Comments by "Peter" (@peter65zzfdfh) on "Some bad code just broke a billion Windows machines" video.

  1. @M4DD4WGyeah they hired people from Texas instead of keeping the experts in California or India…. Some guy called Chad hired because his dad plays golf with the CEO instead of someone competent that looks a little different.
    2
  2.  @TheOnlyGhxst the software on those systems is not the same. And the incident actually showed how secure windows is, when it detected something suspicious it shut down preventing access. Had it continued working that would be insecure.
    2
  3.  @Joe-lb8qn none of the organisations have any control over this, it’s essentially a virus definition update they publish daily or multiple times a day and there’s zero ability to delay it. Or was not supposed to be a software feature update . The choice is remain vulnerable to a threat that is potentially being actively exploited or not. They essentially outsourced their threat mitigations to one of the handful of companies in the world who can actually deal with them near real time, who failed to test properly.
    2
  4. It sounds like in order to protect from emerging threats they actually deploy every day, sometimes multiple times a day. Their QA process is obviously flawed; but ‘leave systems vulnerable to a known threat over a weekend’ is not a solution.
    1
  5.  @monad_tcp reliability, resilience and usability aren’t part of security. Indeed usability and security are often opposites.
    1
  6.  @mahe4 because in order to detect code exploiting a vulnerability you have to essentially publish instructions on how to exploit it. They can absolutely do better testing internally or wait for positive telemetry before continuing a roll out, but waiting days, or possibly even hours is a non option, you can’t leave a threat unpatched just because it’s a Thursday night. It’s lose / lose.
    1
  7.  @tma2001 nothing technically was ‘installed’ it was essentially a definition update. The crash and thus reboot was automatically done by windows because the new definitions made it read a memory address that was protected. This triggers windows to protect itself from a potential threat by shutting down.
    1