Several people who received the CrowdStrike offer found that the gift card didn't work, while others got an error saying the voucher had been canceled.
This is a typical mail a phishing campaign would send out, and we have already said to people "never believe this kind of messages. They are all fake.
Now, if a genuine company sends out mails with a genuine gift-cards (what the article on techcrunch seems to indicate) … this is NOT helpfull at all!!!
And that comming from a cybersecurity company (rolling-eyes)
Buy a $10 Xbox gift card and send us the code so that we can activate it. Then you get back to the shop and get $20 in cash - $10 for returning the card and $10 from us. We’ll pay the tax, too.
No. They will just use the $10 card and leave. They will prey on the fact that “get a gift card for your computer troubles” is something a legitimate company has done.
They are going to get sued for billions and this little stunt isn’t going to change that. Should have implemented proper software testing before you took ever corporate computer in the world, but companies like this always force their developers to rush instead of do the right thing and when it bites them expect that things will carry on as normal. I can’t see many renewals in their future.
Not even that. Kernel drivers are supposed to be Microsoft WHQL certified through a thorough testing process (that would have caught it in 3 minutes) before Microsoft will cryptographically sign them.
…but apparently Microsoft allows AV vendors to skip WHQL certification testing.
…sorta. The complexity here is their driver is signed, but it’s also loading code from their channel file (that was all zeroed out), and it seems the necessary error checking wasn’t implemented.
I haven’t yet got to the root cause they published, this is just what I gathered from the video of a retired MS kernel dev who posts stuff.
Obviously with their design it allowed them to be flexible at the cost of playing with fire - I’m impressed they got away with it for so long, really
Thank you for the clarification. WHQL is such a pain to set up, I’m sure the AV vendors whined, “but, security! Do we have to test everything every time? That would slow an urgent 0day release!”
Yeah, there’s some limits to what they could do while maintaining pace for the 0 day stuff…
Some input validations would be the most basic things they should have done years ago. I’m aware of the hashing mature vendors do of any content they download for updates or deployments. Signature checking as well, and that’s before the code is even inspected - why don’t they include their automated tests they obviously aren’t using in the update as a sanity check client-side? (I’m not aware of anyone doing this or even if it’s possible without the rest of the IDE, stack, I’m no dev)
I expect these clowns to lose most of their market share within two years and get sued to oblivion.
My firm bills by the hour and so far I think we are at 10+ billing hours per consultant wasting time with client tech support trying to get back on our VDIs. Nevermind how much time is being wasted doing the work through work arounds. My guess is that our firm alone will bill for about $100,000 extra this month while having accomplished less than normal. I am sure Crowdstrike’s gift card will fix it though.
They’re backed by the US government. They have a backdoor into most endpoints on many international corporate computers. And CS is behodent to US laws for NSLs.
This is an incredible asset to the US intelligence community. They won’t let CS go out of business.
Why would you want another year of their software for free? This is their second screw up (apparently they sent out a bad update that affected some Debian and RHEL machines a couple years ago). I’d be transitioning to a competitor at the first opportunity. It seems they aren’t testing releases before pushing them out to customers, which is about as crazy to me as running alpha software on a production system.
I’m sure you have reasons, and this isn’t really meant to be directed at you personally, it’s just boggling to me that the IT sector as a whole hasn’t looked at this situation and collectively said “fuck that.”
Not just Crowdstrike - any vendor that does automatic updates, which is more and more each day. Microsoft too big for a bad actor to do as you describe? Nope. Anything relying on free software? Supply chain vulnerabilities are huge and well documented - its only a matter of time.
Nah, I don’t buy that. When you’re in critical infrastructure like that it’s your job to anticipate things like people being above or below versions. This isn’t the latest version of flappy bird, this is kernel level code that needs to be space station level accurate, that they’re pushing remotely to massive amounts of critical infrastructure.
I won’t say this was one guy, and I definitely don’t think it was malicious. This is just standard corporate software engineering, where deadlines are pushed to the max and QA is seen as an expense, not an investment. They’re learning the harsh realities of cutting QA processes right now, and I say good. There is zero reason a bit of this magnitude should have gone out. I mean, it was an empty file of zeroes. How did they not have any pipelines to check that file, code in the kernel itself to validate the file, or anyone put eyes on the file before pushing it.
This is a massive company wide fuckup they had, and it’s going to end up with them reporting to Congress and many, many courts on what happened.
Why would you want another year of their software for free?
Because AV, like everything else, costs a fortune at enterprise scale.
And yeah, I do understand your real point, but it’s really hard to choose good software. Every purchasing decision is a gamble and pretty much every time you choose something it’ll go bad sooner or later. (We didn’t imagine Vmware would turn into an extortion racket, for example. And we were only saying a few months ago how good value and reliable PRTG was, and they’ve just quadrupled their costs)
It doesn’t matter how much due diligence and testing you put into software, it’s really hard to choose good stuff. Crowdstrike was the choice a year ago (the Linux thing was more recent than that), and its detection methods remain world class. Do we trust it? Hell no, but if we change to something else, there are risks and costs to that too.
Maybe AV, at an enterprise scale, is actually a horrible idea that reduces security, availability, and reliability and should be abolished through policy.
Like amzn, they make sure you get minimum joy, even from a gift, because you’re going to spend a chunk of mom’s gift card balance on shipping. The “shipping included on sub total of X amount” is going to be cancelled by online retailers within a year, I’m calling it now. Are we sure that cheapstrike and amzn aren’t run by the same AI, one that self awareness drove mad?
On Wednesday, some of the people who posted about the gift card said that when they went to redeem the offer, they got an error message saying the voucher had been canceled. When TechCrunch checked the voucher, the Uber Eats page provided an error message that said the gift card “has been canceled by the issuing party and is no longer valid.”
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]
This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.
Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.
Rules:
1: All Lemmy rules apply
2: Do not post low effort posts
3: NEVER post naziped*gore stuff
4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.
5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)
6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist
7: crypto related posts, unless essential, are disallowed
This is a typical mail a phishing campaign would send out, and we have already said to people "never believe this kind of messages. They are all fake.
Now, if a genuine company sends out mails with a genuine gift-cards (what the article on techcrunch seems to indicate) … this is NOT helpfull at all!!!
And that comming from a cybersecurity company (rolling-eyes)
Buy a $10 Xbox gift card and send us the code so that we can activate it. Then you get back to the shop and get $20 in cash - $10 for returning the card and $10 from us. We’ll pay the tax, too.
Sounds like a money laundering sceme!
No. They will just use the $10 card and leave. They will prey on the fact that “get a gift card for your computer troubles” is something a legitimate company has done.
They are going to get sued for billions and this little stunt isn’t going to change that. Should have implemented proper software testing before you took ever corporate computer in the world, but companies like this always force their developers to rush instead of do the right thing and when it bites them expect that things will carry on as normal. I can’t see many renewals in their future.
Not even that. Kernel drivers are supposed to be Microsoft WHQL certified through a thorough testing process (that would have caught it in 3 minutes) before Microsoft will cryptographically sign them.
…but apparently Microsoft allows AV vendors to skip WHQL certification testing.
…sorta. The complexity here is their driver is signed, but it’s also loading code from their channel file (that was all zeroed out), and it seems the necessary error checking wasn’t implemented.
I haven’t yet got to the root cause they published, this is just what I gathered from the video of a retired MS kernel dev who posts stuff.
Obviously with their design it allowed them to be flexible at the cost of playing with fire - I’m impressed they got away with it for so long, really
Thank you for the clarification. WHQL is such a pain to set up, I’m sure the AV vendors whined, “but, security! Do we have to test everything every time? That would slow an urgent 0day release!”
Yeah, there’s some limits to what they could do while maintaining pace for the 0 day stuff…
Some input validations would be the most basic things they should have done years ago. I’m aware of the hashing mature vendors do of any content they download for updates or deployments. Signature checking as well, and that’s before the code is even inspected - why don’t they include their automated tests they obviously aren’t using in the update as a sanity check client-side? (I’m not aware of anyone doing this or even if it’s possible without the rest of the IDE, stack, I’m no dev)
Only redeemable for CrowdStrike credits and only at participating locations.*
* No locations are participating at this time.
I expect these clowns to lose most of their market share within two years and get sued to oblivion.
My firm bills by the hour and so far I think we are at 10+ billing hours per consultant wasting time with client tech support trying to get back on our VDIs. Nevermind how much time is being wasted doing the work through work arounds. My guess is that our firm alone will bill for about $100,000 extra this month while having accomplished less than normal. I am sure Crowdstrike’s gift card will fix it though.
Fine. You want two?! Will that be enough??
They’re backed by the US government. They have a backdoor into most endpoints on many international corporate computers. And CS is behodent to US laws for NSLs.
This is an incredible asset to the US intelligence community. They won’t let CS go out of business.
All they gotta do is change their company name to avoid lawsuits. Anyone got any ideas for a new name for them?.. 🤔
ClusterFuck comes to mind…
CardStrike?
ComputersOnStrike could work, I’d say
In total?
How is this not The Onion?
I lost a day’s holiday, and our team spent 8 man days on this entirely preventable mistake.
$10? Try extending our licence by another year for free, that might start going towards it.
Why would you want another year of their software for free? This is their second screw up (apparently they sent out a bad update that affected some Debian and RHEL machines a couple years ago). I’d be transitioning to a competitor at the first opportunity. It seems they aren’t testing releases before pushing them out to customers, which is about as crazy to me as running alpha software on a production system.
I’m sure you have reasons, and this isn’t really meant to be directed at you personally, it’s just boggling to me that the IT sector as a whole hasn’t looked at this situation and collectively said “fuck that.”
deleted by creator
Not just Crowdstrike - any vendor that does automatic updates, which is more and more each day. Microsoft too big for a bad actor to do as you describe? Nope. Anything relying on free software? Supply chain vulnerabilities are huge and well documented - its only a matter of time.
deleted by creator
Nah, I don’t buy that. When you’re in critical infrastructure like that it’s your job to anticipate things like people being above or below versions. This isn’t the latest version of flappy bird, this is kernel level code that needs to be space station level accurate, that they’re pushing remotely to massive amounts of critical infrastructure.
I won’t say this was one guy, and I definitely don’t think it was malicious. This is just standard corporate software engineering, where deadlines are pushed to the max and QA is seen as an expense, not an investment. They’re learning the harsh realities of cutting QA processes right now, and I say good. There is zero reason a bit of this magnitude should have gone out. I mean, it was an empty file of zeroes. How did they not have any pipelines to check that file, code in the kernel itself to validate the file, or anyone put eyes on the file before pushing it.
This is a massive company wide fuckup they had, and it’s going to end up with them reporting to Congress and many, many courts on what happened.
Even an AI is good enough to avoid (or let someone avoid) pushing a similar bug 🫣
deleted by creator
Because AV, like everything else, costs a fortune at enterprise scale.
And yeah, I do understand your real point, but it’s really hard to choose good software. Every purchasing decision is a gamble and pretty much every time you choose something it’ll go bad sooner or later. (We didn’t imagine Vmware would turn into an extortion racket, for example. And we were only saying a few months ago how good value and reliable PRTG was, and they’ve just quadrupled their costs)
It doesn’t matter how much due diligence and testing you put into software, it’s really hard to choose good stuff. Crowdstrike was the choice a year ago (the Linux thing was more recent than that), and its detection methods remain world class. Do we trust it? Hell no, but if we change to something else, there are risks and costs to that too.
Maybe AV, at an enterprise scale, is actually a horrible idea that reduces security, availability, and reliability and should be abolished through policy.
Maybe, but it’s not going to happen soon. Any malware type insurance requires effective AV on all devices, and C-levels do love their insurance.
Unfortunate reality for lot for medium to big size businesses.
$10 to Uber eats, so basically it’s covering fees only.
deleted by creator
Like amzn, they make sure you get minimum joy, even from a gift, because you’re going to spend a chunk of mom’s gift card balance on shipping. The “shipping included on sub total of X amount” is going to be cancelled by online retailers within a year, I’m calling it now. Are we sure that cheapstrike and amzn aren’t run by the same AI, one that self awareness drove mad?
[email protected]
Holy shit, they also cancelled it. Lmao
The gift card is also cursed.
The gift card caused Uber servers to BSOD
That’s bad
Gotta love some shit icing on the shit cake.
Bruh
This would be even funnier if there was exactly one $10 gift card everyone has to fight over.
Actually the code didn’t work for some
The codes are as available as a system with the Falcon sensor
After the lawsuits, it might be all they can afford
Here is nothing but we are really, really, south park sorry.