Break and Make Culture
The Unintended Effects of CrowdStrike's Security Update Error and Private LLMs
July 20, 2024 - Vol. 2 Issue 32
Welcome to Infophilia, a weekly letter about the human love of information and connections.
Cite as: Coleman, Anita S. (2024, July 20). Break and make culture: The unintended effects of CrowdStrike’s security update error and private LLMs. Infophilia, a positive psychology of information, 2 (32). https://infophilia.substack.com/
There’s much on my mind these days and significant global events are prioritizing the topics to share. The recent Crowdstrike software update, which inadvertently caused ~3,300 flight cancellations and disrupted global business operations, is just one example of the challenges we face. The “break and make culture” of Silicon Valley has left our critical systems riddled with “defects and vulnerabilities.” The good news is that even the dreaded Blue Screen of Death can't dampen the human spirit! This is just part of the new reality with which all of us in the so-called first world must contend.
“The immense body of software developed using Silicon Valley’s ‘move fast and break things’ culture means that the software our lives depend on is riddled with defects and vulnerabilities,” O’Dowd said in a statement. “Defects in this software can result in a mass failure event even more serious than the one we have seen today.” Dan O’Dowd (Healey, 2024)
CrowdStrike, a cybersecurity firm headquartered in Irvine, California inadvertently triggered a major internet outage for computers running Microsoft windows. A faulty update caused the infamous Blue Screen of Death on thousands of machines worldwide. The company acknowledged the problem and started working on a solution, offering a workaround and a fix later that same day. But the incident has finally brought to the attention of the public both the risks of automatic updates in cybersecurity and underscored the market-leading status of 11-year old CrowdStrike’s software in protecting Windows computers against malware. There are ~3500 US cybersecurity companies. And CrowdStrike stock tanked over 10%.
As I reflect on this event, I am reminded of my own experiences.