this post was submitted on 29 Oct 2024
214 points (99.1% liked)

Technology

59380 readers
2868 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
top 17 comments
sorted by: hot top controversial new old
[–] [email protected] 78 points 2 weeks ago* (last edited 2 weeks ago) (3 children)

Why would the TSA have anything to do with Delta’s IT operations?

In March 2023, the TSA added a cybersecurity emergency amendment to its cybersecurity programs. The amendment required airlines like Delta to develop "policies and controls to ensure that operational technology systems can continue to safely operate in the event that an information technology system has been compromised," CrowdStrike's complaint said.

Guess that’s why.

[–] [email protected] 45 points 2 weeks ago (1 children)

That's some serious scope creep there by TSA. I'm quite sure that airlines' business continuity is wholly unrelated to transportation security.

[–] [email protected] 14 points 2 weeks ago

Travelers were definitely securely on the ground. Upset, but secure.

[–] [email protected] 14 points 2 weeks ago

So CrowStrikes strategy is "you installed CrowStrike while TSA told you not to install it, as was clearly proven by us taking down your network, so we're not at fault"?

[–] [email protected] 13 points 2 weeks ago (2 children)

I think it's pretty reasonable for a company as big as delta to wait a little bit to see how a patch rolls out before upgrading.

[–] [email protected] 10 points 2 weeks ago

Hackers are less of a threat than Microsoft's attempts at protecting us from hackers

[–] [email protected] 8 points 2 weeks ago* (last edited 2 weeks ago)

Honestly agreed, I think it's reasonable for a company as big as Delta to have a functioning continuity plan, the fact that it took them over 5 days to come back online is Unforgivable for a service that is detrimental to society like a transportation service.

Personally speaking I think that the 500 million lawsuit should be thrown out exclusively on that. It is Delta's inability to properly manage their company's IT services that exclusively cause this.

I'm not down playing crowdstrike here, what they did is unforgivable as well because how they manage their software completely bypassed all channels that are meant to prevent shit like this from happening, but every other system was online within two days if that, because they had proper failsafes in place to minimize damages and regain operational status.

But ultimately, crowd strikes mess up was obviously an error on their end, where Delta not having a proper procedure in place is obviously intentional as having a Disaster Recovery where you lose most of your infrastructure has been IT management 101 for years now.

Being said, I do not agree that crowdstrike should be allowed to operate in the level that it was allowed to in the first place, and I definitely Embrace Microsoft's decision to start heading towards locking out access to ring 0 in favor of ring 1 and ring 2. With this decision I'm wondering if intel is going to revise their plans for the new x86S framework to not have ring 1 and 2 and only have 0 and 3

[–] [email protected] 27 points 2 weeks ago

I love how this whole debacle has turned into a finger-pointing party

“We, Microsoft, didn’t do it, CrowdStrike did!”

“We, CrowdStrike, didn’t do it, the airlines did!”

Of course, this would be fine if done for technical purposes, but it’s actually being done to reverse stock price dips and make the boards of directors happy

[–] [email protected] 18 points 2 weeks ago (1 children)

Wait I thought this was caused by a security update.

Are they saying there was a security update that would have prevented the CrowdStrike update from bricking everything?

[–] [email protected] 3 points 2 weeks ago (1 children)

Different security step.

In March 2023, the TSA added a cybersecurity emergency amendment to its cybersecurity programs. The amendment required airlines like Delta to develop "policies and controls to ensure that operational technology systems can continue to safely operate in the event that an information technology system has been compromised," CrowdStrike's complaint said.

[–] [email protected] 2 points 2 weeks ago (1 children)

Yeah I read it. So is CrowdStrike going to argue that some other software update was supposed to have been installed by Delta prior to CrowdStrike’s update?

That’s my question.

[–] [email protected] 4 points 2 weeks ago* (last edited 2 weeks ago)

No they are going to argue that there should have been a fail safe in place for a rapid recovery of said incident occurring in the first place. Since the TSA required it

I personally don't think that should resolve crowdstrike of all responsibility, but the fact that they lack these contingency plans in the first place makes me think that CS is definitely not the only one at fault here

[–] [email protected] 11 points 2 weeks ago

Meanwhile, the airline still running off Windows 3.11:

[–] [email protected] -2 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

Dude the precident it would set if Delta sued Microsoft and won would be super damaging I'm glad it's not happening

Imagine being responsible for a software that is put on A system that you developed, with you being isolated/removed from the situation, it would be the content owners of websites being responsible for Stuff posted all over again

[–] [email protected] 3 points 2 weeks ago (1 children)

Imagine being responsible for forcing a security update on your customers without testing it.

Negligence absolutely applies here, Crowdstrike needs to be sued out of existence.

[–] [email protected] 2 points 2 weeks ago (1 children)

Fully agreed that crowdstrike is partly responsible, however my comment was based off of Microsoft not crowdstrike. Delta stated they were going to sue both crowdstrike and Microsoft, but they didn't actually go through with it

[–] [email protected] 0 points 2 weeks ago

I am less certain about Microsoft, though I think they need to have their ass handed to them for their high-handed treatment of push patches.

Either they need to implement staggered deployment by default, or they need to get out of the update deployment business altogether if they don't want the liability, can't have it both ways.

We know this didn't happen, because CS.