico’s President. But U.S. Agents Were Done Investigating. (by Tim Golden, ProPublica) (These are just good journalism articles)
How to Feed the Olympics (by Jaya Saxena, Eater) (3 million bananas!?)
Why Paris 2024 Olympic Athletes Are Sleeping on Cardboard Beds (by Riccardo Piccolo, Wired) (Apparently it’s not to stop athletes from having sex! There’s 300k condoms for that)
Telegram zero-day allowed sending malicious Android APKs as videos (by Bill Toulas, Bleeping Computer) (If you’re on Android and use Telegram, be safe out there)
Listen:
The Economics of Everyday Things
(This is a podcast I’ve been enjoying lately. Helps bring in the money aspect of how everyday things we over think actually work. Learn about Car Colors, Food Trucks, or even Strippers, if you need a place to start.)
Buy:
Full disclosure before I drop some links: These are NOT affiliate links. I get no kick back from any of these links. These are just things I wish I could buy for myself. Showing it off in case you find them interesting.
RAZER KITSUNE (Evo 2024 was this past weekend. I had it on in the background all weekend. Noticed this style of controller. Obviously I daydreamed of owning one and using it to play at next year’s Evo tournament).
Oura Ring (Samsung just announced their version of this product. All the fitness features you’re meant to be using from your watch, but on your finger. Unfortunately, I’m not a ring kind of guy)
Ray-Ban Meta Smart Glasses (Being a human who wears glasses all day, these things are dope! I could use them as glasses, headphones, and a camera!?!? Too bad I refuse to use a product by Meta. Going to have to consider alternatives.)
ESR Find My Wallet (Something you may not know about me is I obsess over finding the right item/app/anything for my life. I can’t tell you how many wallets I’ve gone through searching for the right now. This ticks a lot of boxes but it ain’t the style for me. But damn is it close.)
If you enjoyed this, share it with someone.