Cybarbie"the Shai-Halud attack briefly compromised at least 25 NPM code packages managed by CrowdStrike"
Dr. Dek 👨🚀🐧🚀 )Today I read some corporate bullshit on #clownstrike that I can't believe.
Capitalism doesn't work. That company should have exploded. Instead they thrive.
Benjamin Carr, Ph.D. 👨🏻💻🧬#Parody site #ClownStrike refused to bow to #CrowdStrike’s bogus #DMCA takedown
Parody site ClownStrike defended the "obvious" #fairuse.
IT consultant David Senk created ClownStrike in the aftermath of the largest IT outage the world has ever seen—which CrowdStrike blamed on a buggy security update that shut down systems and incited prolonged chaos in airports, hospitals, and businesses worldwide.
https://arstechnica.com/tech-policy/2024/08/parody-site-clownstrike-refused-to-bow-to-crowdstrikes-bogus-dmca-takedown/
Parody site ClownStrike defended the "obvious" #fairuse.
IT consultant David Senk created ClownStrike in the aftermath of the largest IT outage the world has ever seen—which CrowdStrike blamed on a buggy security update that shut down systems and incited prolonged chaos in airports, hospitals, and businesses worldwide.
https://arstechnica.com/tech-policy/2024/08/parody-site-clownstrike-refused-to-bow-to-crowdstrikes-bogus-dmca-takedown/
Blake Hensley
Wizards AnonymousIt appears that #cloudflare has shown it's hand by allowing #crowdstrike to claim #dmca to take down #clownstrike. Who is left for #domain hosting and #cdn web caching? https://arstechnica.com/tech-policy/2024/08/parody-site-clownstrike-refused-to-bow-to-crowdstrikes-bogus-dmca-takedown/
Jobu Tupakithese details make the whole #Clownstrike fiasco look even more stupid. this company is releasing *kernel drivers* that run in ring0, and they are seriously getting tripped up on deserialization and bounds checking? like, *really*!? what a joke.
Marc'O 🕹️ ¯\_ (ツ) _/¯Parody site ClownStrike refused to bow to CrowdStrike’s bogus DMCA takedown. Doesn't CrowdStrike have more important things to do right now than try to take down a parody site? #news #clownstrike
https://arstechnica.com/tech-policy/2024/08/parody-site-clownstrike-refused-to-bow-to-crowdstrikes-bogus-dmca-takedown/
https://arstechnica.com/tech-policy/2024/08/parody-site-clownstrike-refused-to-bow-to-crowdstrikes-bogus-dmca-takedown/
RCODE3Should Clownstrike be held liable? Almost certainly.
Should their developers be held liable?
Probably not, because there is a 99.9% chance they pointed to a pile of tech debt and their management responded with "move fast, break things."
Erik Ableson#clownstrike may in fact be the most apt name for the company. Some detailed research over at https://mp.weixin.qq.com/s/uD7mhzyRSX1dTW-TMg4UhQ (via translation tools) has an in depth look at the inner workings of the CSFalcon client and whooo boy.
Key highlights:
- the definition file is not signed or cryptographically validated
- they come straight off the internet via the CSAgent binary
- if you can pwn part of the network stack to point to your file you can mass distribute inside (multiple methods come to mind)
WinFuture.deSatire-Seite #ClownStrike macht sich über #CrowdStrike-Ausfall lustig. Sicherheitsunternehmen reagiert mit DMCA-Takedown. Und das gibt prompt einen Streisand-Effekt. https://winfuture.de/news,144372.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia
CrowdStrike vs. ClownStrike: Wenn Satire zur Copyright-Farce wird
Die CrowdStrike-Panne, die kürzlich für einen Ausfall zahlreicher Systeme gesorgt hatte, war für Betroffene nicht lustig. Es dauerte nicht lange, bis sich damit jemand einen Spaß erlaubte, darunter die Seite ClownStrike. Doch nicht alle hielten sie für witzig.