GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Derb of the Swamplands (derb@noauthority.social)'s status on Sunday, 21-Jul-2024 23:27:32 JST Derb of the Swamplands Derb of the Swamplands

    This still doesn't describe how bad the impact was. My employer was globally impacted and just my devision has 50k users!

    Navigating the CrowdStrike
    Outage: Insights from a Tech Industry Veteran - Gigaom https://gigaom.com/2024/07/19/navigating-the-crowdstrike-outage-insights-from-a-tech-industry-veteran/

    In conversation about 11 months ago from noauthority.social permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: gigaom.com
      Navigating the CrowdStrike Outage: Insights from a Tech Industry Veteran
      from @gigaom
      As a seasoned CIO/CISO and tech industry analyst with 35 years of experience, I’ve seen my fair share of cybersecurity incidents. However, the recent CrowdStrike outage stands out due to its extensive impact across multiple sectors.
    • Embed this notice
      Pattern Recognitionist (justaslave@noauthority.social)'s status on Sunday, 21-Jul-2024 23:27:31 JST Pattern Recognitionist Pattern Recognitionist
      in reply to

      @Derb

      Just image how bad it would have been if Linux systems were impacted.

      In conversation about 11 months ago permalink
    • Embed this notice
      djsumdog (djsumdog@djsumdog.com)'s status on Sunday, 21-Jul-2024 23:27:31 JST djsumdog djsumdog
      in reply to
      • Pattern Recognitionist
      They did have a Linux issue not that long ago:

      https://www.neowin.net/news/crowdstrike-broke-debian-and-rocky-linux-months-ago-but-no-one-noticed/

      Sounds like it was back when they were using the kernel module instead of eBPF. Their Linux falcon sensor was such a colossal piece of shit developer they'd have build servers create kernel modules for every possible Linux distribution they supported and have the client download and install that binary module (instead of using DKMS).

      So in this instance it took down a limited subset of servers, only due to their horrific inability to develop Linux software in any kind of sane way. I spoke out how dangerous Falcon Sensor was at my last job and they just snowplowed though installing it everywhere.

      It's still a security timebomb waiting to happen.
      In conversation about 11 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: cdn.neowin.com
        CrowdStrike broke Debian and Rocky Linux months ago, but no one noticed
        from https://www.facebook.com/pradeepviswav
        CrowdStrike recently caused a widespread Blue Screen of Death (BSOD) issue on Windows PCs, disrupting various sectors. However, this was not an isolated incident, CrowdStrike affected Linux PCs also.
    • Embed this notice
      Pattern Recognitionist (justaslave@noauthority.social)'s status on Monday, 22-Jul-2024 01:59:09 JST Pattern Recognitionist Pattern Recognitionist
      in reply to
      • djsumdog

      @djsumdog @Derb

      I can see why no one noticed. If it had broken CentOs, or RedHat (most servers run these) it would have been a different story

      In conversation about 11 months ago permalink
    • Embed this notice
      djsumdog (djsumdog@djsumdog.com)'s status on Monday, 22-Jul-2024 01:59:09 JST djsumdog djsumdog
      in reply to
      • Pattern Recognitionist
      Rocky Mountain Linux is RedHat (rebranded). And yes, it totally took down RHEL servers too:

      https://access.redhat.com/solutions/7068083
      In conversation about 11 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: access.redhat.com
        Kernel panic observed after booting 5.14.0-427.13.1.el9_4.x86_64 by falcon-sensor process. - Red Hat Customer Portal
        eBPF program causes kernel panic on kernels 5.14.0-410+ . Below is an example of a kernel panic on the falcon-sensor process, observed after booting on kernel version 5.14.0-427.13.1.el9_4.x86_64. [ 462.396258] BUG: unable to handle page fault for address: ffff9a4bdb0f2d88 [ 462.396291] #PF: supervisor write access in kernel mode [ 462.396309] #PF: error_code(0x0002) - not-present page [ 462.396327] PGD 14e203067 P4D 14e203067 PUD 0 [ 462.396345] Oops: 0002 [#1] PREEMPT SMP NOPTI [ 462.397204] CPU: 1 PID: 6496 Comm: falcon-sensor-b Kdump: loaded Not tainted 5.14.0-427.13.1.el9_4.x86_64 #1 [ 462.397838] Hardware name: VMware, Inc. VMware7,1/440BX Desktop Reference Platform, BIOS VMW71.00V.21100432.B64.2301110304 01/11/2023 [ 462.398482] RIP: 0010:backtrack_insn+0x408/0x800 [ 462.399131] Code: 30 00 0f 85 64 fd ff ff 41 ba 01 00 00 00 b9 01 00 00 00 45 8d 48 ff 44 89 d0 d3 e0 85 c2 74 0f 89 c6 f7 d6 21 d6 89 74 bb 0c 09 44 8b 0c 83 c1 01 83 f9 06 0f 84 71 01 00 00 44 89 d0 8b 54 [ 462.400531] RSP: 0018:ffffbdf980977a80 EFLAGS: 00010246 [ 462.401231] RAX: 0000000000000002 RBX: ffff9a47db0f2d80 RCX: 0000000000000001 [ 462.401937] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 462.402631] RBP: ffff9a47db0f0000 R08: 0000000000000000 R09: 00000000ffffffff [ 462.403325] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000058 [ 462.404026] R13: ffff9a47db0f0a90 R14: ffff9a47ea2f6000 R15: ffffbdf982a5f300 [ 462.404722] FS: 00007f8228020740(0000) GS:ffff9a48b5e40000(0000) knlGS:0000000000000000 [ 462.405432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 462.406152] CR2: ffff9a4bdb0f2d88 CR3: 000000012b41a000 CR4: 00000000003506e0 [ 462.406901] Call Trace: [ 462.407611] [ 462.408306] ? srso_return_thunk+0x5/0x5f [ 462.408999] ? show_trace_log_lvl+0x26e/0x2df [ 462.409686] ? show_trace_log_lvl+0x26e/0x2df [ 462.410372] ? __mark_chain_precision+0x166/0x630 [ 462.411058] ? __die_body.cold+0x8/0xd [ 462.411742] ? page_fault_oops+0x134/0x170 [ 462.412429] ? srso_return_thunk+0x5/0x5f [ 462.413135] ? kernelmode_fixup_or_oops+0x84/0x110 [ 462.413823] ? exc_page_fault+0xa8/0x150 [ 462.414512] ? asm_exc_page_fault+0x22/0x30 [ 462.415210] ? backtrack_insn+0x408/0x800 [ 462.415909] ? copy_array+0x4d/0xb0 [ 462.416621] ? __pfx_verbose+0x10/0x10 [ 462.417321] ? __pfx_disasm_kfunc_name+0x10/0x10 [ 462.418023] __mark_chain_precision+0x166/0x630 [ 462.418725] check_cond_jmp_op+0x738/0xbd0 [ 462.419432] ? is_state_visited+0x450/0x740 [ 462.420157] do_check+0x85b/0xac0 [ 462.420854] do_check_common+0x2a9/0x340 [ 462.421566] bpf_check+0xf7c/0x10a0 [ 462.422250] ? srso_return_thunk+0x5/0x5f [ 462.422929] ? __kmem_cache_alloc_node+0x1c7/0x2d0 [ 462.423578] ? __x86_indirect_jump_thunk_r15+0x20/0x5e [ 462.424234] bpf_prog_load+0x636/0x970

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.