SRE Weekly - SRE Weekly Issue #437
View on sreweekly.com
This week's issue is entirely focused on the CrowdStrike incident: more details on what happened, analysis, and learnings. I'll be back next week with a selection of all of the great stuff you folks have been writing while I've been off on vacation for the past two weeks—my RSS reader is packed with awesomeness!
This week, CrowdStrike posted quite a bit more detail about what happened on July 19. The short of it seems to be an argument count mismatch, but as with any incident of this sort, there are multiple contributing factors.
The report also continues the conversation about the use of kernel mode in a product such as this, amounting to a public conversation with Microsoft that is intriguing to watch from the outside.
CrowdStrike
This article has some interesting details about antitrust regulations(!) related to security vendors running code in kernel mode. There's also an intriguing story of a very similar crash on Linux endpoints running CrowdStrike's Falcon.
Note: this one is from a couple of weeks ago and some of its conjectures don't quite line up with details that have been released in the interim.
Gergely Orosz
While it mentions the CrowdStrike incident only in vague terms, this article discusses why slowly rolling out updates isn't a universal solution and can bring its own problems.
Chris Siebenmann
Some thoughts on staged rollouts and the CrowdStrike outage:
The notion we tried to get known far and wide was "nothing goes everywhere at once".
Note that this post was published before CrowdStrike's RCA which subsequently confirmed that their channel file updates were not deployed through staged rollouts.
rachelbythebay
[...] there may be risks in your system that haven’t manifested as minor outages.
Jumping off from the CrowdStrike incident, this one asks us to look for reliability problems in parts of our infrastructure that we've grown to trust.
Lorin Hochstein
While CrowdStrike's RCA has quite a bit of technical detail, this post reminds us that we need a lot more context to really understand how an incident came to be.
Lorin Hochstein
In the future, computers will not crash due to bad software updates, even those updates that involve kernel code. In the future, these updates will push eBPF code.
I didn't realize that Microsoft is working on eBPF for Windows.
Brendan Gregg
This post isn't about what Crowdstrike should have done. Instead, I use the resources to provide context and takeaways we can apply to our teams and organizations.
Bob Walker — Octopus Deploy
|
Older messages
SRE Weekly Issue #436
Monday, August 5, 2024
View on sreweekly.com A message from our sponsor, FireHydrant: Migrate off of PagerDuty, save money, and then have all of your configuration exported as Terraform modules? We did that. We know one of
SRE Weekly Issue #435
Monday, July 29, 2024
View on sreweekly.com A message from our sponsor, FireHydrant: We've gone all out on our new integration with Microsoft Teams. If you're a MS Teams user, FireHydrant now supports the most
SRE Weekly Issue #434
Monday, July 22, 2024
View on sreweekly.com A message from our sponsor, FireHydrant: We've gone all out on our new integration with Microsoft Teams. If you're a MS Teams user, FireHydrant now supports the most
SRE Weekly Issue #433
Monday, July 15, 2024
View on sreweekly.com A message from our sponsor, FireHydrant: We've gone all out on our new integration with Microsoft Teams. If you're a MS Teams user, FireHydrant now supports the most
SRE Weekly Issue #432
Monday, July 8, 2024
View on sreweekly.com A message from our sponsor, FireHydrant: We've gone all out on our new integration with Microsoft Teams. If you're a MS Teams user, FireHydrant now supports the most
You Might Also Like
16, 16 Pro, 16 Pro Max, A18, A18 Pro, 4, Ultra 2, Pro 2, Series 10
Tuesday, September 10, 2024
Irish Eyes Not Smiling, Strawberry Ripens, James Earl Jones Passes... 16, 16 Pro, 16 Pro Max, A18, A18 Pro, 4, Ultra 2, Pro 2, Series 10 Irish Eyes Not Smiling, Strawberry Ripens, James Earl Jones
Mapped | The U.S. States With the Most Million-Dollar Homes 🏘️
Tuesday, September 10, 2024
We show the number of cities in each state where a typical home costs $1 million or more. View Online | Subscribe Presented by: The economy is changing. Is your portfolio adapting? >> Explore
ELIZA: The Accidental Chatbot That Shaped AI History
Tuesday, September 10, 2024
Top Tech Content sent at Noon! A dev conference with discussions, workshops, and 1:1 feedback sessions Read this email in your browser How are you, @newsletterest1? 🪐 What's happening in tech today
Bring your entire team to INDUSTRY for Just $10,000!
Tuesday, September 10, 2024
We decided to make an offer unlike any we've made before.
LW 149 - Shopify's NEW Managed Pricing For Apps
Tuesday, September 10, 2024
Shopify's NEW Managed Pricing For Apps Shopify Development news and articles Issue 149 - 09/10/2024 Read Online Liquid Weekly All Things Shopify Development Shopify's NEW Managed Pricing For
⚙️ South Korea says AI will ‘drastically impact' the military
Tuesday, September 10, 2024
Plus: US regulations incoming
iPhone 16 hands-on: Forget the Pro
Tuesday, September 10, 2024
Windows 10 update cost; Rhino Linux; Galaxy S24 Ultra price slashed -- ZDNET ZDNET Tech Today - US September 10, 2024 placeholder I went hands-on with Apple's standard iPhone 16 and didn't envy
How to decide: AI product or process?
Tuesday, September 10, 2024
Start with a clearer definition of each one.
How Attackers Really Advance: Discover 11 Real-Life Attack Stories
Tuesday, September 10, 2024
Unveil the top attack paths and see how attackers exploit weaknesses in real environments.
Post from Syncfusion Blogs on 09/10/2024
Tuesday, September 10, 2024
New blogs from Syncfusion Sneak Peek 2024 Volume 3: AI-Powered Smart .NET MAUI controls By Karthikeyan V Explore the new smart AI-powered enhancements that will be added to the Syncfusion .NET MAUI