this post was submitted on 29 Oct 2024
212 points (98.6% liked)
Technology
59415 readers
2879 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Why would the TSA have anything to do with Delta’s IT operations?
Guess that’s why.
That's some serious scope creep there by TSA. I'm quite sure that airlines' business continuity is wholly unrelated to transportation security.
Travelers were definitely securely on the ground. Upset, but secure.
So CrowStrikes strategy is "you installed CrowStrike while TSA told you not to install it, as was clearly proven by us taking down your network, so we're not at fault"?
I think it's pretty reasonable for a company as big as delta to wait a little bit to see how a patch rolls out before upgrading.
Hackers are less of a threat than Microsoft's attempts at protecting us from hackers
Honestly agreed, I think it's reasonable for a company as big as Delta to have a functioning continuity plan, the fact that it took them over 5 days to come back online is Unforgivable for a service that is detrimental to society like a transportation service.
Personally speaking I think that the 500 million lawsuit should be thrown out exclusively on that. It is Delta's inability to properly manage their company's IT services that exclusively cause this.
I'm not down playing crowdstrike here, what they did is unforgivable as well because how they manage their software completely bypassed all channels that are meant to prevent shit like this from happening, but every other system was online within two days if that, because they had proper failsafes in place to minimize damages and regain operational status.
But ultimately, crowd strikes mess up was obviously an error on their end, where Delta not having a proper procedure in place is obviously intentional as having a Disaster Recovery where you lose most of your infrastructure has been IT management 101 for years now.
Being said, I do not agree that crowdstrike should be allowed to operate in the level that it was allowed to in the first place, and I definitely Embrace Microsoft's decision to start heading towards locking out access to ring 0 in favor of ring 1 and ring 2. With this decision I'm wondering if intel is going to revise their plans for the new x86S framework to not have ring 1 and 2 and only have 0 and 3