1. Forum
  2. Usenet
  3. UK.COMP.SYS.MAC

  • [OT] Microsoft Outage 2024-07-19

    From Alan B@21:1/5 to All on Fri Jul 19 08:17:19 2024
    It seems some software from a company called Crowdstrike may have caused the issues. MyWin11 VM seems OK though (so far). MS seem to have shot themselves
    in the foot - rather than the ear ;)

    <https://www.bbc.co.uk/news/live/cnk4jdwp49et>

    --
    Cheers, Alan

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Alan B@21:1/5 to Alan B on Sat Jul 20 05:07:34 2024
    Alan B <alanrichardbarker@gmail.com.invalid> wrote:
    It seems some software from a company called Crowdstrike may have caused the issues. My Win11 VM seems OK.

    Which is hardly surprising since I don’t have the Falcon package installed
    or ever likely to do so. Replacing the VM with a recent backup or creating
    a new one would not be difficult on an individual basis but clearly it’s
    not as simple as that in the corporate world.

    --
    Cheers, Alan

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Alan B@21:1/5 to Alan B on Mon Jul 22 06:59:16 2024
    Alan B <alanrichardbarker@gmail.com.invalid> wrote:
    Alan B <alanrichardbarker@gmail.com.invalid> wrote:
    It seems some software from a company called Crowdstrike may have caused the >> issues. My Win11 VM seems OK.

    Which is hardly surprising since I don’t have the Falcon package installed or ever likely to do so. Replacing the VM with a recent backup or creating
    a new one would not be difficult on an individual basis but clearly it’s not as simple as that in the corporate world.

    Howard Oakley has today suggested a similar incident is less likely to
    happen with macOS largely due to the move to eliminate kernel extensions in favour of system extensions running in user rather than kernel space.

    <https://eclecticlight.co/2024/07/22/could-our-macs-be-crowdstruck/>

    --
    Cheers, Alan

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Chris Ridd@21:1/5 to Alan B on Fri Aug 9 19:04:28 2024
    On 22/07/2024 07:59, Alan B wrote:
    Alan B <alanrichardbarker@gmail.com.invalid> wrote:
    Alan B <alanrichardbarker@gmail.com.invalid> wrote:
    It seems some software from a company called Crowdstrike may have caused the
    issues. My Win11 VM seems OK.

    Which is hardly surprising since I don’t have the Falcon package installed >> or ever likely to do so. Replacing the VM with a recent backup or creating >> a new one would not be difficult on an individual basis but clearly it’s >> not as simple as that in the corporate world.

    Howard Oakley has today suggested a similar incident is less likely to
    happen with macOS largely due to the move to eliminate kernel extensions in favour of system extensions running in user rather than kernel space.

    <https://eclecticlight.co/2024/07/22/could-our-macs-be-crowdstruck/>

    We are forced to use Crowdstrike on our work Macs and Linux boxes.

    So although Crowdstrike might not crash your Mac, it will consume a lot
    of CPU and cause your computer fans to go full tilt. Like a denial of
    service attack :-(

    --
    Chris

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From =?UTF-8?Q?J=C3=B6rg_Lorenz?=@21:1/5 to All on Sat Aug 10 08:15:56 2024
    Am 09.08.24 um 20:04 schrieb Chris Ridd:
    On 22/07/2024 07:59, Alan B wrote:
    Alan B <alanrichardbarker@gmail.com.invalid> wrote:
    Alan B <alanrichardbarker@gmail.com.invalid> wrote:
    It seems some software from a company called Crowdstrike may have caused the
    issues. My Win11 VM seems OK.

    Which is hardly surprising since I don’t have the Falcon package installed
    or ever likely to do so. Replacing the VM with a recent backup or creating >>> a new one would not be difficult on an individual basis but clearly it’s >>> not as simple as that in the corporate world.

    Howard Oakley has today suggested a similar incident is less likely to
    happen with macOS largely due to the move to eliminate kernel extensions in >> favour of system extensions running in user rather than kernel space.

    <https://eclecticlight.co/2024/07/22/could-our-macs-be-crowdstruck/>

    We are forced to use Crowdstrike on our work Macs and Linux boxes.

    So although Crowdstrike might not crash your Mac, it will consume a lot
    of CPU and cause your computer fans to go full tilt. Like a denial of
    service attack :-(

    As long as these are your employers machines nobody can complain.


    --
    De gustibus non est disputandum

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From TimS@21:1/5 to Chris Ridd on Sat Aug 10 09:23:34 2024
    On 9 Aug 2024 at 19:04:28 BST, "Chris Ridd" <chrisridd@mac.com> wrote:

    On 22/07/2024 07:59, Alan B wrote:
    Alan B <alanrichardbarker@gmail.com.invalid> wrote:
    Alan B <alanrichardbarker@gmail.com.invalid> wrote:
    It seems some software from a company called Crowdstrike may have caused the
    issues. My Win11 VM seems OK.

    Which is hardly surprising since I don’t have the Falcon package installed
    or ever likely to do so. Replacing the VM with a recent backup or creating >>> a new one would not be difficult on an individual basis but clearly it’s >>> not as simple as that in the corporate world.

    Howard Oakley has today suggested a similar incident is less likely to
    happen with macOS largely due to the move to eliminate kernel extensions in >> favour of system extensions running in user rather than kernel space.

    <https://eclecticlight.co/2024/07/22/could-our-macs-be-crowdstruck/>

    We are forced to use Crowdstrike on our work Macs and Linux boxes.

    Who is forcing you, and what is the supposed benefit? In short, wossit for?

    --
    Tim

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Jaimie Vandenbergh@21:1/5 to TimS on Sat Aug 10 10:57:31 2024
    On 10 Aug 2024 at 10:23:34 BST, "TimS" <tim@streater.me.uk> wrote:

    On 9 Aug 2024 at 19:04:28 BST, "Chris Ridd" <chrisridd@mac.com> wrote:

    On 22/07/2024 07:59, Alan B wrote:
    Alan B <alanrichardbarker@gmail.com.invalid> wrote:
    Alan B <alanrichardbarker@gmail.com.invalid> wrote:
    It seems some software from a company called Crowdstrike may have caused the
    issues. My Win11 VM seems OK.

    Which is hardly surprising since I don’t have the Falcon package installed
    or ever likely to do so. Replacing the VM with a recent backup or creating >>>> a new one would not be difficult on an individual basis but clearly it’s >>>> not as simple as that in the corporate world.

    Howard Oakley has today suggested a similar incident is less likely to
    happen with macOS largely due to the move to eliminate kernel extensions in >>> favour of system extensions running in user rather than kernel space.

    <https://eclecticlight.co/2024/07/22/could-our-macs-be-crowdstruck/>

    We are forced to use Crowdstrike on our work Macs and Linux boxes.

    Who is forcing you, and what is the supposed benefit? In short, wossit for?

    Work's IT dept, and it's a fleet management system. Agents running on
    computers and other devices for security, management, remote wipe, AV,
    VPN, threat detection etc etc blah blah.

    Chews up half a Mac M1's resources, it's awful. Let alone what it does
    when it gets a bad update, as seen recently.

    Cheers - Jaimie
    --
    The only thing we learn from history is that we learn
    nothing from history.
    -- Hegel

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Chris Ridd@21:1/5 to Jaimie Vandenbergh on Sun Aug 11 11:13:27 2024
    On 10/08/2024 11:57, Jaimie Vandenbergh wrote:
    On 10 Aug 2024 at 10:23:34 BST, "TimS" <tim@streater.me.uk> wrote:

    On 9 Aug 2024 at 19:04:28 BST, "Chris Ridd" <chrisridd@mac.com> wrote:

    On 22/07/2024 07:59, Alan B wrote:
    Alan B <alanrichardbarker@gmail.com.invalid> wrote:
    Alan B <alanrichardbarker@gmail.com.invalid> wrote:
    It seems some software from a company called Crowdstrike may have caused the
    issues. My Win11 VM seems OK.

    Which is hardly surprising since I don’t have the Falcon package installed
    or ever likely to do so. Replacing the VM with a recent backup or creating
    a new one would not be difficult on an individual basis but clearly it’s
    not as simple as that in the corporate world.

    Howard Oakley has today suggested a similar incident is less likely to >>>> happen with macOS largely due to the move to eliminate kernel extensions in
    favour of system extensions running in user rather than kernel space.

    <https://eclecticlight.co/2024/07/22/could-our-macs-be-crowdstruck/>

    We are forced to use Crowdstrike on our work Macs and Linux boxes.

    Who is forcing you, and what is the supposed benefit? In short, wossit for?

    Work's IT dept, and it's a fleet management system. Agents running on computers and other devices for security, management, remote wipe, AV,
    VPN, threat detection etc etc blah blah.

    A lot of it is so can more easily achieve compliance with things like
    HIPAA, FEDRAMP, probably GDPR etc. These sorts of things are mandatory
    when you have certain kinds of customers.

    No doubt there are other less awful ways to achieve compliance, but
    they'd be more work than just throwing money at Crowdstrike. You can
    just say something like we use a HIPAA certified vendor to ensure our
    endpoints are protected (missus), so tick that box.

    --
    Chris

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From TimS@21:1/5 to Chris Ridd on Sun Aug 11 14:33:37 2024
    On 11 Aug 2024 at 11:13:27 BST, "Chris Ridd" <chrisridd@mac.com> wrote:

    On 10/08/2024 11:57, Jaimie Vandenbergh wrote:
    On 10 Aug 2024 at 10:23:34 BST, "TimS" <tim@streater.me.uk> wrote:

    On 9 Aug 2024 at 19:04:28 BST, "Chris Ridd" <chrisridd@mac.com> wrote:

    On 22/07/2024 07:59, Alan B wrote:
    Alan B <alanrichardbarker@gmail.com.invalid> wrote:
    Alan B <alanrichardbarker@gmail.com.invalid> wrote:
    It seems some software from a company called Crowdstrike may have caused the
    issues. My Win11 VM seems OK.

    Which is hardly surprising since I don’t have the Falcon package installed
    or ever likely to do so. Replacing the VM with a recent backup or creating
    a new one would not be difficult on an individual basis but clearly it’s
    not as simple as that in the corporate world.

    Howard Oakley has today suggested a similar incident is less likely to >>>>> happen with macOS largely due to the move to eliminate kernel extensions in
    favour of system extensions running in user rather than kernel space. >>>>>
    <https://eclecticlight.co/2024/07/22/could-our-macs-be-crowdstruck/>

    We are forced to use Crowdstrike on our work Macs and Linux boxes.

    Who is forcing you, and what is the supposed benefit? In short, wossit for? >>
    Work's IT dept, and it's a fleet management system. Agents running on
    computers and other devices for security, management, remote wipe, AV,
    VPN, threat detection etc etc blah blah.

    A lot of it is so can more easily achieve compliance with things like
    HIPAA, FEDRAMP, probably GDPR etc. These sorts of things are mandatory
    when you have certain kinds of customers.

    No doubt there are other less awful ways to achieve compliance, but
    they'd be more work than just throwing money at Crowdstrike. You can
    just say something like we use a HIPAA certified vendor to ensure our endpoints are protected (missus), so tick that box.

    They'll be forcing you to use Ada, and ISO networking protocols, next.

    --
    Tim

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Chris Ridd@21:1/5 to TimS on Mon Aug 12 17:03:02 2024
    On 11/08/2024 15:33, TimS wrote:
    They'll be forcing you to use Ada, and ISO networking protocols, next.

    I doubt Crowdstrike would know what to do with a TSAP. Crash, probably.

    --
    Chris

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)