A widespread Blue Screen of Death (BSOD) issue on Windows PCs disrupted operations across various sectors, notably impacting airlines, banks, and healthcare providers. The issue was caused by a problematic channel file delivered via an update from the popular cybersecurity service provider, CrowdStrike. CrowdStrike confirmed that this crash did not impact Mac or Linux PCs.
It turns out that similar problems have been occurring for months without much awareness, despite the fact that many may view this as an isolated incident. Users of Debian and Rocky Linux also experienced significant disruptions as a result of CrowdStrike updates, raising serious concerns about the company’s software update and testing procedures. These occurrences highlight potential risks for customers who rely on their products daily.
The analysis revealed that the Debian Linux configuration was not included in their test matrix.
You might as well say you don’t support Linux.
“Crowdstrike’s model seems to be ‘we push software to your machines any time we want, whether or not it’s urgent, without testing it’,” lamented the team member.
I wonder how this shit works on NixOS.
If I’m remembering right, RHEL is Crowdstrike’s primary Linux target. And NixOS wouldn’t even be a factor since it’s basically just not enterprise grade.
That said, they need a serious revision of their QA processes.
RHEL, Ubuntu, & Debian cover the vast majority of enterprise installs I imagine, and provide a solid testing base for developers in the Linux business software space.
Maybe you add Gentoo, some post-CentOS clones/forks, or other more niche industry/workload specific distros, but how you do skip Debian?
I’m not an expert in any sense.
But it was always my impression that Ubuntu and Debian were what you use on personal machines, while RHEL is the baseline standard for professional servers.
Is that not accurate? CrowdStrike’s target customer seems to be the sort of company that would insist on using RHEL for the enterprise features.
That is not accurate.
- RedHat is the standard for high-budget American corps.
- Rocky and similar for low-budget American orgs
- Ubuntu Server has a large following with developers who think they don’t need sysadmins.
- Debian Stable is more popular with European orgs that aren’t incentivized by US government contracts to go with Redhat. It is much more stable than Ubuntu, has been more reliable in its support promises than Redhat, and doesn’t suffer from the NIH syndrome that infects both.
- Ubuntu is popular with home users
- Debian Testing is good for workstations and personal machines that need to be a bit more current
- Debian Unstable for people who like Debian but want to live on the bleeding edge
I’ve been using Linux professionally for 15 years. It’s been Debian or Ubuntu almost everywhere I have been. Although that might be regional.
RHEL, Ubuntu, & Debian cover the vast majority of enterprise installs I imagine, and provide a solid testing base for developers in the Linux business software space.
Enterprises I imagine are using RHEL, Ubuntu, SUSE’s SLES and Oracle Linux and probably not Debian. But that’s a guess. Where can statistics and numbers be found ?
consultant for large enterprises in australia, and i literally can’t say i’ve ever seen anyone running anything other than RHEL and amazon linux (so… RHEL) in production… unless we’re talking not for profits, and then that’s been a bit of a mixed bag
Largish enterprise heavily using Debian, just 1 data point here but we do exist.
The software is not the problem. Software breaks all the time. The problem is monocultures and centralization. Building entire industry ecosystems all around a single point of failure. This is the just-in-time manufacturing supply chain disruptions and fragility all over again.
Who knew, a diverse ecosystem was a strength, not a weakness.
deleted by creator
The software is the problem if it’s produced with a corporate mentality of “ship first, fix later”.
Users of Debian and Rocky Linux also experienced significant disruptions as a result of CrowdStrike updates, raising serious concerns about the company’s software update and testing procedures. These occurrences highlight potential risks for customers who rely on their products daily.
Hot take: maybe bossware is a fucking drain on society, and people should stop buying it.
Yeah, but our leadership had a really nice lunch with their sales rep! Licenses for everyone!
After getting a referral from your cyber insurance rep right?
It’s sad how accurate this is.
Well, if the executive leech class wants workers to have bossware, there’s not all that much people can do about it. Can’t just decide to not use it if your employer demands it
I didn’t mean the average worker. I meant the “executive leech class,” because downtime of this scale means lost profits, which is something they care deeply about.
In that case, it’s time for the average workers to sabotage the bossware. Let the leech class solve the problem they create.
Hospitals are effected by this too.
Why are sensitive or critical hospital systems loaded with bossware? That itself is a breach of medical safety regulations and medical privacy. If such bossware fails for whatever reason - even sabotage, it’s on the leach class. Prosecute them for murder.
So?
which is something they care deeply about.
They care about quarterly profits. Preventing fuckups of this scale requires long-term effort which is not profitable by itself, it only prevents possible future fuckups, and this is why proper QC etc. aren’t done. Short term profits over everything else.