Microsoft Blames European Commission for Major Worldwide Outage

[Kingcoherent]

This thread is going to be good

Yup. And should definitely be in politics to avoid the ********.

This is down to MS and Crowdstrike, and them alone. Typical big business trying to blame someone other than themselves.

For the lols the EU should hit them with a mega fine for all the damage they did (although it's not clear what law they'd use).

 

[Bokito]

Because their own security software needs kernel-access (something that’s bad practice nowadays), everyone and everything can still get kernel-access. It’s not just security software. The Denuvo DRM can also run in Kernel mode for example. Microsoft should fix this today rather than tomorrow and not blame the EU, because their own anti-virus shouldn’t need kernel-level access either.

 

[KoolAid-Drink]

In macOS Catalina, which came out in 2020

Actually, Catalina was released in 2019. Big Sur was the macOS version that came out in 2020.

 

[Kingcoherent]

Basically, Windows allows kernel extensions because Windows Defender uses a kernel extension. They leave this capability open to other developers because Microsoft has an effective monopoly on desktop and does not want the appearance of pushing out antivirus developers.

CrowdStrike made a silly error and broke their kernel extension, breaking Windows in the process. This didn't effect MacOS or Linux because those systems don't allow kernel extensions to begin with.

Why does Windows Defender need top use a kernel extension? Perhaps it's because Windows is such friggin' dumpster fire in the first place!

 

[lkrupp]

Do you have a reference for this? Or is it hear say?

After watching the excellent video provided by user Xioa_Xi I must modify my statement. It does appear this is all on CrowdStrike for the way they have chosen to install their code universally, not just in the EU. The video clearly explains what CrowdStrike did to bypass Microsoft’s testing and signing process for software that runs inside the kernel in the interest of acting quickly to confront newly discovered threats. Apple doesn’t allow any third party code to run in the kernel. Microsoft is claiming they were forced to allow this because of an agreement they made with the EU.

Again, this is totally on CrowdStrike and everyone here should watch the video in its entirety.

 

[Kingcoherent]

The big problem with much of this sort of regulation is that it starts well meaning (and usually well guided by expert opinion). Then lawyers get their hands on it and it becomes a total mess.

Here, the sensible thing would be to tell MS that they would be held liable for vulnerabilities that could only be defended by their own software that then required kernel access. Fix the OS! Don't hawk rubbish on customers and then charge them extra for a half baked solution to it.

 

[Ghengis LeMond]

The real reason the Mac ecosystem and assorted OS’s are not meaningful in this conversation is because they do not run anything in this world of consequence.

 

[Plutonius]

That’s a reach, Microsoft. The EU has no problem with security, just anti-competitive behaviour. The two are not equivalent.

Microsoft was forced by the EU to give kernel access to security programs to prevent anti-competitive behavior although Microsoft can be blamed for deciding to give kernel access as an easy fix.

There were many at fault including Microsoft but it's not a reach to include the EU. Weakening the operating system in the name of anti competitiveness was a bureaucratic bad move.

All governments should stay out of the operating systems.

 

[cocky jeremy]

Because I think the (current) tech industry is a plague on the economy and society and I'm actively hostile to it.

Then boycott it and stop using tech.

 

[cocky jeremy]

Lack of sideloading is one of the many reasons why I have no interest in iOS.

Yet, here you are.

 

[mozumder]

Why does Microsoft need to run its own security software in privileged mode?

 

[surfzen21]

This is what happens when you bow down to the EU morons.

 

[MacGod]

I don't agree with MS on much but the EU has overstepped their authority and by pushing for this change, they have allowed this to occur. The system space should be protected, 100% - I am sure there are justifications 'why' a security company would want kernel access, but it is inherently a bad practice for the stability of a system.

MS should sue the EU and reclaim the kernel space to be protect our infrastructure. otherwise, this will happen again.

 

[ThomasJL]

Apple's OS is more reliable than Microsoft's OS, but that's not because of Tim Cook—it's because of the foundation that Steve Jobs laid. Cook is actually trying to take Apple in the direction of Microsoft by copying major aspects of Microsoft. For example, Cook threw away over three decades of Apple's pioneering R&D into the most user-friendly GUI based on skeuomorphic design in order to replace it with Microsoft-pioneered flat design.

 

[mozumder]

Exactly this. This is a Crowdstrike problem.

79% of PC's run Windows in China vs 62.5% in the U.S. and yet China was minimally impacted by the outage.

Why? Because China doesn't use Crowdstrike

Crowdstrike: How China swerved worst of global tech meltdown

Very few organisations will buy software from the US firm, partly thanks to its criticism of Beijing.

www.bbc.com

While most of the world was grappling with the blue screen of death on Friday, one country that managed to escape largely unscathed was China.

The reason is actually quite simple: CrowdStrike is hardly used there.

Additionally, China is not as reliant on Microsoft as the rest of the world. Domestic companies such as Alibaba, Tencent and Huawei are the dominant cloud providers.

So reports of outages in China, when they did come, were mainly at foreign firms or organisations. On Chinese social media sites, for example, some users complained they were not able to check into international chain hotels such as Sheraton, Marriott and Hyatt in Chinese cities.

This is not a CrowdStrike problem.

This is a Microsoft problem. In particular, it's Microsoft's bad OS Kernel design that causes them to need security software in the first place.

A good Operating System does not need Kernel-level security software.

Kernel-level security software exists because Microsoft decided to allow outside vendors write kernel-level code, opening up security holes, thus necessitating kernel-level security software.

Had they told outside vendors that any kernel-level drivers will be banned, they wouldn't have been in this mess.

Blame Microsoft, not anyone else.

 

[neuropsychguy]

MacRumors's headline is misleading. If you read the WSJ article, Microsoft is not blaming the EU. All the spokesperson is reported as saying is the EU's regulation was a factor (different words were used, but we can safely infer that from the statement). There's nothing inaccurate about that. It doesn't take responsibility away from CrowdStrike (which Microsoft has been blaming) or from Microsoft either (although Microsoft will certainly like to minimize or deny any responsibility).

 

[WarmWinterHat]

Then boycott it and stop using tech.

Obviously, I can't do that, but what I can do is rail against an industry that has turned to personal data into a commodity and is algorithmically destroying society for profit.

 

[spazzcat]

I don't agree with MS on much but the EU has overstepped their authority and by pushing for this change, they have allowed this to occur. The system space should be protected, 100% - I am sure there are justifications 'why' a security company would want kernel access, but it is inherently a bad practice for the stability of a system.

MS should sue the EU and reclaim the kernel space to be protect our infrastructure. otherwise, this will happen again.

I think it funny people refuse to acknowledge the EU or any government for that matter has no idea the complexities of technology and they really should be consulting with the technology companies to create policy and not dictating how they should operate their businesses.

 

[danskin]

Sideloading on iOS shouldn't be any different than sideloading on macOS

And since macOS doesn't have the same kernel access vulnerability as Windows because...

"The Falcon software was not able to wreak similar havoc on Macs because Apple does not give software makers kernel access."

iOS wouldn't have the same kernel access vulnerability either.

So the EU will make macOS open kernel access.......

 

[dannyyankou]

Seriously? The worst excuse ever. How about test the update before you push it out?

 

[Kingcoherent]

MacRumors's headline is misleading. If you read the WSJ article, Microsoft is not blaming the EU. All the spokesperson is reported as saying is the EU's regulation was a factor. There's nothing inaccurate about that. It doesn't take responsibility away from CrowdStrike (which Microsoft has been blaming) or from Microsoft either, it is simply pointing out a factor.

tbh I doubt most people will properly read the Macrumors summary of the WSJ article before shouting and screaming their own opinion.

 

[mozumder]

The real reason the Mac ecosystem and assorted OS’s are not meaningful in this conversation is because they do not run anything in this world of consequence.

Sadly true.

 

[JeanApple2010]

Last Friday, a major CrowdStrike outage impacted PCs running Microsoft Windows, causing worldwide issues affecting airlines, retailers, banks, hospitals, rail networks, and more. Computers were stuck in continuous recovery loops, rendering them unusable.

The failure was caused by an update to the CrowdStrike Falcon antivirus software that auto-installed on Windows 10 PCs, but Mac and Linux machines were not affected even though they received the same software. A report from The Wall Street Journal delves into what happened and includes some critical information from Microsoft on why Macs did not get taken out by the update.

On Windows machines, CrowdStrike's Falcon security software is a kernel module, which gives the software full access to a PC. The kernel manages memory, processes, files, and devices, and it's basically the heart of the operating system. Much of the software on a PC is typically limited to user mode, where bad code can't cause harm, but software with kernel mode access can cause catastrophic total machine failures, like what was encountered last week.

The Falcon software was not able to wreak similar havoc on Macs because Apple does not give software makers kernel access. In macOS Catalina, which came out in 2019, Apple deprecated kernel extensions and transitioned to system extensions that run in a user space instead of at a kernel level. The change made Macs more stable and more secure, adding protection against unstable software updates like the one CrowdStrike pushed out. It is not possible for Macs to have a similar failure because of the change that Apple made.

In a statement to The Wall Street Journal, Microsoft blamed the European Commission for an inability to offer the same protections that Macs have. Microsoft said that it is unable to wall off its operating system because of an "understanding" with the European Commission. Back in 2009, Microsoft agreed to interoperability rules that provide third-party security apps with the same level of access to Windows that Microsoft gets. Microsoft agreed to provide kernel access in order to resolve multiple longstanding competition law issues in Europe.

Apple has not been forced to make changes to how Macs work, but the European Commission has been targeting the closed nature of iOS, and Apple has warned that the updates that have already been implemented could lead to security risks in the future. The European Union's Digital Markets Act has pushed Apple to allow developers to offer apps through third-party marketplaces and websites. Apple says explicitly that the DMA compromises its ability to "detect, prevent, and take action against malicious apps."

The major CrowdStrike failure that affected Windows PCs highlights some of the unintended consequences and the tradeoffs inherent in legislation that weakens security in the name of open access. CrowdStrike's simple software update impacted global infrastructure, bringing travel, commerce, and healthcare to a standstill.

Microsoft does not seem to have a way to stop a recurrence because it can't cut off kernel access. The company says that significant incidents "are infrequent" and that less than one percent of all Windows machines were impacted. CrowdStrike says that it is "deeply sorry for the inconvenience and disruption," and that in the future, it will share the steps that it is taking to prevent a similar situation.

Article Link: Microsoft Blames European Commission for Major Worldwide Outage

This is cause Microsoft is a cheap and badly run company. Speaking as a former Microsoft employee, embarrassed to say so, Microsoft will make every excuse in the book so they don't have to spend money even if it risks windows security. Now if there was money to be made by closing up the kernel they will do it but not otherwise.

They can close down kernel access just like it is in MacOS but they don't want to put in the work. They don't want to provide endpoint security cause there's little to no money in it. Microsoft is a cheap company and badly mismanaged. The only reason they are in the top 5 most valuable companies is because so many legacy apps run only on windows. That will change as proton and wine can run these apps, hopefully smart IT Dept move to MacOS and Linux.

 

[sw1tcher]

Lack of sideloading is one of the many reasons why I have no interest in iOS.

Yet, here you are.

Did I accidentally visit iOS_Rumors when I was looking for MacRumors?

 

[vgmrm]

Microsoft has always been a bungler who left the system key under the doormat, but it was the cha-cha-cha's responsibility.