• RubberDuck
    link
    English
    314 months ago

    This is going to turn out it was a hack in several months right?

    • @[email protected]
      link
      fedilink
      English
      534 months ago

      Won’t take that long, security researchers are already decompiling the update to see if it was malicious or incompetence.

      • RubberDuck
        link
        English
        264 months ago

        This is going to be Solarwinds all over again I can just smell it.

      • @[email protected]
        link
        fedilink
        English
        -194 months ago

        You won’t find the incompetence in the software no matter what.

        If you fail to assume that the software contains issues – if you fail to understand that your software is made by humans and humans make mistakes, not because they’re bad but because they’re human – and if you fail to implement mechanisms to feel gracefully with inevitable failures, THAT is the incompetence.

        Failures are systemic.

        • @[email protected]
          link
          fedilink
          English
          334 months ago

          Oh yes I make those failures myself, testing and staging and limited release schedules save my human failures from breaking the world

        • @UnderpantsWeevil
          link
          English
          14 months ago

          No idea why this relatively banal truth is getting so many downvotes

          • @[email protected]
            link
            fedilink
            English
            14 months ago

            One funny thing about humans is that they aren’t just gloriously fallible: they also get quite upset when that’s pointed out. :)

            Unfortunately, that’s also how you end up with blameful company cultures that actively make reliability worse, because then your humans make just the same amounts of mistakes, but they hide them – and you never get a chance to evolve your systems with the safeguards that would have prevented these.

      • RubberDuck
        link
        English
        5
        edit-2
        4 months ago

        A lot of companies will get calls from the “provider” offering help with mitigation so that additional features can also be installed. This is a time to be extra wary.

        Edited: spelling

        • @reattach
          link
          English
          64 months ago

          deleted by creator

      • @[email protected]
        link
        fedilink
        English
        04 months ago

        Think big. This may have had a target. But hitting the target only wasn’t possible so everyone got hit.

        It’s possible those responsible only had this weapon that was capable of hitting the target, maybe the plan was to disrupt world flights to make someone late tomorrow, who knows. Maybe poo-tin or Xi-the-Pooh wanted to hit America and its allies?

        • @[email protected]
          link
          fedilink
          English
          5
          edit-2
          4 months ago

          A state actor will use more precise techniques to attack specific targets. Think SolarWinds and Stuxnet.

          Ransomware doesn’t apply here and tends to depend on phishing first anyway.

          Even terrorists have specific targets in mind.

          So it’s either Bond villains or incompetence.

          Edit: The only way i can fit your comment would be an incompetent script kiddy. Even then, doesn’t make sense as all systems were not directly attacked, as would be the case, but rather through what would have to be a side-channel attack, so no.

    • @UnderpantsWeevil
      link
      English
      154 months ago

      Never attribute to maliciousness that which can be explained by incompetence.

      That said, I’m sure the Crowdstrike CEO is currently on a phone call with three of their pet Congresscritters asking if they can get a $100M grant to harden their systems against Russia/China/NKorea/Antifa interference right now.

        • @Raxiel
          link
          English
          64 months ago

          “We need to get more of our own gay furries! There’s a gay furry gap!”

      • @[email protected]
        link
        fedilink
        English
        34 months ago

        If I ever become a super 1337 hacker I’m going to setup all of my exploits to look like it could be regular mismanagement, thanks for the advice

      • @rottingleaf
        link
        English
        24 months ago

        While being simultaneously gang…handled by the unnamed 3-letter agencies representatives