• Lessons learned from CrowdStrike

    Home » Forums » Newsletter and Homepage topics » Lessons learned from CrowdStrike

    Author
    Topic
    #2691305

    ISSUE 21.31 • 2024-07-29 ON SECURITY By Susan Bradley It’s been over a week since the technology meltdown that impacted airlines, some banks, and even
    [See the full post at: Lessons learned from CrowdStrike]

    Susan Bradley Patch Lady/Prudent patcher

    Viewing 24 reply threads
    Author
    Replies
    • #2691306

      Microsoft was not the culprit — this was not a bug or something induced by an update

      Microsoft can’t come clear/clean it is too culprit and is to blame as much as CrowdStrike for its negligence protecting Windows kernel.
      You are right that it wasn’t a Microsoft bug. It was a feature.

      The lesson ? Copy Apple, which Microsoft will probably do

      2 users thanked author for this post.
      • #2691463

        Remember Alex, the EU mandated that it allow vendors into the kernel.  Don’t blame a company that has to abide by regulations.  Because apple doesn’t have the market share they can do different things.

        Susan Bradley Patch Lady/Prudent patcher

        4 users thanked author for this post.
        • #2691548

          Microsoft’s “the devil made me do it” defense is actually foolish and demonstrates weakness.

          Why force every Windows user in the world to be exposed to something that EU politicians mandated for businesses operating in their sphere?  (It should make you wonder what exposures they are willingly maintaining for other political entities.)

          Microsoft should have designed and implemented the “best” solution.  If a political entity wants to include a specific vulnerability, provide it only in that sphere and with plenty of warnings about the potential consequences.

          Microsoft should have done better.

    • #2691315

      I’ve used BitLocker in the past on my home desktop and two laptop computers, but over time, I decided that it was more bother than the added security it provided was worth. I have a fire-proof safe in my home office, and I kept hard copies of my recovery keys there. As a second line of defense, I stored those keys in my password manager’s online vault, along with the name of the computer each key belonged to, in the notes attached to my Microsoft email account item. This worked well for me, because I dual-boot Windows with GNU/Linux on all three of my devices, and I have access to my password manager on those OSes as well, so if BitLocker locks me out of my Windows system, I can get recovery information from within my GNU/Linux installation. I believe that important information should be backed up (stored in at least two places), and keeping my BitLocker recovery keys in my home safe, and online in my password manager’s vault, constitutes two places, so they were backed up. For people who don’t use GNU/Linux on a computer, you should be able to install your password manager’s web browser add-on to your browser, so you have access to your vault from there.

      I hope this helps others,

      Ernie

      2 users thanked author for this post.
    • #2691332

      Thanks Susan, but don’t forget that there is a world outside of the USA. In Australia the national radio and TV broadcaster the Australian Broadcasting Corporation (ABC) was severely hit. Radio in particular was off air for a couple of hours, and not back to normal for close to 2 days. Several domestic airlines had to cancel all flights for a day. This was by no means a Nth American problem.

      Thanks,
      Brett Fewings

      2 users thanked author for this post.
    • #2691396

      I live on the 9th floor of a 10 story condo and it’s very doubtful that anyone can gain access to my or my wife’s workstations.  Neither one of us really has any sensitive files at all and we each  have a robust password manager.  I cannot see the need for Bitlocker on either one of our machines (there is a third PC that is only used for streaming to our flatscreen TV and all that has is the OS drive and a second drive with saved movies on it.  We also have multiple back up solutions in case something happens.

      I don’t think Microsoft should be playing the role of nanny with respect to consumers or businesses.  Probably 90% of Windows users have no clue what Bitlocker is or the importance of saving the key in the event of a drive failure.  My feeling is that if this is going to be an direct feature, it should be opt in and not opt out.  Keep it simple Microsoft.

      2 users thanked author for this post.
      • #2691402

        Probably 90% of Windows users have no clue what Bitlocker is or the importance of saving the key in the event of a drive failure.

        That’s why they made it automatic (including saving the recovery key).

        • #2691428

          I had a client this week that had this problem. He had no idea that Bitlocker had been turned on; many of my clients don’t know because Microsoft never tells them that it’s been applied.

          Microsoft also didn’t save the Bitlocker recovery key into his Microsoft account. Therefore, after some struggles and much discussion, I had to blank his boot drive and reinstall Windows 11. Luckily, most, but not all of his files were in OneDrive.

          3 users thanked author for this post.
          • #2691433

            Microsoft also didn’t save the Bitlocker recovery key into his Microsoft account.

            Is it in yours (if you set up the computer for him)?

            • #2691448

              First time client; he called me after the update locked his ssd.

              For my business clients where FDE is mandated (for instance, insurance agents) I have their BitLocker keys and identifiers in an encrypted file.

              • This reply was modified 9 months, 2 weeks ago by sgtaylor50. Reason: added context
              1 user thanked author for this post.
            • #2691453

              When you have me intentionally activate BitLocker on your computer, I am given an opportunity to print, or save your BitLocker recovery key to your account, so if (for example) I set up BitLocker on your computer, and I choose to save it to ‘my’ Microsoft account, it will be saved to your Microsoft account, because the computer is logged on using your account, not mine. My recommendation to anyone who chooses to encrypt your computer’s drive(s), is to print AND save any BitLocker recovery keys to your Microsoft account, then also copy and store them in your password manager’s vault. This way, you have the multiple ways to access those recovery keys should the need arise.

              Ernie

          • #2691440

            Microsoft also didn’t save the Bitlocker recovery key into his Microsoft account.

            That’s unforgivable! MSFT! Get your act together! How can you put your user’s data at such risk in the name of security? You should be ashamed of your corporate self!

             

            Ernie

            1 user thanked author for this post.
          • #2691464

            It’s in someone’s Microsoft account.  I’ve never seen a computer where bitlocker is enabled and a Microsoft account used NOT have it backed up.  But it may not be in the account you think it is.

            Susan Bradley Patch Lady/Prudent patcher

            1 user thanked author for this post.
            • #2691468

              That’s another “gotcha” in a process that is already not obvious to the average User.
              IMHO,  Device Encryption should be opt-in so it is, at least, more obvious.

              4 users thanked author for this post.
            • #2691531

              IMHO, Drive Encryption should be opt-in so it is, at least, more obvious.

              Drive encryption is. Device encryption may not be.

            • #2691493

              That’s interesting, and I agree that that’s the way it should be. If it’s not saved to the computer owner’s/user’s Microsoft account, where else would it be? I’m just wondering,

              Ernie

            • #2691529
              1 user thanked author for this post.
            • #2691536

              If you bought a refurb’d that was at a college it may be under the Active directory of the college user.

              If you got your device from your firm, it’s under the active directory or Entra ID of your firm.

              It’s under the account that FIRST set it up.

              Susan Bradley Patch Lady/Prudent patcher

              1 user thanked author for this post.
        • #2691541

          Probably 90% of Windows users have no clue what Bitlocker is or the importance of saving the key in the event of a drive failure.

          That’s why they made it automatic (including saving the recovery key).

          So why did they make it so difficult to get into a locked device if you can’t get into your Microsoft Account? Or if any of the other scenarios where you don’t have the key in your own MS Account might be in play?

          -- rc primak

          • #2691571

            So why did they make it so difficult to get into a locked device if you can’t get into your Microsoft Account? Or if any of the other scenarios where you don’t have the key in your own MS Account might be in play?

            Why can’t you get into your Microsoft account?

            What other scenarios are there?

            • #2692006

              Susan gave an example where the computer was set up by someone else and the Bitlocker Key was not in the user’s own MS Account. There are lots of used business computers out there.

              -- rc primak

            • #2692067

              Susan gave an example where the computer was set up by someone else and the Bitlocker Key was not in the user’s own MS Account.

              That’s the only scenario.

              There are lots of used business computers out there.

              Re-furbished computers are re-formatted/re-installed.

            • #2697250

              Re-furbished computers are re-formatted/re-installed.

              Yes, refurbished does mean that. And hopefully, this also removes any Bitlocker which was set up.

              But I have known people who “inherited” used computers from businesses, and they were not reformatted and reinstalled. (With the business owners’ permission, of course.) This is the other possible scenario I think Susan may have been alluding to.

              -- rc primak

    • #2691421

      A minor point regarding Credit Cards. I use a service called ENO from a well known Credit Card Issuer. It’s an extension to my browser and creates (or re-uses) a unique Credit Card number whenever I purchase anything online. This CC number can only be used by that one merchant. I can also disable the CC number anytime I want. If a vendor seems a little sketchy, I can disable the card immediately after making the purchase. I feel a lot better about using my card online now.

      I know this has nothing to do with the CrowdStrike outage, but I like to share this info whenever it’s appropriate.

       

    • #2691429

      It’s really easy to check BitLocker status and turn it on or off, no command line nor GUI steps necessary.
      Go to Control Panel > BitLocker Drive Encryption.
      BitLocker Drive Encryption

      1 user thanked author for this post.
    • #2691449

      Probably 90% of Windows users have no clue what Bitlocker is or the importance of saving the key in the event of a drive failure.

      That’s why they made it automatic (including saving the recovery key).

      Those 90% don’t know what a Bitlocker key is or where it is saved.
      Bitlocker should be opt-in with a detailed explanation about encryption, key, recovery…

      4 users thanked author for this post.
    • #2691454

      Hi, Susan,

      Thanks for all you do to try and keep us Windows users sane <smile>.
      I am glad to see some awareness of BitLocker. I wish I had known more ab0ut it last November.

      In November 2023, I bought a new Dell XPS tower with a water-cooled i9-13900K processor and 64 GB of RAM. The machine came with a 2 TB NVMe system drive. I added a 4 TB NVMe drive for data and a 2 TB SATA SSD for landing my Dropbox.

      I never saw anything about BitLocker come up as a choice and no real notification that it was turned on. Both the boot drive and my new drive had BitLocker silently installed.

      My business is audio tape digitization and audio mastering.

      Sadly, as I started to ingest tapes to the machine, I had all sorts of glitching on a random basis. Fortunately, for the short term, my audio interface has a USB port and a Samsung i7 shield SSD served as a  useful way of ingesting audio while troubleshooting–but editing was still a pain.

      Dell essentially said “you only bought a hardware guarantee from us so we can’t help you until you reset the machine.” My local g00d-guy friend/computer consultant was at a loss.

      Before I reset the machine, I investigating removing the two drives that I added and somehow discovered that the 4TB drive was encoded with BitLocker…I then found the OS drive was also encoded. After finding my key in my Microsoft Account, I removed BitLocker from both drives but didn’t try the system before restoring it, as I didn’t think this might be the cause.

      I am still not 100% certain that it was the cause, as an audio mastering engineer said he had the same problem but he said BitLocker was turned off. The only other thing that I initially did was use my older i7-6700K/24 GB RAM computer as the model when I set up the i9 machine.

      So I can’t say for certain, but if someone (or a web page) had suggested to me early on to disable BitLocker, I might have saved weeks of extra work! Bringing a machine up to be MY machine takes time–subtle shortcuts and things like that.

      Of course, my backup machine also died during that time and I had to build that up from scratch as well!

      So, if anyone reading this has glitching audio/video on a new machine, please check BitLocker and please reply (if you can) to confirm (or not) that it solved your problem.

      1 user thanked author for this post.
      • #2692108

        as a sidenote – microsoft is a PAIN when it  comes to backing up the bitlocker recovery key.  I have my whole drive encrypted.  i go to back a recovery key, to my “D” drive, which is also encrypted.  microsoft won’t let me.  it forces me to insert a USB stick, OR back it up to my microsoft account.

        I DO NOT WANT TO ADD DATA to my microsoft account.

        I want to

        1. back the recovery key up to “D”  drive (encrypted).
        2. clone my d: drive to ONedrive (ENCRYPTED OUTGOING FILES from my system,  with syncovery)
        3. ADD the file to my Keepass password manager, as an attachment. (i can then retrieve the recovery key from my phone,  form which i can access keepass also)
        4. i then clone it to a separate external hard drive.

        I am fed up with companies forcing me to do stuff.  I know that all they are doing is trying to keep themselves frm getting support calls;  but i want an OPT OUT button that lets me set ALL OPTIONS, and if that option is counter to their choice, i get to turn on a switch that says “I understand that my machine may burst into flames, etc…. if i do not do this”.

    • #2691457

      When you have me intentionally activate BitLocker on your computer, I am given an opportunity to print, or save your BitLocker recovery key to your account

      But Microsoft doesn’t give you the choice of intentionally activate BitLocker. It activate automatically and hides the key somewhere with no notice to the user.

      2 users thanked author for this post.
    • #2691462

      For travelers  theres a clothing and items rental service sent ahead to your hotel so you don’t need to bring along your  bulky  items.  It’s called UNPACK.   https://theunpack.com/unpack/

      1 user thanked author for this post.
    • #2691476

      Back in the day, circa 2014, there was a drive encryption program called TrueCrypt. The rationale for using TrueCrypt was that Microsoft had built a backdoor into Bitlocker. TrueCrypt mysteriously disappeared in 2014 for an undisclosed reason. Other drive encryption software exists, but nowadays everyone seems to use Bitlocker as the default on the grounds that it is “good enough.” I’ve not seen any discussion in recent years about vulnerabilities in Bitlocker or whether it is the best choice. Folks seem to take for granted that Bitlocker is secure. Given Microsoft’s behavior in other contexts, I’m not sure that assumption is accurate. Since I don’t use it, I’m agnostic about Bitlocker but wonder whether anyone else has had the same thoughts.

      • #2691494

        Of course, I do, but then again, I never assume that any corporation will have my best interests in mind. A corporation’s only obligations are adherence to the law, and to their stockholders. Sadly, in many cases, adherence to the law only comes into play if they don’t think they can get away with whatever shenanigans they want to try in their pursuit of ever greater/increasing profits.

        My2Cents,

        Ernie

      • #2691503

        look up a google search on “truecrypt” and its author, some interesting history to this (I used it extensively).

        slightly off topic

        but interesting reading

         

        ACTUALY, another post in this thread refers to VERACRYPT, which was essentially salvaging truecrypt.  again very valuable

        1 user thanked author for this post.
      • #2691549

        TrueCrypt has been displaced by VeraCrypt, which still exists and still works. But it’s not very good fro whole drive encryption. That’s what Bitlocker is best at.

        -- rc primak

        1 user thanked author for this post.
        • #2691696

          The Mastermind – The Atavist Magazine

          this is a riveting story of what appears to be the developer of truecrypt.

          also, truecrypt could encrypt the whole drive, and i believe that veracrypt can;  it takes many steps to get it right, and is not for the faint of heart.  I hvae used bitlocker/truecrypt/veracrypt, again with making sure recovery codes were backed up, etc.

          i am a retired physician;  i did not want to take any chances when traveling, that my computers would get hacked if stolen.

          now, though, it does not matter if  you protect your own machine, they just hack the major corporations and steal your data….

      • #2691561

        Back in the day, circa 2014, there was a drive encryption program called TrueCrypt. The rationale for using TrueCrypt was that Microsoft had built a backdoor into Bitlocker. TrueCrypt mysteriously disappeared in 2014 for an undisclosed reason.

        See Back-door nonsense

        Have your read about the probable author of Truecrypt?

        2 users thanked author for this post.
        • #2691753

          Back in the day, circa 2014, there was a drive encryption program called TrueCrypt. The rationale for using TrueCrypt was that Microsoft had built a backdoor into Bitlocker. TrueCrypt mysteriously disappeared in 2014 for an undisclosed reason.

          See Back-door nonsense

          Have your read about the probable author of Truecrypt?

          Thanks for sharing that. It’s an interesting read about someone you’d clearly not want to meet in a deserted alley on a dark night, but “probable author” simply isn’t supported by your source

          From the article you linked to: “The actual authors remain unknown as of 2017”, and “it could have been Paul Le Roux writing under an assumed name, or it could have been someone completely different”

          In the Wikipedia article on TrueCrypt: “Le Roux himself has denied developing TrueCrypt in a court hearing in March 2016, in which he also confirmed he had written E4M”

          Regardless, my personal reason for using TrueCrypt (and now its fork, VeraCrypt) has nothing to do with any backdoor conspiracy theory, and everything to do with usability and strength of encryption

           

          2 users thanked author for this post.
    • #2691481

      How do you lock a debit card? Wouldn’t that destroy its usefulness?

      • #2691550

        How do you lock a debit card? Wouldn’t that destroy its usefulness?

        The idea is, you can unlock the debit card only as you need to use it. I don’t know if a phone app could be used, but that would make the whole process totally at your fingertips in most places.

        -- rc primak

        • #2691554

          I don’t know if a phone app could be used, but that would make the whole process totally at your fingertips in most places.

          I’ve seen ads here in the U.S. from a bank showing folks using the bank’s app on their phones to lock and unlock their cards. BUT, I didn’t pay attention (and/or maybe they didn’t show it well enough in the ad) as to whether it was for their credit or debit card(s), or both.

          I also don’t recall the name of the bank, as it’s been a little while since I’ve seen one of those ads.  🙁

          1 user thanked author for this post.
      • #2691610

        You lock it when you don’t use it, you then unlock in (via your banking app) when you want to use it.

        Susan Bradley Patch Lady/Prudent patcher

        1 user thanked author for this post.
        • #2691615

          What was the relevance of credit cards to the CrowdStrike saga (or vice-versa)?

          • #2691616

            What was the relevance of credit cards to the CrowdStrike saga (or vice-versa)?

            From Susan’s article in the newsletter:

            One simple thing you can do is use credit cards instead of debit cards. Credit cards have greater protections; you are more likely to get refunds for fraudulent usage faster and more easily. But even with credit cards, I recommend that you review your credit history. Lock the account so that scammers can’t apply for loans or credit cards under your name. (You may also want to consider locking your debit card.)

            It was part of the article, so it’s relevant to this thread which is (obviously) a discussion thread about the article’s contents.

            • #2691623

              Under the heading of “Lessons learned from CrowdStrike” and sandwiched in the middle of 26 paragraphs which were very related to CrowdStrike.

              EDIT: I suppose the tenuous link was; “Nonetheless, it serves as a reminder to all of us that the businesses we rely on are not taking proper steps to secure our technology.” But it immediately followed a remark about systems becoming bricks.

            • #2691624

              Ask Susan. She’s the one that made the comment.

            • #2691625

              Ask Susan. She’s the one that made the comment.

              I did.

            • #2691627

              I know people who had trouble making credit card purchases when Crowdstrike “hit”. Whether Crowdstrike was the reason for their trouble is something that neither they, nor I, nor you, nor any number of other people will likely ever know.

              On a more general note, lessons learned from an event may be applicable to other areas of life than to only those areas directly related to that event. The title of the article is Lessons Learned from Crowdstrike and some of those lessons can be applied to other areas of life. That’s one of the qualities that make humans at least somewhat unique from other species – the ability to apply learned concepts and information to different situations.

              1 user thanked author for this post.
    • #2691483

      but nowadays everyone seems to use Bitlocker as the default on the grounds that it is “good enough.”

      Many use VeraCrypt and take control of encryption.

      3 users thanked author for this post.
      • #2691491

        but nowadays everyone seems to use Bitlocker as the default on the grounds that it is “good enough.”

        Many use VeraCrypt and take control of encryption.

        I use VeraCrypt (and before that I used, and still have installed, TrueCrypt). I have control over both of those in a way that I don’t feel I’d ever have with BitLocker. YMMV

        2 users thanked author for this post.
    • #2691489

      But Microsoft doesn’t give you the choice to intentionally activate BitLocker.

      I don’t have BitLocker enabled on my computer now. I know that Microsoft is starting to do this automatically now, or will start to do so with the 2024 update. My comment was intended for user who want BitLocker encryption enabled on their computers, but don’t have it enabled now. I was briefly describing what happens when you choose to enable it yourself, and how/where you can/should save/store your BitLocker recovery key(s).

      Ernie

      2 users thanked author for this post.
    • #2691508

      I use bitlocker extensively.

      Microsoft windows 11 home does not have “bitlocker”, but DOES have bitlocker.  it  just does not let you control actively turning on the PRE-BOOT authentication.  that is wrong, in my opinion;  they have the encryption built into the system, and should enable the pre-boot aspect of this.

      I want to be able to enter the pre-boot code for bitlocker.  I’ve upgraded all my systems to windows 11 pro.

      i store the bitlocker recovery codes (the 46- or so character code) inside my password manager program (Keepass), (which is itself encrypted), and whose files i can access from any of my multiple computers, or cell phone.  I make sure i create and back up these codes when i turn on bitlocker.  Storing the bitlocker code is no more or less difficult than maintaining your passwords.  if you have a program for storage of your login site usernames and passwords, it is very easy to add an entry to that program and enter your bitlocker recovery code (the full long-character code), along with the short entry code.  the only disadvantage is that if you mis-type the short code too many times, you have to enter the long code (pain to type).  but in this era of computer theft, identity theft, etc, i am locking stuff as much as i can.  and that includes the comptuer itself.  if somebody steals my computer, they get a brick.    And, susan, normally i feel all your suggestions and articles are  great, BUT in this case i feel that instead of suggesting that bitlocker not be used, you stress  how easy it IS to use, as per my above mechanisms;  many people have  business-sensitive data on machines, and even personal data, and travel with their computers, and having a way to make them more  secure , with a common sense mechanism of storing and using the recovery codes, would be beneficial.  ANYWAY, just my two cents, from a long time bitlocker user.

      1 user thanked author for this post.
      b
      • #2691552

        You must have the Home Edition. The Windows 11 Pro Edition uses the same type of Bitlocker as the Windows 10 Pro Edition.

        If I were to choose to use Bitlocker, I would do so in conjunction with a dongle of some sort, or a Passkeys setup. Much easier to manage, though the dongle could get misplaced, I suppose.

        -- rc primak

        • #2691564

          You must have the Home Edition.

          He did, but upgraded to Pro.

          The Windows 11 Pro Edition uses the same type of Bitlocker as the Windows 10 Pro Edition.

          It can, but will also use automatic device encryption:

          Starting in Windows 11, version 24H2, the prerequisites of DMA and HSTI/Modern Standby are removed. As a result, more devices are eligible for automatic and manual device encryption.

          Device encryption

          Device Encryption will be enabled by default when you first set up a Windows 11 PC with Pro and Home editions. In addition, Microsoft will enforce an automatic Device Encryption setup after resetting your PC.

          Also, remember that BitLocker is turned on automatically only when you clean/fresh install or reinstall Windows 11 24H2. Microsoft told Windows Latest that BitLocker is not enabled when you upgrade from any version of Windows.

          For example, if you’re on Windows 10 or Windows 11 23H2 and upgrade to version 24H2, BitLocker encryption won’t be enabled by default. You’ll not lose any of your files.

          Microsoft confirms Windows 11 24H2 turns on Device Encryption by default

          If I were to choose to use Bitlocker, I would do so in conjunction with a dongle of some sort, or a Passkeys setup.

          Passkeys are for web authentication and can’t be used for Bitlocker.

          A hardware key can provide additional authentication but doesn’t obviate the need for a recovery key.

          1 user thanked author for this post.
    • #2691573

      Many use VeraCrypt and take control of encryption.

      I’m also a long time VeraCrypt user.

      Desktop Asus TUF X299 Mark 1, CPU: Intel Core i7-7820X Skylake-X 8-Core 3.6 GHz, RAM: 32GB, GPU: Nvidia GTX 1050 Ti 4GB. Display: Four 27" 1080p screens 2 over 2 quad.

    • #2691666

      The lesson I learned a long time ago is never to trust that technology will be working when you want it to. I always have enough cash for whatever I want to do, even if I intend to pay by card.

      Windows 10 Home 22H2, Acer Aspire TC-1660 desktop + LibreOffice, non-techie

      1 user thanked author for this post.
    • #2691677

      the EU mandated that it allow vendors into the kernel

      The EU doesn’t control the world.
      Following EU’s DMA many companies have 2 “systems”, one for EU and one for the rest of the world (even Microsoft does that so do Apple, Facebook, Google..).

    • #2691768
      2 users thanked author for this post.
    • #2692113

      Microsoft can’t come clear/clean it is too culprit and is to blame as much as CrowdStrike for its negligence protecting Windows kernel.

      Delta hires David Boies to seek damages from CrowdStrike, Microsoft after outage

      Delta has hired prominent attorney David Boies to pursue potential damages from CrowdStrike and Microsoft after a mass outage earlier this month,

      The outages cost Delta an estimated $350 million to $500 million…

      1 user thanked author for this post.
      • #2692149

        It’ll be interesting to see if the Boies team manages to break through the EULA wall (scroll down to section 8, “Warranties & Disclaimer”, and see also section 10, “Limitation of Liability”).

        Maybe AW’s own Max Stul Oppenheimer can discuss it in a future AW Newsletter article.

        2 users thanked author for this post.
        • #2692166

          8.2 Product Warranty. If Customer has purchased a Product, CrowdStrike warrants to Customer during the applicable Subscription/Order Term that: (i) the Product will operate without Error

          1 user thanked author for this post.
          • #2692191

            Unfortunately for CrowdStrike’s customers, the same paragraph also says that

            Your sole and exclusive remedy and the entire liability of CrowdStrike for its breach of this warranty will be for CrowdStrike, at its own expense to do at least one of the following: (a) use commercially reasonable efforts to provide a work-around or correct such Error; or (b) terminate your license to access and use the applicable non-conforming Product and refund the prepaid fee prorated for the unused period of the Subscription/Order Term.

            For better or worse, obtaining compensation for damages such as Delta is seeking would apparently require breaking through the EULA wall.

            2 users thanked author for this post.
      • #2692575

        ..CEO Bastian still had pointed words for the company.

        When asked about Delta and Microsoft’s relationship moving forward, he said:

        My sense is they’re probably the most fragile platform within that space. When was the last time you heard of a big outage at Apple?..

        https://www.youtube.com/watch?v=j2DbePHiH64

        https://appleinsider.com/articles/24/08/01/delta-ceo-criticizes-microsofts-fragility-praises-apples-stability

        1 user thanked author for this post.
      • #2693692

        Microsoft says Delta ignored Satya Nadella’s offer of CrowdStrike help

        Microsoft suggests that Delta Air Lines’ issues were related to its old IT infrastructure — not Windows.

        Microsoft has responded to Delta Air Lines’ criticism of Windows and CrowdStrike after the giant IT outage last month. Delta CEO Ed Bastian wants compensation from both CrowdStrike and Microsoft for the estimated $500 million Delta lost due to the outage. Now, Microsoft says Delta refused its free help on multiple occasions and even ignored an email from CEO Satya Nadella to Bastian…

        * First Microsoft neglected to protect its OS and then offers help ? No, thank you.
        * We have seen the type of help Microsoft offered where the fix required manually
        hunting for Bitlocker keys for millions PCs.

        • #2693756

          * First Microsoft neglected to protect its OS and then offers help ? No, thank you.
          * We have seen the type of help Microsoft offered where the fix required manually hunting for Bitlocker keys for millions PCs.

          Would it have been better if Microsoft offered no help?

          We haven’t seen the type of help offered to Delta at all.

          Bitlocker keys should have been available without hunting.

          Microsoft thinks Delta refused its free help because it was actually struggling to restore non-Windows systems instead. “It is rapidly becoming apparent that Delta likely refused Microsoft’s help because the IT system it was most having trouble restoring – its crew-tracking and scheduling system – was being serviced by other technology providers, such as IBM, because it runs on those providers’ systems, and not Microsoft Windows or Azure,” says Microsoft’s letter.

          Earlier this week, CrowdStrike also claimed it’s not to blame for Delta’s days-long outage and said Delta also declined its on-site assistance. CrowdStrike’s comments now make more sense after Microsoft’s suggestion that the problems at Delta could run a lot deeper than its Windows systems being taken down by the faulty CrowdStrike update. Unlike other airlines, Delta struggled to get systems back online and is currently being investigated by the US Department of Transportation over its handling of recovery efforts.

          1 user thanked author for this post.
    • #2692339

      For better or worse, obtaining compensation for damages such as Delta is seeking would apparently require breaking through the EULA wall.

      I am sure that Delta, thousands enterprises, millions customers.. will win in court.

      1 user thanked author for this post.
    • #2692612

      Microsoft: Azure Outage Due to DDoS Attack

      Why should customers care for reasons of no service ?
      Who will compensate them for time lost ?
      It is Microsoft’s obligation to keep all services running 100% of the time.

    • #2694104

      CrowdStrike Faces a Potential Tsunami of Lawsuits. Only the Fine Print Can Save It, Experts Say

      ..On July 29, Delta informed CrowdStrike and Microsoft of its intent to sue over the $500 million it claims to have lost as a result of the outage. A class action lawsuit has been filed by law firm Labaton Keller Sucharow on behalf of CrowdStrike shareholders, claiming they were misled over the company’s software testing practices. Another law firm, Gibbs Law Group, has announced it is looking into bringing a class action on behalf of small businesses affected by the outage…

      Those hoping to recover financial losses will need to find creative ways to frame their cases against CrowdStrike, which is insulated to a great extent by clauses typical of software contracts that limit its liability..

      * I still believe both CrowdStrike and Microsoft will be found responsible for creating a world chaos never seen before.

      * I haven’t checked but I wouldn’t be surprised if Boeing has a clause that says it isn’t liable to any hardware/software malfunction that cause crashes killing hundreds of passengers.

      CrowdStrike : External Technical Root Cause Analysis — Channel File 291

      2 users thanked author for this post.
    • #2712761

      Delta sues CrowdStrike after widespread IT outage that caused thousands of cancellations

      “Delta is asking for damages to cover over $500 million in losses, along with litigation costs and punitive damages, after an IT outage involving CrowdStrike’s security software.”

      * A first of many to sue CrowdStrike for damages.

    • #2712907

      In addition to Alex’s post above, on October 25, 2024 Reuters ran the artcal  – Delta sues CrowdStrike over software update that prompted mass flight disruptions.

      As a result of the CrowdStrike meltdown, Delta represents that it experienced over $500 million in out-of-pocket losses and an unspecified amount of lost profits, expenditures, and “reputational harm and future revenue loss.”

      https://www.reuters.com/legal/delta-sues-crowdstrike-over-software-update-that-prompted-mass-flight-2024-10-25/?user_email=982886a9a4297369f3db88acfca9a605b9d94a4f7e92bcf89a9f762ed5b24045&lctg=62aa3033623316579b01bf6c

      • #2712986

        Wonder why Delta doesn’t sue Microsoft for negligence in checking and applying updates. After all the crashing PCs were running Windows OS.

        • #2713024

          Why do you think Microsoft should be responsible for the updates of any software which an administrator chooses to install?

          Are car manufacturers responsible for any modification which causes an engine to fail?

    Viewing 24 reply threads
    Reply To: Lessons learned from CrowdStrike

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: