Microsoft Blames European Commission for Major Worldwide Outage

[Haiku_Oezu]

Microsoft does what their clients ask. Do you really think that Microsoft wants to continue to maintain the legacy code? If Microsoft announced that effective Jan 1 2028, Windows 12 would be a complete re-start with no support for legacy hardware and Apps can you imagine the lawsuits. As long as businesses continue to insist that Windows 11/12/13 need to support Apps built around Win 95 support this crap will continue.

Devs have adapted to new frameworks on macOS despite the market share being significantly lower

Iam pretty sure if Microsoft said “hey you guys need to use modern frameworks or we can’t guarantee your stuff will run on new versions of Windows” a good amount of devs will get on the ball

Nobody is asking Microsoft to go cold turkey and break compatibility overnight, I understand perfectly legacy software is a big deal on Windows but when NEW APPLICATIONS are developed with a framework that doesn’t even provide the correct look and feel on Windows 11 because WinUI is still pretty awful you can tell Microsoft is not even trying

This is neither here nor there with the CrowdStrike fiasco anyway, it was just a throwaway point I just had to sneak in because I’ve been using windows more recently and it just pisses me off how 80% of the native software is blinding white while using dark mode because Microsoft can’t be bothered to push modern frameworks on devs who don’t care enough to give a decent desktop experience.

I’m hearing WPF is getting Windows 11 look and feel sometimes down the line at least, I guess that’s something.

 

[e.clinton]

Sure, it’s their fault. Not the fault of CrowdStrike. Another example of companies trusting large vendors with their security and putting all their eggs in one basket. Just another fiasco like solar winds.

It's not CrowdStrike's fault... or the EU.. or Microsoft. It's the IT Admin that agree to have updates deployed by a 3rd party to their most critical systems with zero validation on their part. I expect all of those heads to roll. Zero excuse for that, just incompetence.

 

[bsolar]

There is a special place in hell for those EU politicians who forced that BS on, a special place.

As there is one for all those consumers that didn't recycle properly and prompted that BS from happening in the first place.

 

[breenmask]

You linked two posts that say you can’t access the Kernal on iOS or Mac, even via sideloading. What makes you think you can?

Thanks. You've proven that you clearly misunderstood the point.

We couldn't sideload before, but now we can due to EU laws.

Now apply that same step process in the future with accessing the kernels.

I'm done.

 

[breenmask]

Among the hundreds of anti-EU comments I've read on this site, this is one of the ones that make less sense

It's really not my problem if it doesn't make sense to you. Can't really make it clearer.

Onwards.

 

[breenmask]

Did I? All I do Is stating the “pick a side” phenomenon.

clearly you did pick a side and defended it to no end in the rest of that post.

 

[breenmask]

Yes, you're right, EU is responsible for dirty coding.

I don't think you read the article.

 

[Jamie0003]

Thanks. You've proven that you clearly misunderstood the point.

We couldn't sideload before, but now we can due to EU laws.

Now apply that same step process in the future with accessing the kernels.

I'm done.

I think it’s you who’s misinformed. Sideloading doesn’t suddenly allow users access to the kernel. You’re still restricted by apples software, it’s not a jailbreak lol

 

[bsolar]

Now apply that same step process in the future with accessing the kernels.

I'm quite sure it's already the case, no need to do any further step in the future.

The regulation is about third-party competitors being allowed the same access to OS features as the first-party gives to their own products.

This means if e.g. Apple Music were able to operate in kernel space on iOS, Apple might be already required to allow the same to e.g. Spotify.

The underlying rule is the same, but the consequences are very different depending on which competing products a first-party decides to offer and how they implement them.

 

[cicalinarrot]

It's really not my problem if it doesn't make sense to you. Can't really make it clearer.

Onwards.

Well, I explained why it doesn't, you may try to reply to that. Or not. Have a good day.

 

[cyb3rdud3]

It's really not my problem if it doesn't make sense to you. Can't really make it clearer.

Onwards.

You didn't make anything clear, just an irrelevant anti-eu comment in the context of this thread. It has been explained many a time what actually happened here, and what the role of the EU is. It is just not relevant.

 

[Mrkevinfinnerty]

This wouldn't have happened had regulators let Microsoft use their market power to nullify competition for decades

 

[ender78]

It's not CrowdStrike's fault... or the EU.. or Microsoft. It's the IT Admin that agree to have updates deployed by a 3rd party to their most critical systems with zero validation on their part. I expect all of those heads to roll. Zero excuse for that, just incompetence.

The threats are real and immediate. The expectation is that you roll that security update immediately. They pay a kings ransom for that protection. The same admin you want to fire for pushing the update immediately is the same admin that would be raked over the coals for doing the opposite and waiting to push the patch for an exploit. Zero sum game; lose lose .

 

[Nuno Lopes]

Why blame the EU and not CrowdStrike?

Microsoft is just stating ... "This would never happen with Microsoft Defender".

 

[bsolar]

The same admin you want to fire for pushing the update immediately is the same admin that would be raked over the coals for doing the opposite and waiting to push the patch for an exploit. Zero sum game; lose lose .

"Pushing an update" still needs to be done through a process designed to prevent issues to land in production.

Here my understanding is that the process was lacking proper testing of the actual deployed artifacts, which is a pretty glaring omission if true.

 

[bsolar]

Why blame the EU and not CrowdStrike?

Microsoft is just stating ... "This would never happened with Microsoft Defender".

Because Microsoft wants to be subject to less regulation, so they are placing the blame where it supports their anti-regulation narrative instead of blaming their own reliance of kernel-level access in Defender (which opens the door to all other third-parties) or the failures of the deployment process of CrowdStrike.

 

[ipaqrat]

now imagine CrowdStrike on iOS via side loading thanks to EU.

what a cluster*** the EU is

We don't need to imagine, and it doesn't need to be side-loaded. Crowdwsrike's iOS agent is full app-store, runs locally on-device. I'm no programmer, but I bet it ain't kernel mode code. iOS is tight in all the ways Apple wet-dreams of doing to the Mac.

 

[ipaqrat]

Because Microsoft wants to be subject to less regulation, so they are placing the blame where it supports their anti-regulation narrative instead of blaming their own reliance of kernel-level access in Defender (which opens the door to all other third-parties) or the failures of the deployment process of CrowdStrike.

Why blame the EU and not CrowdStrike?

Microsoft is just stating ... "This would never happened with Microsoft Defender".

Yeah, blaming the EU is weak. This wasn't even Microsoft's direct fault, this time. They borked spin control, allowing themselves to be drawn into the debate. Every time someone blames the EU, it raises the question of how exactly they're still borking rest-of-world.

After all this yammering on, I've read only one article - so far - pointing out that ITSM customers also bear a degree of responsibility for the business outcomes. Like my organization, I'm sure there are numerous other ITSM's that mitigate this kind of risk by LAB TESTING EVERYTHING. Failure to test, regardless of the vendor or perceived urgency, should be a career ending injury. Delta's CIO seriously needs a rethink - they obviously have severe problems underlying this particular incident.

That's one aspect Microsoft could offer as constructive advice, instead of blaming the EU. After all, Microsoft themselves sells their own Service Manager product based on their own Microsoft Operations Framework publications. I checked again, and nowhere does it say "Allow the former McAfee cowboy, somehow still employed after the last time his trusted security product bit-raped the world's IT infrastructure, to autonomously install code in prod." Nowhere.

 

[Shirasaki]

clearly you did pick a side and defended it to no end in the rest of that post.

Ok I traced back and it appears that I did pick a side to suggest those complaining to petition to EU. So what’s the issue? I’m not gonna defend my action of picking a side For I’m not feeling shameful about doing so.

 

[AppliedMicro]

Off-topic…

Stay great.

Prime example of useless EU overregulation.

Depending on how much you value proper recycling, that cap design is great. It's less convenient too for sure, but that's a consequence of proper behaviour not happening otherwise.

Plastic cotton buds, drink stirrers, even straws - I can get that (though particularly for the straws I haven’t come across a good substitute). But the bottle caps are nonsense.

The funny thing is that I only recently just realised what that design was for (through these forums). Prior to this, I was always irritated by how difficult it seemed to get the cap off, and simply exerted extra force to twist it off.

Exactly. And the “funny“ (though not so funny from an environmental perspective) thing is that it still can be pryed off with relative ease - while using more plastic material than untethered caps.

 

[cyb3rdud3]

Update from CrowdStrike https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/

They don't seem to blame the EU

 

[breenmask]

I'm quite sure it's already the case, no need to do any further step in the future.

We've already established kernel cannot be accessed by third party apps today.

 

[bsolar]

Plastic cotton buds, drink stirrers, even straws - I can get that (though particularly for the straws I haven’t come across a good substitute). But the bottle caps are nonsense.

I actually consider the straws to be the more questionable as they actually require very little plastic and there is no good substitute material.

 

[breenmask]

You didn't make anything clear,

I was actually quite clear. Again, not my problem if it did not make sense to you. It's objectively clear.

Onwards.

 

[breenmask]

Ok I traced back and it appears that I did pick a side to suggest those complaining to petition to EU. So what’s the issue?

I simply made an observation, there isn't an issue.