Tag Archives: Cloud Server

Microsoft / CrowdStrike: Who is responsible for global IT outage?

Is Microsoft or CrowdStrike to blame for the global IT outage of Windows-based systems?! Take a look at the viral claims, and find out what the facts really are!

 

Claim : Microsoft Is Responsible For Global IT Outrage, Not CrowdStrike!

On Friday, 19 July 2024 – a day that will live in digital infamy, businesses and organisations worldwide were hit by an IT outage on their Windows-based systems. Inevitably, some people are blaming Microsoft for this debacle…

Circulating on WhatsApp : Very interesting to see how the media is playing down on the disaster.

Question remains “Not sure how microsoft is going to rollback the update or to install the patch as affected pcs have locked themselves out.”

Recommended : Elon Musk Bitcoin + Ethereum Giveaway Scam Alert!

 

Truth : CrowdStrike, Not Microsoft, Is Responsible For Global IT Outrage!

This appears to be complete misunderstanding of the global IT outage that’s happening only to systems and cloud services based on Microsoft Windows, and here are the reasons why…

Fact #1 : Global IT Outage Caused By CrowdStrike, Not Microsoft

Let me start by simply pointing out that the global IT outrage that started on Friday, 19 July 2024, was caused by CrowdStrike, not Microsoft.

Soon after the outage occurred, CrowdStrike announced (and again) that it was caused by a bug in an update to its Falcon threat detection system.

The IT outage notably did not affect all Microsoft customers and users, only those who purchased and installed CrowdStrike Falcon, which is an “endpoint detection and response” software. This kind of software is designed for large organisations, and that is why this global IT outage is mainly affecting those organisations.

The scale is massive, because CrowdStrike is a leading provider of Endpoint Detection and Response (EDR) software. However, home users and small business users are not affected, because they rely on the built-in Windows Defender software, or consumer-grade software from the likes of Norton and McAfee.

Blaming Microsoft for the buggy update that CrowdStrike issued would be like blaming BMW for defective third-party tyres that leak air, and asking the automotive company to replace or fix those tyres.

Fact #2 : Microsoft Denies Responsibility For Global IT Outage

A Microsoft spokesperson has officially denied responsibility for the global IT outage caused by the CrowdStrike update:

CrowdStrike update was responsible for bringing down a number of IT systems globally. Microsoft does not have oversight into updates that CrowdStrike makes in its systems.

Recommended : Will Microsoft Disable Your Computer If You Share Fake News?!

Fact #3 : Global IT Outage Caused By Bug In CrowdStrike Update

As CrowdStrike explained (and again), the infamous Windows Blue Screen of Death (BSOD) that is caused by a bug in an update meant for Windows-based systems.

The outage was caused by a defect found in a Falcon content update for Windows hosts. Mac and Linux hosts are not impacted. This was not a cyberattack.

We are working closely with impacted customers and partners to ensure that all systems are restored, so you can deliver the services your customers rely on.

CrowdStrike further confirmed that the buggy code was introduced in a single channel file – C-00000291.sys, with the timestamp of 0409 UTC.

As former Google engineer Arpit Bhayani explained, the buggy code was trying to access an invalid memory location, triggering a panic and causing the BSOD.

I saw many engineers blaming the outage on Microsoft 🤦‍♂️ SWEs blaming without knowing the root cause is concerning.

It is not Microsoft, it is Crowdstrike who released an update for Windows that had a bug. The patch runs in Kernel mode to monitor system activity at a low level.

Because it was running in Kernel mode, the buggy code was trying to access an invalid memory location that triggered a panic and which showed Blue Screen of Death.

The name of the driver file that had the buggy update is “C-00000291.sys”, deleting it fixes the issue and unfortunately this needs to be done manually.

Microsoft has nothing to do with it.

Deleting the file, or replacing it with the previous or newer version, fixes the problem. However, it has to be done manually, as the affected computers and servers have “bricked” and cannot be remotely accessed.

Recommended : US Bans Kaspersky Software Over National Security Risk!

Fact #4 : Microsoft Is Supposed To Vet Driver Updates

While Microsoft may not be responsible for the bug in the CrowdStrike update, some cybersecurity experts believe that it may hold some responsibility.

Costin Raiu who worked at Kaspersky for 23 years and led its threat intelligence team, says that Microsoft is supposed to vet the code and cryptographically sign it. This suggests that Microsoft may have also missed the buggy code in the CrowdStrike Falcon kernel driver update.

It’s surprising that with the extreme attention paid to driver updates, this still happened. One simple driver can bring down everything. Which is what we saw here.

Raiu also noted that past updates to Kaspersky and Microsoft’s own Windows Defender antivirus software have also triggered similar Blue Screen of Death crashes in previous years.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

TikTok Leak : China Repeatedly Accessed Private User Data!

Leaked audio from internal TikTok meetings show that private user data has been repeatedly accessed from China!

Here is what you need to know…

 

Privacy Promise By TikTok : Overseas Data Stored In US + Singapore

For many years now, TikTok has repeatedly assured users that all data collected from users outside of China, stays out of China and is thus, not accessible to anyone in China.

To ensure that the Chinese government has no access to the data, one of the measures they took was to store all data collected overseas in servers located in the United States, with backups in Singapore.

This was explicitly stated in their New Privacy Policy :

We store the information described in the What Information We Collect section in servers located in the United States and Singapore.

Most people may not realise this, but they also added a caveat right after that, stating that their Corporate Group (in China) may remotely access the data…

When entities in our Corporate Group need information to help us provide the Platform, they remotely access the information pursuant to authorised and secure access controls.

 

TikTok Leak : China Repeatedly Accessed Private User Data!

Buzzfeed News recently received audio recordings from more than eighty (80) internal TikTok meetings, in which employees admitted that engineers in China accessed private user data.

This was despite a TikTok executive’s sworn testimony at an October 2021 US Senate hearing at the same time period, that a “world-renowned, US-based security team” decides who gets access to the private user data.

Instead, the leaked audio revealed that US staff did not have permission or knowledge of how to access the data. Rather, it was their colleagues in China who determined how and who accessed the private user data.

The leaked tapes ultimately show that TikTok may have misled lawmakers, users, and the public by downplaying the fact that their private data is readily accessible by employees in China, and potentially, the Chinese government.

Everything Is Seen In China

Eight different employees stated in nine statements that they had to refer to their colleagues in China to make those decisions.

Everything is seen in China“, said a member of TikTok’s Trust and Safety department in a September 2021 meeting.

In another September 2021 meeting, a TikTok director referred to a Beijing-based engineer as a “Master Admin” who “has access to everything“.

There’s Some Backdoor To Access User Data…

Fourteen of the leaked audio recordings were with, or about, a team of Booz Allen Hamilton consultants that TikTok brought in to investigate how data flows through TikTok and ByteDance’s internal tools.

In September 2021, one Booz Allen Hamilton consultant told colleagues that the tools felt like they had backdoors to access user data :

I feel like with these tools, there’s some backdoor to access user data in almost all of them, which is exhausting.

Oracle Only Providing Storage For Project Texas

TikTok has been working on what they call Project Texas – securely storing overseas data in Oracle cloud servers to comply with CFIUS (Committee on Foreign Investment in the United States).

Project Texas is limited to protecting the private information of US users, like phone numbers and birthdays – details that are not publicly visible, or have been set to private.

Such data will be stored at an Oracle datacenter in Texas – hence the name, and would only be accessible to specific US-based TikTok employees.

However, TikTok’s head of global cyber and data defense made clear that Oracle was only providing the data storage space for Project Texas. Ultimately, TikTok would be setting up the servers, and controlling everything.

It’s almost incorrect to call it Oracle Cloud, because they’re just giving us bare metal, and then we’re building our VMs [virtual machines] on top of it.

Unique IDs Not Protected Information

In one of the leaked audio recordings from a January 2022 meeting, TikTok’s head of product and user operations announced with a laugh that the Unique ID (UID) will not be amongst the protected content under the CFIUS agreement.

The conversation continues to evolve. We recently found out that UIDs are things we can have access to, which changes the game a bit.

Other Data Not Stored On Oracle Servers

The problem with Project Texas is that it only addresses US users… and only a small subset of their data.

Everything else – including private user data from non-US countries – will stay in their US and Singapore servers that remain accessible to ByteDance’s Beijing offices.

 

Response By TikTok : 100% US Data Traffic Routed To Oracle

TikTok publicly announced on the same day – June 17, 2022, that it changed the “default storage location of US user data“, and that “100% of US user traffic is being routed to Oracle Cloud Infrastructure“.

Although they “expect” to fully pivot to Oracle cloud servers located in the US, they will continue to use their existing US and Singapore servers for backup, and delete US users’ private data over time.

While this may address some of the privacy concerns for US users, it does not address the other privacy concerns revealed in the leaked audio recordings… or the privacy concerns of non-US users.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > BusinessCybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

KKM : MySejahtera Was NOT Sold To Private Company!

The Malaysia Ministry of Health has clarified that the MySejahtera app and its data was not sold to any private company.

Here is what you need to know!

 

Claim : MySejahtera Was Sold To Private Company!

Malaysian opposition leader Anwar Ibrahim claimed that MySejahtera will be sold to a private company – MySJ Sdn. Bhd. through direct negotiation.

The MySejahtera application was rolled out in April 2020, under the Malaysia Ministry of Health (KKM). It was built by KPISoft (now Entomo) as a corporate social responsibility (CSR) initiative.

According to his statement, the government appointed MySJ Sdn. Bhd. through direct negotiation to take over MySejahtera on 26 November 2021.

Then in December 2021, the Public Accounts Committee (PAC) proposed that the government should take over MySejahtera since it is now “an integral part of the national health system”.

 

KKM : MySejahtera Was NOT Be Sold To Private Company!

On 27 March 2022, the Malaysia Health Minister Khairy Jamaluddin issued a press statement, clarifying that the government did not sell MySejahtera to any private company.

Here are the key points of his statement on the claims that MySejahtera was sold to MySJ Sdn. Bhd. :

  1. On 26 November 2021, the government decided that MySejahtera is owned by the government, and the Ministry of Health (KKM) was appointed as the main owner of the application.
  2. The government did not pay KPISoft any money for the development of MySejahtera, which was carried out from 27 March 2020 until 31 March 2021.
    This was based on the company’s offer to let the government use the app for one year for free, as a Corporate Social Responsibility (CSR) initiative.
  3. After the CSR period ended on 31 March 2021, the government agreed to extend the use of MySejahtera, and work with KPISoft to expand its features.
  4. On 26 November 2021, the government ordered KKM to form a Price Negotiation Committee comprising of stakeholder agencies to negotiate the purchase and service maintenance of MySejahtera for two (2) years.
    The scope of the procurement and management of the MySejahtera app included operating MySejahtera, system development including additional modules, maintenance, datacenter management and third-party services like Google Map and Places API, as well as SMS services.
  5. On 28 February 2022, the Ministry of Finance approved KKM’s procurement of the MySejahtera app.
  6. MySejahtera data has been under KKM’s supervision from the first day it was used, and the data is processed according to KKM procedures.
  7. KKM does not share MySejahtera data with any government agency, or private companies.
  8. All data from the MySejahtera app are uploaded to a cloud server network, and can only be accessed by the MySejahtera app only.

In short, the MySejahtera app was not sold to any private company, and was purchased by the Ministry of Health with approval from the Ministry of Finance on 28 February 2022.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Enterprise | SoftwareTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

NTT Launches Fifth Data Center In Malaysia – Cyberjaya 5!

NTT Ltd just launched their fifth data centre in Malaysia – Cyberjaya 5 (CBJ5)!

Here is a quick look at what NTT Cyberjaya 5 offers!

 

NTT Launches Fifth Data Center In Malaysia – Cyberjaya 5

On 3 February 2021, NTT Ltd announced the launch of their fifth data center in Malaysia – Cyberjaya 5 (CBJ5).

Located within the NTT Cyberjaya Campus, this new 107,000 square feet data center is designed for hyperscalers and high-end enterprises in Malaysia’s growing digital economy.

CBJ5 supports 6.5 megawatts of flexible and scalable power, and boasts a Tier IV-ready, compact and modular design, with a cooling wall system that handles up to 15 kilowatts per rack.

NTT clients will have greater access to flexible, scalable and secure infrastructure in Malaysia – a regional data center hub.

“The demand for data storage and managed hosting services is expected to grow exponentially across Malaysia. This fifth data center will meet the expanding needs of organizations to reach their digital business objectives, in particular the FSI sector, as our data center complies with the Risk Management in Technology (RMiT) guideline set by Bank Negara Malaysia. We hope to play a key role in providing the vital data capacity at a high speed to keep Malaysia’s digital ecosystems and the digital economy ticking.” said Henrick Choo, CEO, NTT Ltd. in Malaysia.

 

NTT Cyberjaya 5 : Part Of Strategic ASEAN Hub

CBJ5 is connected to the existing Asia Submarine-cable Express (ASE) and Asia Pacific Gateway (APG) cable system, and will eventually be linked to the upcoming MIST cable system.

The MIST cable system will be available by end 2022 and it is a strategic joint venture for international submarine cables in South East Asia, with Orient Link Pte. Ltd.. It will enable NTT Ltd. to expand its offerings into India and beyond, while the ASE and APG cable systems provide global connectivity from Asia to United States.

This new expansion in Malaysia is part of NTT Global Data Centres division’s growth strategy. Malaysia is a prime data centre market in the ASEAN region, due to the abundant availability of resources, and favourable government policies.

“NTT places Asia Pacific as a tactical key region, and Malaysia – a strategic hub for the submarine cables operated by NTT such as the new MIST cable system, as well as the existing Asia Submarine-cable Express (ASE) and Asia Pacific Gateway (APG). Furthermore, CBJ5 will drive business opportunities in Asia through the upcoming MIST cable system which will link all our large-scale data centers in the region. Our continued commitment to Malaysia will help position NTT as a technologically innovative leader to address the industries of the future,” said Ryuichi Matsuo, Executive Vice President for NTT Ltd.’s Global Data Centers division.

“The pandemic also illustrated the importance of effective connectivity and reliable infrastructure to ensure business continuity. NTT’s global data center platform offers flexible, scalable and secure infrastructure along with a full-stack of customizable solutions that clients can utilize to support their digital transformation needs and maintain critical applications in a comprehensive, hybrid IT environment,” he concluded.

 

Recommended Reading

Go Back To > Business | Home

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!