Bay Area computer experts baffled by Crowdstrike policy that led to outage

"Welp. My first day at CrowdStrike went pretty good. Just now hit send on some code I wrote. Looking forward to the weekend!"

when companies cheap out and don't hire enough QA engineers.

This is bad development process and bad operation process. This company deserves to go out of business. The CEO is an idiot, I saw him on another channel. Completely clueless about how to run a company like this.

Yes, this was baffling. However the issue was they pushed out a nulled out file. They probably did their testing with the correct file before deciding on pushing it out and it seems like it got corrupted somewhere along the distribution chain. The loading routine referenced data on the problem file that did not exist and thus caused a hard fail during the boot process for the OS. This wouldn't have been an issue if the file in question wasn't part of the loading drivers upon boot due to the nature of how AV software works. MS definitely has to improve how their OS handles these files during the boot process if they're not OS essential systems files. They're allowing 3rd party vendors to have too much control over the boot process and in turn leaving us at risk of this happening again in the future.

The problem being experienced globally was not a result of systems being interconnected. It was the result of so many organisations using the same software, which meant that they were all affected in the same way by the faulty software update.

They were probably hacked, then lied about it to protect their business.

Although there was a bug in the code, it should have been caught using a sandbox or with early adopters before it was deployed WW. So, this is also a process problem.

When I worked at a "Big Networking Company"(here in the valley), one of the customer, Lufthansa Airline, DEMAND that we test our UPDATE with a backup system and ONLY when the UPDATE is successfully executed that Lufthansa Airline will allow for a LIVE UPDATE with their engineers monitoring and watching !!! It looks like Crowd Strike DID NOT test their UPDATE before going live.

Sure, global code push to kernel based Windows software agent with zero testing. What could go wrong?

No It highlights the incompetency and unprofessionalism from careless managers...

"If you want something done right, learn to code."

Is the company giving me 8 hours of payroll because I couldn't log in?

Test-Retest before release. If one has to go back to the old format that should always be possible.

no testing, no selective group , layered updating..just ineptness

This is a test… not a mistake. My opinion.

Bizarre to say the least

It's also due to a monopoly of one operating system in the private business and public sector space.

Talk to IT Executives, not technical experts.

For how long will it last?

its not complex but contrary simple ... it's horizontal integration where one player provided cheaper services and companies also cut back on IT costs and in the end its this... but on the other hand since all failed at once no business got hurt ... no big deal... things will stay the way they are and world will move on in the pace only few IT guys will be fired at crowdstrike that's it ...