Email or username:

Password:

Forgot your password?
Quinn's posts Post Back to profile
Top-level
Quinn Norton

At some point we need to start investigating the body count and ruined lives linked to these outages. 911 service is down in some places in America. CrowdStrike is killing people today, but they will not have to answer for it. There's not criminal negligence if you're a technology company, and there needs to be.

19 July at 11:06 | Open on social.circl.lu
3 comments
Gilles Massen

@quinn There is certainly something to be said about neglicence in technology, but I would not exclude the infrastructure organisations that created knowingly a single point of failure and handed the trigger to an external entity.
I don't get how this cannot be glaring red in any risk assessment.

19 July at 11:16 | Open on mastodon.opencloud.lu
Râu Cao ⚡

@quinn The negligence is on the part of whoever thought using cloud products for this was a good idea. Anyone can offer any shitty product, but you're not forced to purchase and use it for critical services, are you?

19 July at 11:33 | Open on kosmos.social
Leszek

@raucao @quinn About the "not forced" thing, they kind of are.

'HAE-NCF-1: There should be a unified endpoint management (UEM) [48] solution in place to
manage and secure all endpoints...' from NIST SP 800-215

Not any specific brand or solution, but to be honest is there a big worst case scenario difference between Crowdstrike and its competitors? I'm oversimplifying but all of them require more or less a centralized management console with full admin access to endpoints.

19 July at 11:49 | Open on chaos.social
Go Up