this post was submitted on 19 Jul 2024
2019 points (99.1% liked)

linuxmemes

20880 readers
5 users here now

I use Arch btw


Sister communities:

Community rules

  1. Follow the site-wide rules and code of conduct
  2. Be civil
  3. Post Linux-related content
  4. No recent reposts

Please report posts and comments that break these rules!

founded 1 year ago
MODERATORS
 

CrowdStrike effectively bricked windows, Mac and Linux today.

Windows machines won’t boot, and Mac and Linux work is abandoned because all their users are on twitter making memes.

Incredible work.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 113 points 3 months ago (5 children)

Imagine this happening during open heart surgery and all the monitors go blue!

[–] [email protected] 131 points 3 months ago (4 children)

Good lord I would hope critical surgical computers like that aren't networked externally... Somehow I'm guessing I'm wrong.

[–] [email protected] 120 points 3 months ago (2 children)

Fear not, that's why we deploy extra security software to these critical systems. It's called Crowdsource or something.

[–] [email protected] 47 points 3 months ago (3 children)
[–] [email protected] 32 points 3 months ago (1 children)
[–] [email protected] 13 points 3 months ago (1 children)
[–] [email protected] 26 points 3 months ago (1 children)
[–] [email protected] 10 points 3 months ago
[–] [email protected] 7 points 3 months ago
[–] [email protected] 2 points 3 months ago
[–] [email protected] 52 points 3 months ago (1 children)

Maybe not everywhere, but all of ours are air gapped.

[–] [email protected] 35 points 3 months ago

Good, they absolutely should be.

[–] [email protected] 13 points 3 months ago* (last edited 3 months ago)

~~Critical surgery computers may also be running under Windows LTSC, so they might not get the CrowdStrike patch. Maybe...~~

Edit: So the issue is apparently caused by CrowdStrike. So, unless the surgery computers also use CrowdStrike then it would be fine. Unless, of course, if they use CrowdStrike on surgery computers...

[–] [email protected] 7 points 3 months ago

I'd heard some hospitals were affected. They cancelled appointments and non-critical surgeries.

I'm guessing it was mostly their "behind the desk" computers that got affected, not the computers used to control the important stuff. The computers in patients' rooms may have been affected as well, but (at least in the US) those are usually just used to record information about medicine given and other details about the patient, nothing critical that can't be done manually.

[–] [email protected] 26 points 3 months ago (4 children)

Anecdotal, but my spouse was in surgery during the outage and it went fine, so I imagine they take precautions (like probably having a test machine for updates before they install anything on the real one, maybe)

[–] [email protected] 37 points 3 months ago

There were no test rings for this one and it wasn't a user controlled update. It was pushed by CS in a way that couldn't be intercepted/tested/vetted by the consumer unless your device either doesn't have CS installed or isn't on an external network.. or I suppose you could block CS connections at the firewall. 🤷‍♂️

[–] [email protected] 8 points 3 months ago (1 children)

Depending on the machine, I guess it's likely that those aren't using Windoofs at all. I would be surprised if there were devices in use during surgery who run on that.

[–] [email protected] 13 points 3 months ago

Any critical devices should be airgapped while in service.

[–] [email protected] 4 points 3 months ago

I assume these systems were not connected to any network. Same can't be said for the front desk systems though.

[–] [email protected] 3 points 3 months ago

Mine was in surgery yesterday. I hope yours is doing well.

[–] [email protected] 14 points 3 months ago (1 children)

It did impact emergency services

[–] [email protected] 4 points 3 months ago

I've heard anecdotally that some 911 services were down in my area, but I can't speak to how wide that was.

[–] [email protected] 9 points 3 months ago (1 children)

Good News! Unless something has changed since I worked in healthcare IT, those systems are far too old to be impacted!

I'm half-joking. I don't know what that kind of equipment runs, but I would guess something embedded. The nuke-med stuff was mostly linux and various lab analyzers were also something embedded though they interface with all sorts of things (which can very well be windows). Pharmaceutical dispensers ran various linux-like OS's (though I couldn't even tell you the names anymore). Some medical records stuff was also proprietary, but Windows was replacing most of it near the end of my time.

One place we had ran their keycard system all on a windows 3.1 box still. I don't doubt some modern systems also are running on Windows which has interesting implications for getting into/out of places.

That said, a lot of that stuff doesn't touch the outside internet at all unless someone has done something horribly wrong. Medical records systems often do, though (including for billing and insurance stuff).

[–] [email protected] 2 points 3 months ago

Security through obsolescence the healthcare way!

[–] [email protected] 1 points 3 months ago

I was just watching this show called Connections and the first episode was about a power blackout and it showed how the lights went out during a birth.

Great show it went on about what do you do if the power stays off permanently and how we aren't well prepared for that and how to start a civilization after you kill some farmers and steal their land but non of their tools work without power either and if you know how to mount an old-school plow to oxen