Tuesday, 12 November 2024

The CrowdStrike global outage shows the serious dangers of a centralized, digitized world


The perils of over-reliance on digital systems have been once again highlighted by the crashing of computer systems around the world due to an update to the Falcon antivirus and security product from CrowdStrike affecting its interaction with the Windows operating systems. The update has caused chaos for banking, retail, railways, airports, healthcare and for a wide range of other businesses and infrastructure where the Falcon software runs on Windows systems. Advice for bringing affected computers back into working order has been published, but the exact mechanism by which the update caused “Blue Screen of Death” errors does not appear to have yet been reported.

(Article by Dr. R P republished from DailySceptic.org)

It appears that in many cases, while the update was distributed automatically over the internet to systems, the workaround to fix the problem requires the machines to be rebooted in Windows’ safe mode, which usually requires physical access. The person at the keyboard then needs to know the password for the computer’s administrator account, and use this level of access to delete a file within a subdirectory of Windows’ System32. This process can be more complicated where Microsoft’s BitLocker encryption is in use. In many organisations, the recovery keys for BitLocker have themselves been stored on a computer unable to start properly due to the CrowdStrike update. The quote “Men go mad in herds, while they only recover their senses slowly, one by one”, originally from Charles Mackay in 1841, seems applicable now to computers too. They crash en masse, then require individual attention before they will work again.

It should be noted that while the perils of centralisation with a physical single point of failure are obvious to all but technocratic politicians and civil servants, this massive outage shows another way in which a “single point” of failure can occur. The single point in this case is not a particular server in one building somewhere on the planet; but rather a change within a single piece of software with that change then being rolled out to many individual systems around the globe. These systems then entered a state euphemistically described as Total Inability To Support Usual Performance (acronym intentional) among the tech community. There was a reason that NASA put a fifth backup flight computer in the space shuttle, running software written entirely independently of the software on its primary four computers. A single point of failure where software is concerned doesn’t have to happen at only a single point in space.

There is a very clear lesson to be learned here. Systems which can collapse at scale, even when they are not centralised in the physical sense, eventually will collapse in such a fashion. Advocates of Central Bank Digital Currencies (CBDCs) and Digital ID systems should consider these lessons. This update ‘only’ knocked out an estimated 8.5 million computers, belonging to over 24,000 organisations that subscribed to CrowdStrike’s Falcon software. A country reliant on a CBDC instead of cash would see an end to all transactions as a consequence of a similar failure affecting a component within whatever software stack was being used to operate CBDC infrastructure. That could mean a fault within the software on physically centralised or partly centralised servers logging transactions and holding records; or a fault within the software running on masses of devices operating as payment terminals in a wide variety of locations. In that dystopian CBDC-dependent nation, one would be looking at electric vehicles (already a bad idea simply on account of the abysmal energy density of batteries compared to chemical fuels) stranded at charging stations, unable to make payments to initiate the charging procedure. Consider that the World Economic Forum once advertised with slogans on the theme of “what if extreme weather froze your bank account”, right at the time when Justin Trudeau was freezing bank accounts on account of his extreme intolerance for peaceful protest. The reality is that in the centralised totalitarian model of society the WEF hungers for, this scenario becomes more probable, not less. That is to say, that as well as increasing the opportunities for censorship-obsessed elites to deliberately interfere in people’s lives, centralisation also increases the vulnerability of a society to accidental errors. Where Governments dream of requiring digital ID or age verification for internet access, or client-side scanning to look for objectionable opinions and only allow messages to be sent when approved as sufficiently “double plus good”, one can even imagine a situation where direct messages and online posts attempting to report a fault in the software stack running the verification or approval algorithms would be blocked from being sent. This wouldn’t need to be a matter of a deliberate attempt to cover up the fault, but instead the inability to report the fault would be a natural consequence of the fault itself. A censorship apparatus built on a principle of scanning everything before it can be shared ends up censoring absolutely everything if it is unable to perform scans.

Where old systems, like cash, just work, the alternatives which Big Tech and Big Government claim are more convenient can collapse. Where computer systems you actually own and have true control over just work, systems which can be remotely updated can crash catastrophically. When Big Government pushes for things to be more “secure”, it usually has in mind intrusive projects to stop “bad people” from using “SMART” systems, rather than measures to actually make systems more resilient in the event of crises. Government, after all, tries to whip up anger against truly secure encryption by describing it as warrant-proof, though in an age where lawfare is becoming common and courts allow the monitoring of vast numbers of innocent people it is hard to see how such a level of protection is undesirable. Meanwhile, Big Tech companies seek to create an “experience” for users, which in practice comes to mean an ever more interlinked web of dependencies, often centred around a server to which the devices regularly phone-home to check that the user has the company’s permission to use the things they have bought. Concerningly, even farming has now become a field in which equipment manufacturers are displaying this ‘Big Tech’ attitude. This risks farmers’ livelihoods and entire nations’ food security in the event of software crashes. And that could include software crashes within Digital Rights Management subsystems of software which aren’t even there for the benefit of the user in the first place.

Humans, when acting like machines and believing that adherence to procedure, policy, legislation or guidance is more important than common sense and morality, make the perils of centralisation still worse. If one adds a human element with a sufficiently jobsworth disposition and an absolute confidence in the infallibility of their systems to the toxic mix of centralisation and control freakery enabled by excessive digitisation, it results in horrific scenarios like those surrounding the Post Office’s Horizon software. I shall enter a little further into speculation here when suggesting that a correlation between people having problematic dispositions and a desire for centralisation may exist, perhaps best demonstrated by the ways in which I have seen the supporters and opponents of cash behaving during previous payment infrastructure outages. Contrast: the elderly woman who deposited exact change on the counter in a card-only cafe. She calmly claimed it was legal tender, whether that is an entirely applicable argument or not, and walked off with two packaged sandwiches. With: the student who upon being told, in broken English by the very polite man behind the fried-chicken shop counter, that VISA was down that day, raised his voice to a bellow. Such bellowing was perhaps difficult from behind the blue paper muzzle he was wearing in 2022. He then proceeded to accuse the owner of tax evasion in a lecture which lasted until everyone waiting around for their orders was glaring at him, and which contained expletives even someone fluent in English could be surprised by. While it is not my place to comment upon whether what the woman did was entirely legal, she gave the impression of someone who would start knitting socks for neighbours in a prolonged power-cut. The student gave the impression of someone who’d batter on doors in search of a USB powerbank with which to buy himself a while longer on TikTok. The types of people who cheer for centralisation do not appear to be the types who can foresee – much less aid in recovering society from – the consequences of centralisation-enabled failures.

Keeping to the theme of trendy people and trendy attitudes, it is also worth noting that whilst the update which led to the ongoing chaos may well have been intended as a security patch or as a bug fix for a rare software fault condition (and ended up creating a widespread one), many updates which have been responsible for widespread system failures in the past are updates to provide software with new ‘features’. Unfortunately, in keeping with trying to be fashionable brands, a lot more programming hours are dedicated to “oh, look, shiny” than to simply keeping abreast of actual functionality and security flaws which may require patching. With software controlled systems embedded in ever more places (and not all of this increase in the ubiquity of computing necessarily has to be bad so long as the systems are properly under a user’s control and are not cloud dependent), it would seem a wise time for the practice of software development to start prioritising reliability, resilience and stability. It would be wise to prioritise these above the aim of innovating in ways nobody asked for, which then disrupt people’s workflows within products they are already using. While consumer technology is particularly affected by this fashion-based philosophy, business software is not immune. This is particularly the case when buzzwords are used in efforts to market solutions to problems they might not have to bosses of limited technical expertise. Look at all the hype around AI, with its latest eruption coming in the form of Large Language Models. A world with software around every corner is a world which can’t afford that software to be updated, with the potential for introducing serious errors to it every time a corporate executive falls for a fad. The way in which smaller open source software projects operate may provide an inspiration here, particularly where the project consists of a standalone tool for a particular task. In many such projects, there are only two scenarios in which a developer typically posts an update. Firstly, he may post one in response to user reports of errors being thrown in specific circumstances. Secondly there may be a need for a new version of the tool when changes are needed to maintain compatibility with changes that have been applied to other software, such as new releases of an operating system under which the tool may be run.

As an overall picture, centralisation makes it all too easy for governments and corporations to feed their addiction to exercising control. And the further their reach spreads, the closer the state comes to being a black hole that sucks in the entirety of society and human experience, the more damage their anti-Midas touch causes. And then, in its aftermath, the solution they always push for is more centralisation, more opportunities to make things worse whether by intention or by accident. Escaping the headlong rush in to a new Soviet Union where nothing works and officialdom absolutely refuses to acknowledge the fact must be at the forefront of our minds when looking to the future. But the outage news itself can be summarised in a much shorter fashion. While one can feel sorry for those whose travel was disrupted, it is a wonderful feeling to jump to the front of a queue in a shop and pay a satisfied cashier with cash, whilst a seething mass of trendy woke-folk, who consider cash and even freedom itself to be outdated concepts, look on.

Read more at: DailySceptic.org


Source link