S.L. Kanthan (@Kanthan2030) posted at 8:47 PM on Fri, Jul 19, 2024: Interesting facts about CrowdStrike, that may be behind the world's biggest IT outage:
🔹CrowdStrike was the ONLY one which looked at the DNC servers in 2016 & blamed Russia for Wikileaks emails.
🔹CrowdStrike is deeply linked to Dept. of Homeland Security & NATO!
Zach Vorhies / Google Whistleblower (@Perpetualmaniac) posted at 4:08 AM on Sat, Jul 20, 2024: Crowdstrike Analysis:
It was a NULL pointer from the memory unsafe C++ language.
Since I am a professional C++ programmer, let me decode this stack trace dump for you. https://t.co/uUkXB2A8rm (https://x.com/Perpetualmaniac/status/1814376668095754753)
Zach Vorhies / Google Whistleblower (@Perpetualmaniac) posted at 4:08 AM on Sat, Jul 20, 2024: Memory in your computer is laid out as one giant array of numbers. We represent these numbers here as hexadecimal, which is base 16 (hexadecimal) because it's easier to work with... for reasons.
The problem area? The computer tried to read memory address 0x9c (aka 156). (https://x.com/Perpetualmaniac/status/1814376670691987718)
Zach Vorhies / Google Whistleblower (@Perpetualmaniac) posted at 4:08 AM on Sat, Jul 20, 2024: Why is this bad?
This is an invalid region of memory for any program. Any program that tries to read from this region WILL IMMEDIATELY GET KILLED BY WINDOWS.
That is what you see here with this stack dump. (https://x.com/Perpetualmaniac/status/1814376672831123548)
Zach Vorhies / Google Whistleblower (@Perpetualmaniac) posted at 4:08 AM on Sat, Jul 20, 2024: So why is memory address 0x9c trying to be read from? Well because... programmer error.
It turns out that C++, the language crowdstrike is using, likes to use address 0x0 as a special value to mean "there's nothing here", don't try to access it or you'll die. (https://x.com/Perpetualmaniac/status/1814376674697551893)
Zach Vorhies / Google Whistleblower (@Perpetualmaniac) posted at 4:08 AM on Sat, Jul 20, 2024: Programmers in C++ are supposed to check for this when they pass objects around by "checking full null".
Usually you'll see something like this:
string* p = get_name();
if (p == NULL) { print("Could not get name"); } (https://x.com/Perpetualmaniac/status/1814376676526354846)
CNBC Sep 25, 2019 · www.cnbc.com Why Trump asked Ukraine's president to look into CrowdStrike, a U.S. ... President Donald Trump asked Ukrainian President Volodymyr Zelensky to look into the U.S. company that helped investigate the hack of the ...
Fortune Sep 25, 2019 · fortune.com What Is CrowdStrike? Trump Mentioned the Company in His ... President Trump makes reference to the cybersecurity firm during his call with the Ukrainian president.
インターネットを介した情報収集も不可になっていくのでしょうかね…
返信削除情報を記録するための電子媒体も長くはありませんかね。
ちょちょいのちょい
削除で機能不全に陥る
脆弱性ww
そして
その構造への
理解勉強不足ww
地球外へも勉強不足ですが
自分たちが作り上げたものにさえ
勉強不足ww
サードパーティアプリじゃなく、MS自体がやったり、OSのゼロデイ攻撃をすれば、もっと大規模なことがやれるのでは?
返信削除単なるサードパーティアプリでないところがミソw
削除バリューチェーンでありそでないところがミソw
食らう どストライクww
返信削除日本語OS的には縁起でもないですなw
色合いも似非日の丸みたいでw
S.L. Kanthan (@Kanthan2030) posted at 8:47 PM on Fri, Jul 19, 2024:
返信削除Interesting facts about CrowdStrike, that may be behind the world's biggest IT outage:
🔹CrowdStrike was the ONLY one which looked at the DNC servers in 2016 & blamed Russia for Wikileaks emails.
🔹CrowdStrike is deeply linked to Dept. of Homeland Security & NATO!
Alperovitch
(https://x.com/Kanthan2030/status/1814265683019985032)
被害の程度が偏っているところから考えると、この洞察はちょっと甘い感じかねw
削除2016年の事象を持ちだすのも、かなり古ぼけた感じw
当時最先端をいっていた1社のシマンテックは、すでにどっかいっちゃったからねw 技術トレンドに合わせた栄枯盛衰が激しいのよw
Zach Vorhies / Google Whistleblower (@Perpetualmaniac) posted at 4:08 AM on Sat, Jul 20, 2024:
返信削除Crowdstrike Analysis:
It was a NULL pointer from the memory unsafe C++ language.
Since I am a professional C++ programmer, let me decode this stack trace dump for you. https://t.co/uUkXB2A8rm
(https://x.com/Perpetualmaniac/status/1814376668095754753)
Zach Vorhies / Google Whistleblower (@Perpetualmaniac) posted at 4:08 AM on Sat, Jul 20, 2024:
Memory in your computer is laid out as one giant array of numbers. We represent these numbers here as hexadecimal, which is base 16 (hexadecimal) because it's easier to work with... for reasons.
The problem area? The computer tried to read memory address 0x9c (aka 156).
(https://x.com/Perpetualmaniac/status/1814376670691987718)
Zach Vorhies / Google Whistleblower (@Perpetualmaniac) posted at 4:08 AM on Sat, Jul 20, 2024:
Why is this bad?
This is an invalid region of memory for any program. Any program that tries to read from this region WILL IMMEDIATELY GET KILLED BY WINDOWS.
That is what you see here with this stack dump.
(https://x.com/Perpetualmaniac/status/1814376672831123548)
Zach Vorhies / Google Whistleblower (@Perpetualmaniac) posted at 4:08 AM on Sat, Jul 20, 2024:
So why is memory address 0x9c trying to be read from? Well because... programmer error.
It turns out that C++, the language crowdstrike is using, likes to use address 0x0 as a special value to mean "there's nothing here", don't try to access it or you'll die.
(https://x.com/Perpetualmaniac/status/1814376674697551893)
Zach Vorhies / Google Whistleblower (@Perpetualmaniac) posted at 4:08 AM on Sat, Jul 20, 2024:
Programmers in C++ are supposed to check for this when they pass objects around by "checking full null".
Usually you'll see something like this:
string* p = get_name();
if (p == NULL) { print("Could not get name"); }
(https://x.com/Perpetualmaniac/status/1814376676526354846)
...
CNBC
返信削除Sep 25, 2019 · www.cnbc.com
Why Trump asked Ukraine's president to look into CrowdStrike, a U.S. ...
President Donald Trump asked Ukrainian President Volodymyr Zelensky to look into the U.S. company that helped investigate the hack of the ...
Fortune
Sep 25, 2019 · fortune.com
What Is CrowdStrike? Trump Mentioned the Company in His ...
President Trump makes reference to the cybersecurity firm during his call with the Ukrainian president.