Microsoft’s biggest ever outage, caused by Crowdstrike 2024-07-19

Today our planet is suffering what appears to be Microsoft’s biggest ever outage. Seems the culprit is a piece of buggy “security” software provided by a company called Crowdstrike. Or is that Clownstrike? It sends Microsoft Windows computers into a never-ending boot loop, from which users cannot escape, without going into “safe mode” and removing the faulty software. There’s already plenty of press coverage and speculation regarding the mayhem this has caused already. Ditto the fact this fiasco is far from over yet. So I won’t go over that all again here. However, I was somewhat amused by a quote from ClownStrike CEO George Kurtz in the UK’s Daily Mirror. Obviously this is a man with a bizarre sense of irony…

It is our mission to make sure that every customer is fully recovered and we’re not going to relent until we get every customer back to where they were and we’ll continue to protect them and keep the bad guys out of their systems.

Bad guys?

Well, I’ve kept the bad guys out of all the systems for which I am responsible for seventeen years, and it has not cost me a penny. How, you may ask? Simple. I dumped Microsoft entirely back in 2007 following its infamous Vista cock-up. Moreover, I have never regretted it – not even for a split-second. Which means we don’t need Clownstrike’s rotten anti-fungus software either. Consequently, we have no “bad guys” here. 🙂

Granted, I was quite immersed in the Microsoft mire for a while, starting with Windows 3.0 in the late 1980s. By the early 1990’s I was teaching Windows applications. I even wrote a few VisualBasic database applications for customers. After a few mild flirtations with various GNU/Linux flavours in the late nineties and early naughties, we finally made the leap in 2007. This was when it became clear that Canonical’s Ubuntu Live CD installer would give us a free, workable, usable, deployable, connectable and serviceable operating system in under 15 minutes.

We had the added incentive that Microsoft Vista was so unbelievably bloody awful. We had just splashed out on new kit that needed a decent OS. It was a choice of replacing its pre-installed MS Vista with Ubuntu, or sending the whole lot back to the supplier and buying kit costing half-as-much again. Admittedly to break away from Microsoft did require a bit of effort. Hence my “don’t muck about with it, get on with it” approach when the time finally came. None of that dual boot malarkey either.

We went “cold turkey“. That is to say I configured all three of these new machines to boot to Ubuntu GNU/Linux only. However, we did flirt with Wine and CrossoverOffice for a while. In fact, I think I’m still CXOffice’s testers list. And I still have several VirtualBox virtual machines (VM) that I created at the time, including Windows XP, Windows 2000, Windows 98 and even a MSDOS v6.22 VM. I keep them for historical interest. In fairness, those VirtualBox VM’s still all work pretty well. Seems running Windows as virtual machines on GNU/Linux provides a nice safe playpen for Windows, where it is safely disconnected from external influences such as the nasty old internet, and therefore cannot hurt itself! Smile

The game changer

I remember trying to install Debian from umpteen 3.5″ floppies, back in the late 1990’s. A couple of disks had to go back in twice, if I remember correctly. If one made even the slightest mistake, one had to start again. Consequently, the CD/DVD ROM, shortly followed by its close relative, the “live-CD” were really the game-changers, certainly for us, anyway. Installation turned from being a geeky multi-floppy nightmare to something quick and simple that virtually anyone could do. This meant that we could install a fully-featured, well-supported secure OS in place of Windows, quickly and easily. One that worked and kept on working.

So by spring 2007, we were ready to make the move. Though I guess the real point of no return came a few months later when my non-techy girlfriend successfully installed a fully-loaded Kubuntu from DVD, in Hungarian, on her sister’s ThinkPad lappy, in less than half an hour, with no help from me at all. Shortly after that, my Windows media server became my Linux media server, with surprisingly few issues, and significant improvements in performance. The rest, as they say, is history.

Installing GNU/Linux today

Of course, today almost every GNU/Linux distribution or “distro” has a live CD/DVD/USB, or at least a live installer. The pure Debian net-install is particularly good these days. I have been using that quite a lot lately. We’ve been slowly migrating my customer base from Ubuntu (or KDE Neon) across to Debian stable branch, c/w KDE Plasma desktop, as old hard disks need replacing. No rush though. All the tools I use on my Debian machines can also be used on remote Ubuntu and Neon boxes. And of course, all such tools are free, open source, with no hidden nasties or gotchas. All just a “sudo apt install” command away. No hassle and no credit card required. Smile

As a general rule, if a piece of kit won’t run on/talk to GNU/Linux, then we don’t buy it. This has been my policy for almost two decades actually. All new hardware is specified such that it will work out of the box on Debian. Consequently we have silky smooth systems, upgrades that are seamless and trouble free, including the remote ones over SSH. And when an upgrade needs a reboot, we do it at my convenience, or the user’s convenience, but never at Microsoft’s convenience.

Lovely environment

Many of today’s desktop Linuxes offer a lovely computing environment. The KDE Plasma desktop that we use is elegant yet feature-rich. There is no corporate spyware to contend with. None of that “product registration” and “authentication” nonsense either. We can go weeks or even months between reboots, if we choose to do so. And we can run very old hardware with fully supported Unix-like operating systems for non-demanding tasks, alongside our newer kit, – albeit with a less pretty user interface such, as Xfce, LXQT or similar. No tossing perfectly serviceable kit into landfill because it won’t run the latest Windows or MacOS.

Readers considering finally giving Microsoft the elbow may find this article helpful.

Since dumping Windows, I’ve also enjoyed the added benefit of never paying for software licences. The money I saved by not swelling the coffers of large foreign IT corporations, and making their billionaire owners even richer than they are already, has basically kitted-out my photographic studio and bankrolled my collection of vintage MF lenses.

Apologies and apologists

Apparently Clownstrike’s Kurtz has said he’s “deeply sorry” for the horrendous global impact of his crappy software update. Which is awfully nice of him. Meantime, Microsoft apologists are quick to point out that this latest fiasco is all Clownstrike’s fault not Microsoft’s. After all, it’s not Microsoft’s fault that its products always seem to need some sort of third party anti-fungus software to try to keep its users moderately safe, now is it? 😉

I would add that for a supposedly “independent” country like the Britain to be so dependent on the whims of a foreign IT corporation, especially one with Microsoft’s appalling track-record, seems quite insane to me. It’s also interesting to note that Russia is almost unaffected by this. It was reported in today’s Guardian that according to Mikhail Klimarev, from the non-governmental organization, Internet Protection Society, CrowdStrike has not provided any services in Russia since the outbreak of the Ukraine war in February 2022.

Meantime, here in the UK, we cannot even contact our GP practice today because of this fiasco. Seems this is a pattern replicated right across Britain’s NHS. Thus far, I’ve made light of this fiasco because I am a GNU/Linux user. I enjoy taking the micky out of Microsoft and those anti-fungus protection rackets that leach off Microsoft’s faults. They all deserve as much ridicule and derision as I can muster. However, in all seriousness, I fear this latest blunder will cost lives, if it hasn’t done so already. And that is no joking matter.

In any event, I’m so glad I made the switch, both for myself and for those close to me. There’s simply no way that I will go back to using Microsoft products ever again. This latest fiasco merely serves to reinforce and reaffirm my position.

Clownstrike fiasco continues in West, while Russia and China virtually unaffected

2024-07-20

While the Clownstrike fiasco rumbles-on in the West, and people in our particular part of the planet can’t even purchase a train ticket, it seems both Russia and China are almost completely unaffected.

Editor’s note 2024-08-17: Seems we’re not the only site referring to Cloudstrike as “Clownstrike”. Crowdstrike has issued several takedown notices to a parody site called clownstrike.lol – which has thus far ignored the threats. Meanwhile Clownstrike – I mean Cloudstrike has legal problems of its own, as it tries to fend-off law suits from its own customers…

According to the Guardian, Clownstrike hasn’t been able to flog its ill-fated anti-fungus product in Russia since the Ukraine war kicked off. Meantime according to the BBC and other sources, China’s government made a decision more than two decades ago to wean the nation off Microsoft’s products and develop an IT infrastucture that was stronger, cheaper and that could be maintained by themselves. Therefore making China’s IT infrastructure significantly more resilient to both natural and man-made disasters, and significantly less prone to the whims and profit-driven motives of foreign IT corporations and their billionaire owners.

Kylin

Seems much of China’s critical IT infrastructure now runs China’s own official version of GNU/Linux, called Kylin. It’s named after the mythical “qilin” beast and was originally developed by China’s National University of Defence Technology. When the project kicked off, back in 2001, it was originally based on FreeBSD. But it adopted the Linux kernel from version 3 onwards, primarily so that its developers could share the work of the huge mass of open source developers around the planet.

In addition to the military variants, there is now a public version called openKylin. It was developed in cooperation with a British company, Canonical, who also owns Ubuntu. Today’s openKylin is currently worked on by 3000 developers, 74 special interest groups and over 200 commercial enterprises, which of course feeds code back to the official government version. Open source projects can do that too.

In any event, there are a couple of brief articles discussing Kylin over at “Its FOSS”…

Control

It would be naïve to think the Chinese government has implemented open source purely for the good of its people. Of course, being able to maintain and further develop a product offers control. But there is a limit to which Beijing or anyone else can assert control over an open source product. Users such as the Chinese government have control over what they do with an open source product. But they do not control the product itself. No one really does. That’s the point! That’s why people like me run open source software. It’s run by a communities not corporations and cannot be controlled. All its source code is a matter of public record, not some dark corporate secret where we are forced to trust its corporate developer’s honesty. Whereas the openKylin source code is freely available.

Compare and contrast this with closed source products such as Microsoft Windows, where you cannot see the source code, because Microsoft deliberately keeps it secret. In recent Windows releases, it has become a very dirty secret too. When you buy a new Windows 11 computer, Microsoft and its mates start spying on you, the second you switch it on and give it access to the internet. That’s before you even open a browser or install any software…

That’s why openKylin and similar projects (e.g. Red Flag et al) have given China a significant advantage over western countries such as ourselves. No foreign corporation can control or shut down China’s IT infrastructure. For example, in the case of openKylin. If Canonical (the British company that helped develop openKylin) were to disappear overnight, openKylin can still be maintained by its huge community. Subsequent products can be derived from it’s source code, and/or critical software can be ported to other open source Unix-like platforms.

Trust

To be clear, I’m not advocating that the British government, NHS, railways, utilities etc. should deploy openKylin, or any Chinese or Chinese-derived software for that matter. Debian or a close derivative would be a much more sensible choice for us, particularly as lots of Debian and Ubuntu developers actually reside and work here in the UK.

My point is that the Chinese do not trust big foreign tech corporations or the proprietary, closed-source software they produce. Clearly, neither should we.