[Wool2662]

No, you cannot be resilient against a company directly injecting stuff into their software without user input.

There is zero complexity here. CrowdStrike accepted money for security services and offered a client. Then they didn't bother to test their stuff and literally caused the biggest IT outage in history to save a few bucks. They literally have a CEO with a history of not caring.

If you offer your stuff for use in critical infrastructure you cannot do stuff like that. This company needs to be sued into bankruptcy. This was plain bad engineering. If the same happened with a bridge, and it collapsed no one would even hesitate to lay blame on the engineering company/architects. You have a choice if you want to drive over a bridge or not, but when it collapses and you are on there I doubt you'll think I have to accept the consequences of my choices on your way down

[Daviey]

Delta had a 6 day recovery time, why were other airlines able to recovery faster?

Perhaps Delta had a shittier recovery plan.

[tivert]

> Delta had a 6 day recovery time, why were other airlines able to recovery faster?

> Perhaps Delta had a shittier recovery plan.

Or Delta has shittier software. News articles kept mentioning Delta's crew scheduling system couldn't keep up with its backlog after it was brought back online, and I take that to be the reason they had to cancel flights for so long.

If true, that's not Crowdstrike's fault, it's Delta's for not investing enough in their own mission-critical systems to make them resilient after an outage.

[prmoustache]

> No, you cannot be resilient against a company directly injecting stuff into their software without user input.

Well, if you as a customer decide to install said trojan software on all your IT equipments, you should be ready to have to recover all those IT equipment at any point in time. That is that simple. If you can't do that in a reasonnable time, that is on you as well.

[Ukv]

> You have a choice if you want to drive over a bridge or not, but when it collapses and you are on there I doubt you'll think I have to accept the consequences of my choices on your way down

I don't think it's unreasonable to hold a company with $60 billion annual revenue, and millions of customers to be affected by any faults, more responsible for inspecting the infrastructure they choose and having contingency plans in place than an individual with little means to realistically do that. Particuarly when, as you note, there was a history of not caring to save a few bucks.

If not CrowdStrike, it seems as though something like a ransomware attack could've caused the same situation.

[SAI_Peregrinus]

CrowdStrike are responsible for causing the initial damage.

Delta are responsible for not having good disaster recovery systems, and for purchasing CrowdStrike's software.

It's worth checking for any warranty disclaimers, particularly disclaimers of the implied warranty of fitness for a particular purpose. If they exist, the software shouldn't be purchased. While the licenses to enterprises are private, their website's license explicitly disclaims such things as them installing viruses on your computer:

> AS BETWEEN YOU AND CROWDSTRIKE, YOUR USE OF THE WEBSITE IS AT YOUR OWN RISK. THE WEBSITE IS PROVIDED TO YOU BY CROWDSTRIKE ON AN "AS IS" AND "AS AVAILABLE" BASIS, WITHOUT ANY WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED. NEITHER CROWDSTRIKE NOR ANY PERSON ASSOCIATED WITH CROWDSTRIKE MAKES ANY WARRANTY OR REPRESENTATION WITH RESPECT TO THE COMPLETENESS, SECURITY, RELIABILITY, QUALITY, SUITABILITY, ACCURACY OR AVAILABILITY OF THE WEBSITE. WITHOUT LIMITING THE FOREGOING, NEITHER CROWDSTRIKE NOR ANYONE ASSOCIATED WITH CROWDSTRIKE REPRESENTS OR WARRANTS THAT THE WEBSITE, INCLUDING THE WEBSITE CONTENT OR ANY PRODUCTS, SERVICES OR MATERIALS OBTAINED THROUGH THE WEBSITE, WILL BE ACCURATE, RELIABLE, ERROR‑FREE OR UNINTERRUPTED, THAT DEFECTS WILL BE CORRECTED, THAT OUR SITE OR THE SERVER THAT MAKES IT AVAILABLE ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS OR THAT THE WEBSITE OR ANY SERVICES OR ITEMS OBTAINED THROUGH THE WEBSITE WILL OTHERWISE MEET YOUR NEEDS OR EXPECTATIONS.

If your AV software's publicly facing website needs to disclaim liability for "viruses or other harmful components" that their site may serve up, you really ought to think twice about giving them money. After all, if it were a useful anti-virus then they wouldn't need to worry about people getting viruses from their own site, they'd just use their own product.

[rowanG077]

You definitely can be resistant to a company directly injecting stuff into their software: don't make it company policy to install malware on all machines. Crowdstrike is a shit company. But the companies affected really have no else to blame but themselves for such idiotic IT.