822

Single point of failrule (lemmy.blahaj.zone)

submitted 2 months ago by nicknonya@lemmy.blahaj.zone to c/196@lemmy.blahaj.zone

52 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] magic_lobster_party@kbin.run 25 points 2 months ago* (last edited 2 months ago)

I doubt it. Few people are volunteering their time reading pull requests of random repos. It probably went fast from pull request to deployment, so there would be no time for anyone external to read.

The only thing open source would’ve done is to give us a faster explanation of why it happened after the fact.

[-] Technus@lemmy.zip 39 points 2 months ago

Considering this is a cybersecurity product that requires installing a kernel mode driver on mission-critical hardware, I guarantee at least a few people would have been interested in looking at the source if they had the opportunity. Or tried to convince their employers purchasing the software to pay for a third-party audit.

The update that broke everything only pushed data, not code. The bug was extant in the software before the update, likely for years. Can I say for sure that a few extra eyes on the code would have found the problem ahead of time? No, of course not. But it couldn't have hurt.

[-] Tar_alcaran@sh.itjust.works 20 points 2 months ago

The update that broke everything only pushed data, not code. The bug was extant in the software before the update, likely for years.

A terrifyingly large number of critical issues come to light like this. The code has been broken since the first release, but nobody noticed until a certain edge-case occurs.

[-] Technus@lemmy.zip 15 points 2 months ago

Exactly. Even worse, a bug like this isn't just a crash waiting to happen. It's also a massive security hole.

If an incompetently written file can crash the system, there's a decent chance that a maliciously crafted file could have allowed the complete takeover of it. Memory safety bugs, especially in kernel code, are very serious.

A lack of validation would have been a glaring red flag to any outsider looking at the code, but it's exactly the kind of thing someone who's worked on the software forever could easily overlook. It's so, so easy to lose sight of the forest for the trees.

[-] ashaman2007@lemm.ee 11 points 2 months ago

Or during, and with open source it could have been possible for independent fixes to have been created as people figured out through trial and error. Additionally, something like this would have cost Crowdstrike a ton of trust, and we would see forks of their code to prevent this from happening again, and now have multiple options. As it stands, we have nothing but promises that something like this won’t happen again, and no control over it without abandoning the entire product.

[-] magic_lobster_party@kbin.run 3 points 2 months ago* (last edited 2 months ago)

Even if a fix was discovered quickly it wouldn’t prevent the problem that it must be manually fixed on each computer. In this case a fix was discovered quickly even without access to source code.

Just having more eyes on the source code won’t do much. To discover errors like these the program must be properly tested on actual devices. This part obviously went wrong on Crowdstrike’s side. Making the code open source won’t necessarily fix this. People aren’t going to voluntarily try every cutting edge patch on their devices before it goes live.

I also doubt any of the forks would get much traction. IT departments aren’t going to jump to the next random fork, especially when the code has kernel access. If we can’t trust Crowdstrike, how can we trust new randos?

[-] schema@lemmy.world 3 points 2 months ago* (last edited 2 months ago)

To my understanding, the driver was apparently attempting to process update files without verifying the content first (in this case a file containing all zeroes), so this issue would have likely been visible long before the catastrophe actually happened.