• viking@infosec.pub
    link
    fedilink
    English
    arrow-up
    158
    ·
    4 months ago

    To avoid such issues in the future, CrowdStrike should prioritize rigorous testing across all supported configurations.

    Bold of them to assume there’s a future after a gazillion off incoming lawsuits.

    • finley@lemm.ee
      link
      fedilink
      English
      arrow-up
      80
      arrow-down
      5
      ·
      edit-2
      4 months ago

      I was listening to a podcast earlier, and they mentioned the fact that their legal liability may, in fact, be limited because of specific wording in most of their contracts.

      In other words, they may actually get away with this in the short term. In the long-term, however, a lot of organizations and governments that were hit by this will be reevaluating their reliance on such monolithic tech solutions as crowdstrike, and even Microsoft.

      So you may be right, but not for the reasons you think.

      • rumschlumpel@feddit.org
        link
        fedilink
        English
        arrow-up
        84
        ·
        4 months ago

        and even Microsoft

        (x) doubt

        They had decades to consider Microsoft a liability. Why start doing something about it now?

      • Brkdncr@lemmy.world
        link
        fedilink
        English
        arrow-up
        12
        arrow-down
        1
        ·
        4 months ago

        Contracts aren’t set in stone. Not only are those contracts modified before they are accepted by both parties, it’s difficult to limit liability when negligence is involved. CS is at worst going to be defending against those, at best defending against people dumping them ahead of schedule against their contracted term length.

      • This is fine🔥🐶☕🔥@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        4
        ·
        4 months ago

        Oh so you can fire QA department, get absolutely destructive update to millions of systems across the globe and this gross negligence doesn’t matter because of magic words in a contract? I don’t think so.

          • This is fine🔥🐶☕🔥@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            1
            ·
            4 months ago

            Then how else is their legal liability is limited?

            They killed off their QA department to chase profits which resulted in a broken product that crippled hundreds of organizations across the globe.

            They don’t get to just shrug, say oopsie, and point at the contract.

    • mipadaitu@lemmy.world
      link
      fedilink
      English
      arrow-up
      34
      ·
      4 months ago

      They mean after Crowdstrike gets sold, the new company promises a more rigorous QA, and quietly rebrands it.