when a null pointer dereference breaks the internet lol

preview_player
Показать описание
but it may not be the devs fault.

Don't know why you'd want to follow me on other socials. I don't even post. But here you go.
  1. ForrestKnight
Рекомендации по теме
when a null 0:04:42

when a null pointer dereference breaks the internet lol

You're dereferencing a 0:00:10

You're dereferencing a null pointer!

C Programming: What 0:05:26

C Programming: What does Dereferencing a Pointer Mean?

Domain 1.12: Pointer/object 0:01:12

Domain 1.12: Pointer/object dereference - CompTIA Security+ SY0 601

What happens when 0:00:57

What happens when you dereference a null pointer in kernel module

What is a 0:04:06

What is a C++ null pointer? ⛔

You're dereferencing a 0:00:10

You're dereferencing a null pointer!

why do void* 0:08:17

why do void* pointers even exist?

Understanding the Null 0:04:23

Understanding the Null Pointers

Other Application Attacks 0:09:05

Other Application Attacks - SY0-601 CompTIA Security+ : 1.3

Nil pointer dereference 0:04:23

Nil pointer dereference in golang | Common Mistake in Golang | Dr Vipin Classes

you will never 0:08:03

you will never ask about pointers again after watching this video

NULL Pointer | 0:18:59

NULL Pointer | C Programming Tutorial

11 De referencing 0:02:06

11 De referencing null pointers

Kernel Exploitation on 0:17:40

Kernel Exploitation on HEVD #3 : Null Pointer Dereference

Void Safety in 0:11:05

Void Safety in Eiffel, Part 1: the end of Null Pointer Dereferencing

C++ : dereferencing 0:01:25

C++ : dereferencing the null pointer

SMBv3 NULL Pointer 0:00:43

SMBv3 NULL Pointer Dereference Vulnerability (CVE-2018-0833)

STA$D400 - Dereferencing 0:03:27

STA$D400 - Dereferencing A Null Pointer

Understanding the Void 0:04:19

Understanding the Void Pointers

Live Session 6 0:00:41

Live Session 6 Highlight: Kernel Null Pointer Dereference

Go Pointers: When 0:14:09

Go Pointers: When & How To Use Them Efficiently

C++ : Possible 0:01:19

C++ : Possible null pointer dereference - otherwise it is redundant to check it against null

Null pointer exception 0:00:30

Null pointer exception || trying to dereference a null object || apex || Salesforce development

Комментарии
Автор

UPDATE: New info reveals it was a logic flaw in Channel File 291 that controls named pipe execution, not a null pointer dereference like many of us thought (although the stack trace indicates it was a null pointer issue, so Crowdstrike could be covering). Devs fault 100% (in addition to having systems in place that allow this sort of thing). Updates to Channel Files like these happen multiple times a day.

fknight
Автор

Fun fact the null point reference were also on the linux crowdstrike, the linux kernel just handled it like a boss

vilian
Автор

“You cannot hack into a brick”
-Crowdstrike, 2024

capn_shawn
Автор

But it's still their fault for pushing it out to everything everywhere all at once.

whickervision
Автор

Crowdstrike is DEFINITELY still at fault. You never ever ever push an update out live to millions of computers without extensive testing and staged rollouts, especially when that update involves code that runs at the kernel level!

bluegizmo
Автор

I still don’t understand how this patch didn’t brick the machines they tested it on, the idea that a company worth $70 billion didn’t catch this in CI or QA is mind blowing

stevezelaznik
Автор

Saying the root cause was a "null pointer dereference" is like saying the problem with driving into a telephone pole is that "there was a telephone pole in the way." The root cause was sending an update file that was all null bytes. The fact that the operating system executed that file and reported a null pointer dereference as a result is not the fault of the OS, and is not a root cause.

mitchbayersdorfer
Автор

Tired of hearing like Y2K was some panic or something that just magically fixed itself or wasn't a big deal. It wasn't a big deal because people spent years before fixing it

plaidchuck
Автор

giving any software unlimited kernel access is just crazy to me

samucabitim
Автор

This is precisely why you actually test the package that is being deployed. If you move release files around, you need to ensure that the checksums of those files match.

rickl
Автор

Let me guess. Maybe Crowdstrike recently laid off a stack of experienced developers who knew what they were doing, but were expensive, and kept the not so experienced developers who didn't know what they were doing, but were cheaper.

Then on top of that because of the reduced head count, but same workload, then under pressure the developers cut corners to rush product out.

I'm not saying that is what happened. But I have seen that happen elsewhere, and I'm sure people can come up with loads of examples from their own experiences.

JohnSmall
Автор

Has the name says - crowd strike, every device goes to strike

adwaithbinoy
Автор

Thank you for your insights. Man, I hope CrowdStrike does a thorough post-mortem for this one. That's the least they're owing the IT professionals at this point.

Bregylais
Автор

It did not break "the internet". It broke a lot of companies' office computers, but those are not on the internet. In fact, the internet chugged along just fine.

bart
Автор

I have no doubt they will do a thorough investigation as this was such a massive impact with millions and billions of dollars of implications.

coltenkrauter
Автор

At the most fundamental level, it is obvious that CrowdStrike never tested the actual deployment package. Things can go wrong at any stage in the build pipeline, so you ALWAYS test the actual deployment package before deploying it. This is kindergarten-level software deployment management. No sane and vaguely competent engineer would voluntarily omit this step. No sane and vaguely competent manager would order engineers to omit this step. Yet the step was definitely omitted. I hope we get an honest explanation of how and why this happened.

Of course, then you get into the question of why they didn't do incremental deployments, which are another ultra-basic deployment best oractice. I am beginning to form a mental image of the engineering culture at CrowdStrike, and it's not pretty.

isomeme
Автор

I have not written operating system code, but generally code is supposed to validate data before operating on it. In my opinion, developers are very likely the cause. Even if there is bad, the developers should write code that can handle that gracefully.

Also, this video asserted that this kind of issue could slip by the test servers. That sounds ridiculous to me. The test servers should fully simulate real world scenarios when dealing with this kind of security software. They should run driver updates against multiple versions of windows with simulated realistic data.

But, I would be surprised if a single developer was at fault. Because there should be many other developers reviewing all of the code. I would expect an entire developer team to be at fault.

It'll be interesting to learn more.

coltenkrauter
Автор

The internet was not broken. Not sure why people kept saying it did

dondekeeper
Автор

Doesn’t macOS fail gracefully when a kext misbehaves? If so, you can still technically blame Windows for not handling that situation well

bob_kazamakis
Автор

First rule of patch management is you dont install patches as soon as they are available.

If I know that then why some of these massive companies don't is beyond me. It seems that IT management has forgetten the fundamentals.

Also technically it can be done remotely if it's a virtual machine or remote management is enabled.

originalbadboy