Southwest Airlines, the fourth largest airline in the US, is seemingly unaffected by the problematic CrowdStrike update that caused millions of computers to BSoD (Blue Screen of Death) because it used Windows 3.1. The CrowdStrike issue disrupted operations globally after a faulty update caused newer computers to freeze and stop working, with many prominent institutions, including airports and almost all US airlines, including United, Delta, and American Airlines, needing to stop flights.

Windows 3.1, launched in 1992, is likely not getting any updates. So, when CrowdStrike pushed the faulty update to all its customers, Southwest wasn’t affected (because it didn’t receive an update to begin with).

The airlines affected by the CrowdStrike update had to ground their fleets because many of their background systems refused to operate. These systems could include pilot and fleet scheduling, maintenance records, ticketing, etc. Thankfully, the lousy update did not affect aircraft systems, ensuring that everything airborne remained safe and were always in control of their pilots.

  • areyouevenreal@lemm.ee
    link
    fedilink
    English
    arrow-up
    1
    ·
    4 months ago

    Automatically reverting the kernel wouldn’t do anything as the kernel nor the module Crowdstrike uses were updated. Rather the file the module reads was updated and replaced with a corrupted version that causes the module to crash when it tries to read it.

    There is a great video explaining the basics of what happened here: https://youtu.be/wAzEJxOo1ts?si=_agkbdBHJnhQmbdP

    Microsoft already have a mechanism to disable problematic modules on next boot. Problem being that Crowdstrike registers itself as an essential driver, as they don’t want the system to boot without it for security reasons.

    You keep saying Chrome OS uses VMs for security. Unless something has seriously changed since I last read up on their security mechanisms they don’t. Maybe something has changed. Do you have any evidence? If not you’re just talking out of your arse.

    • btaf45@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      edit-2
      4 months ago

      Sure I’ve got lots of evidence.

      https://www.security.org/antivirus/chromebooks/

      [There’s no question that, when it comes to viruses and other forms of malware, Chromebooks are safe. How safe? Well, the website CVE Details1 lists just 55 vulnerabilities for Chrome OS. Compare that to 1,111 vulnerabilities for Windows 10, and a whopping 2,212 for Mac’s OS X; with five percent as many vulnerabilities as its closest competitor, it’s a pretty simple matter to declare Chromebook the safest option…there’s no question that Chromebooks are among the most secure computers you can buy]

      55 vulnerabiilites for Chrome OS vs 1111 vulnerabilities for Windows. Huge difference.

      Rather the file the module reads was updated and replaced with a corrupted version that causes the module to crash when it tries to read it.

      Yes it was a ridiculous system to have kernel mode code on the filesystem. Even if a bad pointer didn’t crash the system a hacker could have put in their own code. And yes such a terrible security system would have affected Linux too. But with ChromeOS, the system is already secure. No need to use a terrible security system like Cloudstrike in the first place.

      • areyouevenreal@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        4 months ago

        No you don’t have any evidence at all. You were specifically speaking about Chrome OS using VMs inside VMs. That article doesn’t mention VMs once.

        I never once disputed that it was more secure than an average Windows installation, because frankly that’s obvious. What you don’t seem to understand is what can be done to lock down modern Windows and Linux systems.

        Yes it was a ridiculous system to have kernel mode code on the filesystem. Even if a bad pointer didn’t crash the system a hacker could have put in their own code. And yes such a terrible security system would have affected Linux too. But with ChromeOS, the system is already secure. No need to use a terrible security system like Cloudstrike in the first place.

        For one the same article you are referencing talks about using anti-malware on ChromeOS as Chrome OS isn’t malware proof. Though I don’t think it’s possible for Chrome OS to break so badly from one of these products.

        ChromeOS though isn’t actually suitable for running servers like Windows and Linux are. It can’t do nearly the same number of things. It’s a bit like comparing a knife to a safety razor. One is safer for shaving sure, however the other one can be used for cooking, hunting, wood work, etc.

        Second all kernel mode code lives on the filesystem. How did you think it worked? On Linux and Windows the kernel itself needs storing somewhere, as do the modules.

        You keep showing me again and again that you don’t understand the world of computers and modern IT infrastructure. Do you even have any qualifications or work experience in IT?

        Edit: I actually did some research myself. ChromeOS can use a Virtual Machine to run Linux software, but not in it’s default configuration. There is also none of this VMs inside VMs stuff you were talking about. If you want to see virtualization really put to work look at a modern server setup or something like Qubes OS.

        https://chromeos.dev/en/linux/linux-on-chromeos-faq#can-i-access-files-when-the-container-isnt-running

        • btaf45@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          edit-2
          4 months ago

          ChromeOS though isn’t actually suitable for running servers like Windows and Linux are. It can’t do nearly the same number of things

          ChromeOS literally is Linux so obviously it can do everything that Linux can. It is effectively a SUPERSET of Linux

          Second all kernel mode code lives on the filesystem.

          Now you are being ridiculous. We are talking about code than runs in the kernel but is not part of any official kernel module including device drivers.

          How did you think it worked?

          What I thought is that you had common sense.

          You keep showing me again and again that you don’t understand the world of computers and modern IT infrastructure. Do you even have any qualifications or work experience in IT?

          Dude you are the person who thinks that the cloudstrike code running in the kernel that is neither part of the kernel nor part of any official kernel device driver code is somehow equivelent to the actual kernel. You are also the person who made the completely nonsensical claim that ChromeOS Linux “can’t do nearly the same things” of Linux. So GTFO with the snarky shit, because I’m the one wondering how you can be so confused about basic stuff.

          Do you even have any qualifications or work experience in IT?

          I’ve been using the internet since 1983. How bout you? LMFAO.

          There is also none of this VMs inside VMs stuff you were talking about.

          Because you didn’t do enough research. My Chrome OS comes with an outer VM, an inner VM, the heavily locked down user mode, and the kernel mode. My Linux programs run in the outer VM by default. I would have to turn on developer mode just to get to the actual user mode.

          • areyouevenreal@lemm.ee
            link
            fedilink
            English
            arrow-up
            1
            ·
            4 months ago

            ChromeOS literally is Linux so obviously it can do everything that Linux can. It is effectively a SUPERSET of Linux

            This is dumb. I was experimenting with unofficial ChromeOS builds since before the first consumer Chromebook. I’ve also used an actual production Chromebook as well. I’ve even used the distro ChromeOS is derived from which is called Gentoo.

            If this was actually a good idea why aren’t some businesses doing it already? Linux servers are everywhere yet I have never heard of one running ChromeOS. Google who make ChromeOS don’t use ChromeOS for servers, they use conventional Linux distros like Debian with their own software running on top such as Borg or Kubernetes.

            First I am going to assume you mean a Linux distro (e.g. Debian, Ubuntu) rather than just Linux, as all distributions are a superset of just Linux, as Linux is only the kernel.

            It’s also not in anyway a “superset” of a conventional Linux distribution. It doesn’t even have a package manager without having to use a VM. You can’t install a different browser without using a VM. ChromeOS capabilities have improved a lot since I have used it, by supporting VMs at all and by allowing Android apps. That still doesn’t compare to a real Linux server solution. On a Linux machine I can natively run containers, not just VMs. I can install apps natively. I can configure my own security systems and sandboxing. I can even run Windows apps and games with Wine and Proton, android apps with Waydroid. I also get a much newer kernel, older Chromebooks didn’t get kernel updates throughout their entire life. Maybe that’s changes but who knows.

            Another big thing Linux servers have is advanced file systems like BTRFS and ZFS, that have advanced RAID like functionality with automatic data integrity protection using checksums, snapshots built in, and other fancy features like transparent file compression. Does ChromeOS even support regular software RAID?

            ChromeOS just isn’t designed for servers, it never has been. You’re trying to use a car to haul a lorry load. It’s not that cars are bad, they just aren’t designed to do that. You could use Chrome OS for employee workstations, at least some of them anyway, but not for servers.

            Go and use a real Linux distro or a real Linux server and get back to me.

            Now you are being ridiculous. We are talking about code than runs in the kernel but is not part of any official kernel module including device drivers.

            This is false. That module is signed by Microsoft. That means they tested it themselves. To load a module that isn’t signed on Windows requires serious tinkering and is something no business would do. I have actually done those steps myself, so I have direct personal experience here. If you had watched that video I sent you, which is by a retired Microsoft Engineer, you would know about this.

            Dude you are the person who thinks that the Cloudstrike code running in the kernel that is neither part of the kernel nor part of any official kernel device driver code is somehow equivelent to the actual kernel. You are also the person who made the completely nonsensical claim that ChromeOS Linux “can’t do nearly the same things” of Linux. So GTFO with the snarky shit, because I’m the one wondering how you can be so confused about basic stuff.

            For one you apparently don’t listen. I said it’s a kernel driver/module not a core kernel component. It does however still run in kernel mode (ring 0 on x86) and has access to everything any other thing running in kernel mode has access to including the NT kernel itself. It doesn’tq matter from a permissions perspective if it’s a driver/module or a core kernel component, the CPU protections don’t distinguish between the two by design. What does make a difference is when and how it’s loaded into kernel space/kernel mode. That’s why safe mode works, as it just doesn’t load that component.

            I am not the one getting basic things wrong here. When I used ChromeOS originally it had maybe half the capabilities it has now, but even now it just isn’t as capable as a conventional Linux distro. Saying it can run VMs means nothing because so can regular Linux, in fact you can run ChromeOS in a VM, or Windows, or FreeBSD all on a Linux machine. Even at the same time if you really want.

            I’ve been using the internet since 1983. How bout you? LMFAO.

            Using and understanding are not the same. I have a Masters in CS, soon to be starting a PhD in Cyber Security. You meanwhile apparently have no experience or qualifications worth telling me about. I actually use Linux systems daily and run my own Linux based servers. Specifically I use Proxmox since that’s an actual server solution.

            Because you didn’t do enough research. My Chrome OS comes with an outer VM, an inner VM, the heavily locked down user mode, and the kernel mode. My Linux programs run in the outer VM by default. I would have to turn on developer mode just to get to the actual user mode.

            I did plenty of research. It says the VMs run inside of a container, but a container is not a Virtual Machine. It is technically a form of virtualization, so you’re half right. I would take the time to read up on how containers actually work. They share the same kernel as the host machine, and don’t emulate hardware the way virtualization solutions do.

            Also none of this is part of the default setup, which doesn’t include any Linux VMs, just the locked down user space. You actually can do Virtual Machines inside Virtual Machines on Linux. It is called nested virtualization. My hypervisor Proxmox actually supports that as standard. You can also do containers inside virtual machines and virtual machines inside containers. The former I actually use as part of my own server setup. The point being none of this is unique or special in ChromeOS.