Announcement

Collapse
No announcement yet.

Random photos, comics, etc.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • "The more they overthink the plumbing, the easier it is to stop up the drain." - Montgomery Scott (James Doohan, RIP)

    Microdork's Winblows OS is a prime example.

    I have gone through the steps to disable and remove all the bloatware from Winblows 11, only to have it magically reappear every time it tries to do updates, which I have set to do manually....but somehow it reinstalls/re-enables services that I have disabled.

    My next step will be to block connections to Winblows updates on my firewall.

    Comment


    • Tony, Don't use W-11... I had it on one computer and replaced it with 10. It's awful... You can still get 10 COA's easily, then.download it from MS's site. Microsoft is rethinking the future support for it too, as in they will likely extend doing the updates. Possibly on a subscription basis. As awful as 11 is, and the stuff I've read about 12, I can imagine some new OS coming along and everyone switching to it. I'm sticking with 10 till hell freezes over.

      Comment


      • Originally posted by Mark Gulbrandsen View Post
        Tony, Don't use W-11... I had it on one computer and replaced it with 10. It's awful... You can still get 10 COA's easily, then.download it from MS's site. Microsoft is rethinking the future support for it too, as in they will likely extend doing the updates. Possibly on a subscription basis. As awful as 11 is, and the stuff I've read about 12, I can imagine some new OS coming along and everyone switching to it. I'm sticking with 10 till hell freezes over.
        I am staying with Win10 as well.

        BTW: You can install Win10 on a digitally activated Win11 machine. It has to be the same version (Home or Pro).

        Comment


        • Originally posted by Ed Gordon View Post

          I am staying with Win10 as well.

          BTW: You can install Win10 on a digitally activated Win11 machine. It has to be the same version (Home or Pro).
          When I got my HP Z2, I loaded 10 Pro on and no activation was required. It had an embeded liscense on it for 11 Pro. So I assume this is what you are referring to.
          I have a number of 10 and 11 Pro install disks here, but it's much faster to download the latest install from Microsoft as it always includes the latest updates and that makes installation time much faster.

          Comment


          • Originally posted by Randy Stankey
            Apparently, the Crowdstrike software runs as a driver, inside kernel space, but updates are sent out as P-code which resides outside of kernel space. Essentially, this allows unsigned code to be run inside kernel space without authentication.

            This isn't just an "Oops! My bad!" moment! Somebody screwed the pooch!​
            That's an understatement. Shot it, Kristi Noem-style, and then screwed its corpse, more like! So all a bad actor needs to do is to fool a client into believing that their malicious code comes from CrowdStrike (not difficult if unsigned), and then they have full control over the PC.

            Comment


            • Originally posted by Leo Enticknap View Post
              So all a bad actor needs to do is to fool a client into believing that their malicious code comes from CrowdStrike (not difficult if unsigned), and then they have full control over the PC.
              I was just about to suggest the same thing. Essentially, what CrowdStrike has done is to provide every hacker in the world an easy way to inject malicious code directly into the kernel in a virtually undetectable way!

              It looks like CrowdStrike has shot themselves in the testicles! No reasonably intelligent person would get within a mile of their product! Now, their flagship product is essentially dead in the water!

              I think I'm going to go back to what I first said... "Bye, bye! We're done!" <click>


              Comment


              • People think we're crazy in not having any 3rd party code in our products. This CrowdStrike thing almost literally had me rolling on the floor laughing. I fear this is just the beginning. I can rant about the deterioration of technology. Sorry to laugh as I know this has caused many a lot of pain. So I got out my Mr. Robot merch. Using my Allsafe coffee mug in the office now. That was a reality show, right?

                We've been watching raw Internet traffic. 99.99% of it is unsolicited/malicious traffic just frothing to make anyone's day a disaster.

                Comment


                • There are many things that pull code directly from a remote server when they are running.

                  So you can write a program and the code that you import today may not code that you're running tomorrow even though (supposedly) it's the same program.

                  This seems completely irrational to me.

                  Wouldn't basic sanity (let alone security) tell you to download the library you're using and run from a local copy?

                  Comment


                  • People break the cardinal rule all the time: My computer is my property and I am the sole arbiter of what code gets executed on it. Breaking that rule puts your computer and your business at risk.

                    This does not mean that you have to be a computer expert who knows what every line of code does. It means that you need to be very careful of your sources and not allow third party code to run on your computer unless you trust the source, implicitly.

                    The problem is that it's very hard to know who to trust, these days.

                    I've done a little bit of reading on the subject of CrowdStrike. This isn't the first time they've had screw ups like this! In fact, it's the third time this year!

                    From Wikipedia: https://en.wikipedia.org/wiki/CrowdS...tage_incidents

                    Severe outage incidents

                    CrowdStrike software has been implicated in several major outages on various platforms. At times these have been relatively isolated, affecting a specific application or operating system that is not as widely deployed as others. In some cases, these issues have caused serious outages that impacted servers across the world.

                    2024 Debian Linux incident
                    On the evening of Friday, April 19, 2024, Crowdstrike issued a flawed software update that crashed computers running Debian Linux builds and kept them from rebooting normally. CrowdStrike acknowledged the bug a day later and weeks later determined the cause.

                    2024 Rocky Linux incident
                    On May 13, 2024, it was reported that Rocky Linux servers with CrowdStrike software may freeze after upgrading to Rocky Linux 9.4.CrowdStrike reported that they were aware of the problem as it was the same issue due to a Linux Sensor in user mode combined with specific 6.x kernel versions.
                    ​
                    2024 Windows incident
                    On July 19, 2024, CrowdStrike released a software update to the vulnerability scanner Falcon Sensor. Flaws in the update caused blue screens of death on Microsoft Windows machines, disrupting millions of Windows computers worldwide. Affected machines were forced into a bootloop, making them unusable. This was caused by an update to a configuration file, Channel File 291, which CrowdStrike says triggered a logic error and caused the operating system to crash. The downtime caused a widespread global impact, grounding commercial airline flights, temporarily taking Sky News and other broadcasters offline, and disrupting banking and healthcare services as well as 911 emergency call centers.

                    Although CrowdStrike fixed the update, computers stuck in a boot loop were still unable to connect to the Internet to download the patch before Falcon can load in and crash the device again. The recommended solution from CrowdStrike was to boot into safe mode or Windows Recovery Mode and manually delete Channel File 291.This requires local administrator access and if the device is encrypted by Bitlocker will also require a recovery key.Microsoft has reported that some customers have been able to remediate the issue solely by rebooting impacted devices up to 15 times.
                    To me, this indicates a SEVERE problem with the way that company operates. Things like this should never happen. Certainly not three times within ninety days!

                    If I was in charge of CrowdStrike there would be heads on pikes!
                    ​

                    Comment


                    • Here is a video explaining what happened:

                      CrowdStrike IT Outage Explained by a Windows Developer



                      Even if it would take too long to certify the software in order to prevent a new threat, it appears to me that they did not even adequately test their software before setting it loose to do the damage.



                      ​

                      Comment


                      • Bottom line: CrowdStrike's flagship product is fundamentally flawed, at its core and should not be used by anybody, for any reason, at any time, ever!

                        This is disappointing because the company has a fairly long and successful history. It's sad to see such a company go down in flames like this!

                        Rhetorical: If I was in charge of a company that used CrowdStrike, I'd be thinking about removing their software, forthwith. I'd almost rather let my systems run with no malware protection than to allow anybody to inject bad code directly into the core of my operating systems at any time, without the ability to stop them.

                        Yes, yes! I know! That's not the smartest idea. I'm only talking about my emotional response to the situation. Practical reality is different.
                        Instead, I'd probably be putting a team of people on the task of replacing CrowdStrike with something else ASAP.

                        Then, I'd be making that phone call and telling CrowdStrike to go to hell!

                        Comment


                        • DIsneyStagecoach.jpg
                          When I saw this photo, my first thought was that "the times have changed",
                          and Disney wouldn't be able to get away with such a pose today. But then
                          I realized that, in reality, maybe things aren't really so different now, because
                          if any of those kids grew up and became theater owners, Disney is still
                          holding them hostage with every new release.
                          Last edited by Jim Cassedy; 07-25-2024, 09:24 PM.

                          Comment


                          • What pose? Stomping in a pile of horse shit? That's about Disney's speed, these days! Isn't it?
                            (Look closer, under the carriage wheels... When you see it, you'll shit... Uh, never mind...)

                            Remember that, in those days, "Cowboys" were as popular as things like Pokemon are, today. Every kid knew the phrase, "Stick 'em up!"

                            Those kids are, surely, the young sons and daughters of people who worked for Disney.

                            Comment


                            • Originally posted by Bruce Cloutier View Post
                              People think we're crazy in not having any 3rd party code in our products. This CrowdStrike thing almost literally had me rolling on the floor laughing. I fear this is just the beginning. I can rant about the deterioration of technology. Sorry to laugh as I know this has caused many a lot of pain. So I got out my Mr. Robot merch. Using my Allsafe coffee mug in the office now. That was a reality show, right?
                              Those CrowdStrike folks should've taken a lesson about centralization from Star Wars Episode 1:


                              Comment


                              • Could be a metaphor for a society dependent upon networks and concoctions of sloppy open source rookie wannabee gamer programmed software. Wait! See Battle Star Galactica. The series remake. Not the original.

                                I have been literally sitting watching a Chinese IP address hard attack one of our public IP addresses. I have the source address blocked but still they are pounding us attempting an SSH connection. I would say it was a denial of service (DoS) attack but this cannot be considered a high value target for that. It would be a lame attempt. I am thinking now that there must be some highly secure device someplace that accepts SSH connection only from a specific source port. Maybe that rolls with time. They are looking for a very specific socket in an attempt to gain access.

                                You all can guess what device I have connected out there. It is thwarting these suckers. JANOS rules! ;-)

                                I have added the ability to blacklist IP addresses and have an application automatically detecting bots and adding them to the blacklist. I think, over the past couple of weeks, this has triggered the curiosity of the idiot Chinese government hackers.

                                This IP address that tracks back to China (through the cable connection I think in San Jose) has hit us over 56,000 times since yesterday afternoon and it started early yesterday morning. All blocked. Occasionally another address from that Class C IP block attempts a connection with all the characteristics of being manually initiated.

                                Makes me wonder if our government is trying to protect us at all? They're too busy creating bogus political ads acting like 5th graders calling names and bullying. How do we even let that go on?

                                END OF LINE

                                Comment

                                Working...
                                X