Email or username:

Password:

Forgot your password?
hanno's posts Post Back to profile
Top-level
hanno

I'm mentioning citrix specifically because it really boggles my mind how they can be still in business. In case you don't remember, there were countless gov entities, hospitals, and what not, hacked in 2020, due to a really epic fuckup by citrix. It was a flaw they knew about, and hadn't provided a fix, only an unreliable workaround that sometimes didn't work.

19 July at 12:18 | Open on mastodon.social
15 comments
hanno

Actually, the value of Citrix rose after that: marketscreener.com/quote/stock These things have no consequences for these companies, it's a completely broken market. I'm reading news that crowdstrike's value dropped, I have doubts that this will be permanent.

19 July at 12:20 | Open on mastodon.social
Bálint Szilakszi

@hanno not if major news orgs don’t even get the company name right:
19 July at 12:23 | Open on x0r.be
LinuxUserGD

@szbalint @hanno Seems to be technically right because the BSOD is a Microsoft Windows outage

19 July at 13:56 | Open on mastodon.gamedev.place
Ash_Crow

@HugeGameArtGD @szbalint @hanno it's still caused by a third party software. Had they broken their Linux updater instead of the Windows one, we would get kernel error screens.

19 July at 14:09 | Open on mastodon.social
LinuxUserGD

@Ash_Crow @szbalint @hanno
The title is misleading, though Cloudstrike is mentioned later in the article.
"The outage has been blamed on a security update from US group CrowdStrike, which caused a problem with Microsoft’s Windows."
archive.is/20240719080823/http

19 July at 14:23 | Open on mastodon.gamedev.place
MarvinFreeman

@Ash_Crow @HugeGameArtGD @szbalint @hanno Serious question: Why is #cloudstrike deployed almost everywhere with windows? Is it pushed by MS? Or recommended? Or packaged with MS products?

19 July at 18:16 | Open on mastodon.online
Jake Hildreth :blacker_heart_outline:

@MarvinFreeman @Ash_Crow @HugeGameArtGD @szbalint @hanno It’s not packaged with or pushed by MS; it’s just the best EDR.

19 July at 18:19 | Open on infosec.exchange
Ash_Crow

@horse @MarvinFreeman @HugeGameArtGD @szbalint @hanno It's also not deployed everywhere. It seems like it is used by "nearly 60% of Fortune 500 companies and more than half of the Fortune 1,000 ", per en.wikipedia.org/wiki/2024_Cro

19 July at 18:22 | Open on mastodon.social
👻👻 Flippin' spook, Tucker!

@MarvinFreeman @Ash_Crow @HugeGameArtGD @szbalint @hanno It's not by any means deployed everywhere with WIndows. They have almost no market impact in the consumer space, for example, which is why millions of people turned on their home Windows machines today and had no problems at all.

But in the business world, there are only a few companies offering that sort of product. So let's say they have a (guessing) 10% market share -- that means 10% of businesses will be hit by the problem. That's a lot of high-visibility outages.

@MarvinFreeman @Ash_Crow @HugeGameArtGD @szbalint @hanno It's not by any means deployed everywhere with WIndows. They have almost no market impact in the consumer space, for example, which is why millions of people turned on their home Windows machines today and had no problems at all.

But in the business world, there are only a few companies offering that sort of product. So let's say they have a (guessing) 10% market share -- that means 10% of businesses will be hit by the problem. That's a lot...

19 July at 18:34 | Open on social.chatty.monster
Felix Dreissig

@hanno As long as everyone is affected, nobody did much wrong. 🤷‍♂️

19 July at 12:26 | Open on chaos.social
Dan Veditz

@F30 @hanno

As people said last century, "Nobody gets fired for buying IBM."

19 July at 18:32 | Open on infosec.exchange
Adam Dalliance

@hanno Thousands of investors have now heard of CrowdStrike who had never heard of it before, and the stock is at 20% discount!

19 July at 13:11 | Open on boing.world
Steve Canon

@hanno shows dumb money that doesn't understand what they do how widely used their product is.

19 July at 13:13 | Open on discuss.systems
Charles U. Farley

@hanno Having worked in tech for 30 years and for multiple security companies, I 100% agree. Google is the only one I've worked for that comes close to being the exception, and I think it's just because their security expertise is hard won in keeping *themselves* secure.

19 July at 17:23 | Open on retro.social
VanillaSkunk

@hanno For one... I have a ton of Dell thin clients that... just do Citrix connections and nothing else. That's their factory design.

You can't just stop when it means deleting a bunch of computer terminals too.

19 July at 14:11 | Open on cubhub.social
Go Up