Replying to Avatar Dr. Hax

I'm surprised I'm not seeing anyone commenting on the demonstrable risk posed by #centralization in the form of #homogenous #software.

With the #market continuing to consolidate to a small number of dominate players, the impact of mistakes grows.

And if an accidental null pointer exception in one product can ground most flights in the US... just imagine what an intentional #cyberattack could do.
Avatar
Nice and Kind Vic 1y ago

This was the topic of discussion i had earlier today in meatspace. Fairly huge risk and widespread. I dont know whats true and whats conjecture but reportedly affected

- airlines

- gas stations

- hospitals

- hotels like marriott

- banks

- various retail

- fedex

- some 911 systems

thats a vast net and what concerns me here is a failure in testing not only by crowdstrike, but also all these corps just blindly trusting anything from a vendor.

Reply to this note

Please Login to reply.

Discussion

Avatar
Dr. Hax 1y ago

I've done security testing for large banks and I can say that they do testing before rolling out updates. Even security updates from Microsoft are not pushed out without testing.

I would be surprised if they were affected.

And if they were, I'd be very interested in knowing how it got by them. It's possible they can't run their own update server like they do with Windows updates, or that they made an exception for security software updates (a policy they'd undoubtedly be reconsidering right now).

The only thing I can say for sure is that they do think about this and have processes and teams of people to mitigate it.

Avatar
Matt 1y ago

Can confirm hospitals. We were in the dark ages.