Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
CrowdStrike Says Global IT Outage Impacting Windows PCs, But Mac and Linux Hosts Not Affected
- Thread starter MacRumors
- Start date
- Sort by reaction score
No, no they are not. While many newer systems are absolutely moving more and more to web-based front-ends, that is nowhere near the norm, and especially not when you're talking about systems like those that run hospitals.
And you clearly have no experience with large-scale systems at all.
Ahh. This makes sense now. "Buy my solution - it never would have had this problem!"
Jesus do I ever hate salespeople.
Yes. That is possible use as terminal.
This is the worst conclusion you can make.
So strange folks are blaming sysadmins for this, when turning off auto-updates for AV is not really a viable option in the age of 0-days, especially as a Windows admin. As for Windows though either Microsoft can't help but be the "nice guy" and allow all manner of ancient cruft to remain or it's that they are bowing to clamor of customers who want infinite backward compatibility which is pretty untenable. I mean for goodness sake: How are drive letters still a thing?!
Apple for their part, deprecated kernel space drivers in 2019 and will stop signing them at the end of 2024 (IIRC). Folks can give Apple all the crap they want about these kinds of practices and bemoan "planned obsolescence" but they've managed to keep things moving forward without being weighed down by past baggage. In 2019, 32-bit also went away with macOS Catalina, which is admittedly sad for all the great 32-bit Steam games but that's what VMs are for and it also frees them from the year 2038 problem coming down the road for 32 bit systems.
So let's hear it for Apple who had the foresight (and "tough love") to get rid of floppies in 1998 with the iMac (to much nostalgic ire) and to deprecate the use of kernel space drivers in 2019!
From Apple Platform Deployment
Apple for their part, deprecated kernel space drivers in 2019 and will stop signing them at the end of 2024 (IIRC). Folks can give Apple all the crap they want about these kinds of practices and bemoan "planned obsolescence" but they've managed to keep things moving forward without being weighed down by past baggage. In 2019, 32-bit also went away with macOS Catalina, which is admittedly sad for all the great 32-bit Steam games but that's what VMs are for and it also frees them from the year 2038 problem coming down the road for 32 bit systems.
So let's hear it for Apple who had the foresight (and "tough love") to get rid of floppies in 1998 with the iMac (to much nostalgic ire) and to deprecate the use of kernel space drivers in 2019!
From Apple Platform Deployment
System and kernel extensions in macOS
Last edited:
I bet Windows 11 is fine in the corporate/enterprise environment. I first used Windows 10 as Enterprise configured by my work's IT. It was fine. Didn't love the UI but got used to it.
Then later tried using the Home/Professional (sic) version so I could run Windows software at home and I was appalled.
I think it was misleading to say that "only 8,000,000" were affected.
What about every client machine that was trying to get information from those machines, every airline computer terminal, every hospital terminal, every EFTPOS machine, every employee's computer, etc, etc, etc?????
I don't care if my computer isn't directly affected, if I can't work because I can't access business or client information, then I am affected also.
My feeling (as accurate or otherwise as that may be) is that the real figure is in the billions of affected devices.
What about every client machine that was trying to get information from those machines, every airline computer terminal, every hospital terminal, every EFTPOS machine, every employee's computer, etc, etc, etc?????
I don't care if my computer isn't directly affected, if I can't work because I can't access business or client information, then I am affected also.
My feeling (as accurate or otherwise as that may be) is that the real figure is in the billions of affected devices.
8 million is a typical deflect to make it sound less impactful... and yet even 8000000 is a huge number.
Wonder how many of those 8000000 customers are reviewing their purchases and cancelling?
You’re correct. Plus. Home editions are trash, it’s used to meet a price point. Always go professional. I’ve never had any intrusive advertisements in the start menu or any stability issues. It’s rock solid easily on par with MacOS these days.
I tried both Home and Professional before rolling back the whole thing. It seemed like starting with Windows 10, the bigger jump is between Professional and Enterprise. I recall Windows 7 Pro as being clean as far as junk while I recall even Windows 10 Pro was full of adware and wasn't even going to let me login without a MS account. However it's been several years...
I meant enterprise, the one allowing for AD binding. I see they have stratified even further with the offerings- I haven’t looked at the consumer market in quite some time. Basically, just run the version of windows that companies do, preferably an LTS version.
Apple is slowly but surely ceding the high ground though. So busy chasing shiny and new they’ve all but neglected bug fixes- and the settings app on my MacBook Pro, to steal a turn of phrase, is hot garbage.
Pro also allows for AD binding. I use Pro on all my machines and can't say I've had too many issues with it either serving up tons of ads or forcing me to use a Microsoft account.
Outside of the marketing department, Macs are almost always the poorest choice for business users. The crowd here likes to say "well everything is web-based, so a Mac would work just fine", ignoring the fact that that also means that the same could be done with a Chromebook or any given Linux desktop distribution. In pretty much every case, the Linux machine will be more secure, easier to manage, and use less expensive and more reliable hardware than the Apple machine.
Yes, it is quite funny when you have a typical Mac user and make them enterprise ready with a secure build. At a scale-up, I was part off we were ISO27001 certified and cyber essentials plus. I'm a big fan myself, and prefer to utilise my MBP. But as good as any of our customers were enterprise users, and we decided that when the organisation provides laptops it will be Windows-based. We weren't meant either, everyone got a choice of a well configured Dell XPS machine in the size they want, and within reason the spec they require for their job. Mine was an XPS 15 with 64 GB RAM, 2 TB SDD. And for developers, including myself, I created an automatic build that included WSL.
But we allowed for BYOD as well, as long as it fits within our certifications. Initially, a self declaration through an acceptable use policy, but with some sample checks they clear said yes, but did something else. Mac users were the worst, going from “huh how do I do that” to “I don't want to do that, it is not necessary”. But nope, no encrypted hard drives, login with locally privileged accounts, local machine passwords way too short, users within the sudo group, no antivirus installed, software not kept up-to-date, unlicensed software galore. Not utilising separate browser profiles for corporate work. You name it, we have seen it all.
So I had to get stricter to protect the organisation, and make BYOD machines to become part of a managed estate so we only allowed access to well configured machines. And then still you don't have the same kind of controls as you have on a PC so services were restricted for those users. And then I haven't even started to elaborate on the mess that is the Apple Business App store, that is really not fun to deploy and update software through that.
Or even worse, mobile phones. Especially the android generic brands. The number of times that services were blocked because they were out of date (i.e. exceeding n-2, more than two versions behind) and either there was no security update available, or with a number of phones (caused some head scratching) the phone displayed a current version, but when you look at the packages they weren't updated; yes Huawei that is bad practice. I felt for those users as they tried, but some had their eyes opened.
Nope, I love using my Mac. I know how to configure it securely and compliant with as good as any standard, but in an enterprise environment a Windows PC is much easier, more consistent, and much more cost-effective to manage, deploy, and secure. And yes, I know the irony of that in the context of this event 🤣 But it still holds true.
Thank you for sharing your experience.
Crowdstrike had a similar issue with Linux, but nobody talked about it https://www.neowin.net/news/crowdstrike-broke-debian-and-rocky-linux-months-ago-but-no-one-noticed/ because it isn't Microsoft.
But we now, there is a good reason if a$$le is referenced as a "cult" (and there is a famous website called in that way) because one of the main rule of a cult is to get rid of analysis skill and replace them with "you will have only one brand".
Anyway, thank you again for your contribution.
Well, well, well. That's what you get for using Winblows.
Apparently this is the EU's fault and Microsoft says "Oh well". W....T....F
appleinsider.com
Microsoft blames European Commission for global CrowdStrike catastrophe
The worldwide outage of Windows PCs was because of European Commission demands, says Microsoft, and we should get used to it.
appleinsider.com
Good. Bury these EU idiots. They created the mess, so let them deal with it.Apparently this is the EU's fault and Microsoft says "Oh well". W....T....F
Microsoft blames European Commission for global CrowdStrike catastrophe
The worldwide outage of Windows PCs was because of European Commission demands, says Microsoft, and we should get used to it.
Good deep explainer here on the always excellent Eclectic Light Company site on how this relates to Macs.
eclecticlight.co
Could our Macs be CrowdStruck?
What caused so many PCs running Windows to crash into the Blue Screen of Death? Could it happen to our Macs too?
eclecticlight.co
@davide_eu Yeah, truth, If every unix & linux operator shouted at the top of their DACs, it wouldn't get covered in popular press. Popular means Windows. No mass anxiety means no engagement means no ad revenue means no coverage.
Meanwhile, Apple doesn't get to sit at the grownup enterprise table because their current ideology, and resultant product lines, including IOS, are inimical to enterprise admin (like they're proud of that). Plus Apple users' culty b.s. makes IT admins tired, even the few Apple enterprise admins, honestly.
This time isn't even Microsoft's fault, directly, but blaming their weaknesses on the EU, and on "We're not Apple", is petty, ignorant, superficial Gen-Z hogwash. Even if Microsoft isn't allowed to interfere with third-party wtfery, CUSTOMER ITSM's certainly can. If not out-of-box, then in AD GPOs, or in local policy objects, or in Crowdstrike policies, or even firewalls. Even then, the ITSM should have a netboot or PXE backplane ready to perform recovery actions.
This particular Crowdstrike hornswaggle happened one ridiculous way; Crowdstrike owns the root cause and at least they're not passing blame. Nonetheless, ITSMs own the business outcomes, and there were half a dozen ways ITSMs could have prevented or mitigated the damage.
Unguarded, autonomous Auto-Update is a choice - quite simply, an abdication of ITSM responsibilities. Prod should simply never be subject to auto-updates from external vendor or internal developers - even if you organization mandates rapid response to zero-day threats. Rapid response doesn't mean allowing your infrastructure to get bitraped by a vendor.
Four decades into the modern distributed computing, hub and spoke client server IT Industrial shell game, ITSM's should be benefiting from lessons learned, no longer BEING THE BAD EXAMPLE. One of the lessons might be "Don't skimp on an ITSM Security Team." Bureaucrats forget that real IT Security is far more involved than churning out b.s. compliance reports and b.s. "Five 9's" uptime statistics.
Meanwhile, Apple doesn't get to sit at the grownup enterprise table because their current ideology, and resultant product lines, including IOS, are inimical to enterprise admin (like they're proud of that). Plus Apple users' culty b.s. makes IT admins tired, even the few Apple enterprise admins, honestly.
This time isn't even Microsoft's fault, directly, but blaming their weaknesses on the EU, and on "We're not Apple", is petty, ignorant, superficial Gen-Z hogwash. Even if Microsoft isn't allowed to interfere with third-party wtfery, CUSTOMER ITSM's certainly can. If not out-of-box, then in AD GPOs, or in local policy objects, or in Crowdstrike policies, or even firewalls. Even then, the ITSM should have a netboot or PXE backplane ready to perform recovery actions.
This particular Crowdstrike hornswaggle happened one ridiculous way; Crowdstrike owns the root cause and at least they're not passing blame. Nonetheless, ITSMs own the business outcomes, and there were half a dozen ways ITSMs could have prevented or mitigated the damage.
Unguarded, autonomous Auto-Update is a choice - quite simply, an abdication of ITSM responsibilities. Prod should simply never be subject to auto-updates from external vendor or internal developers - even if you organization mandates rapid response to zero-day threats. Rapid response doesn't mean allowing your infrastructure to get bitraped by a vendor.
Four decades into the modern distributed computing, hub and spoke client server IT Industrial shell game, ITSM's should be benefiting from lessons learned, no longer BEING THE BAD EXAMPLE. One of the lessons might be "Don't skimp on an ITSM Security Team." Bureaucrats forget that real IT Security is far more involved than churning out b.s. compliance reports and b.s. "Five 9's" uptime statistics.