CrowdStrike blames testing bugs for security update that took down 8.5M Windows PCs

Jump to latest Follow Reply
Status
You're currently viewing only SportivoA's posts. Click here to go back to viewing the entire thread.
Muted (0)
Sort by date Sort by votes
SportivoA

SportivoA

Ars Tribunus Militum
1,529
  • #135
    GrumpyExSpaceDude said:
    This very interesting post goes into the terms of service and basically concludes that "we told you not to use this software on critical systems and if you did, it's on you"

    "THE OFFERINGS AND CROWDSTRIKE TOOLS ARE NOT FAULT-TOLERANT AND ARE NOT DESIGNED OR INTENDED FOR USE IN ANY HAZARDOUS ENVIRONMENT REQUIRING FAIL-SAFE PERFORMANCE OR OPERATION."

    https://www.hackerfactor.com/blog/index.php?/archives/1038-When-the-Crowd-Strikes-Back.html
    Click to expand...
    There's a huge difference between "don't hook this up to something that keeps a person alive or a turbine from exploding" and "day-to-day business can't happen if 100% of our customer-facing employees can't boot their device". If 1% or even 5% of the computers in hospitals and airports stopped working, it'd hurt, but wouldn't be an impossible-to-mitigate disaster. That's unacceptable for "hazardous" and "fail-safe" type applications in general. When none of the customer-facing employees can do their job duties to manage the customers in their location because an uncontrolled, improperly, and incompletely checked update took out EVERYTHING in the building it's different. And then you do get an impossible-to-mitigate disaster because your software vendor screwed up and never gave you control of limiting their screw-up's effect on your systems!
     
    Upvote
    10 (10 / 0)
    You must log in or register to reply here.
    Status
    You're currently viewing only SportivoA's posts. Click here to go back to viewing the entire thread.
    Jump to latest Follow Reply
    Jump to latest Follow Reply