The machines, now inaccessible, are arguably more secure than before.

  • Architeuthis@awful.systems
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    5 months ago

    (update: disproven by Crowdstrike’s blog post).

    How do you mean? The current top post on the blog seems to mention .sys files as part of the problem very prominently.

    Channel file “C-00000291*.sys” with timestamp of 0527 UTC or later is the reverted (good) version. Channel file “C-00000291*.sys” with timestamp of 0409 UTC is the problematic version.

    • Sailor Sega Saturn@awful.systems
      link
      fedilink
      English
      arrow-up
      10
      ·
      5 months ago

      https://www.crowdstrike.com/blog/technical-details-on-todays-outage/

      This is not related to null bytes contained within Channel File 291 or any other Channel File.

      That to me implied that the channel file wasn’t actually necessarily corrupt (or as corrupt as people thought), but that it triggered a logic error. In particular this point implies that it wasn’t from garbage zero bytes in the file.

      (That said I could have worded this better, in my defense I’m sick in bed and only half thinking straight)

      • froztbyte@awful.systems
        link
        fedilink
        English
        arrow-up
        3
        ·
        5 months ago

        yeah that phrase of “null bytes” reads like addressing one of the rumours

        “what was the problem?” “well it wasn’t null bytes” “so… what was it then?” “have definitely eliminated null bytes from the running!”

        • Sailor Sega Saturn@awful.systems
          link
          fedilink
          English
          arrow-up
          4
          ·
          5 months ago

          Aside but I have been in some weird as heck discussions about how to phrase public blog posts. A few times I’ve had to point out some phrasing is so cryptic that no one will even know what we’re talking about, and really there’s nothing wrong with being a bit clearer about what we want to express. Sometimes you’d like companies want the audience to be bewildered and confused; and I’m not totally sure where this instinct comes from.

          (Though in this case they probably don’t want to share too much yet for stonk or legal reasons)