> Read that: “less than 1% of the machines were impacted”. Does this mean that CrowdStrike does have a staged rollout in which they push configuration changes to just a subset of 1% of the machines worldwide?
According to their post-mortem, only machines that were online between 4:09 and 5:27 UTC were affected, until it was pulled. So, in the US, it would only affect machines that were on between 9 PM and 1:30 AM (depending on time zone). If you shut off your work computer every night, you'd be saved.
These 2 sentences destroy the basic premise of the article:
And this is where some Rust enthusiasts will zero in and say “Ah-HAH! We got you, fools. If the code had been written in Rust, this bug would not have existed!” And, you know what, that’s literally true: this specific bug would not have happened.
Bottom line:
1. Rust would have prevented this bug, as you acknowledge
2. However, you make the point that Rust does not prevent all bugs. Fine. But it would have prevented this one.
Nicely written and explained!
> Read that: “less than 1% of the machines were impacted”. Does this mean that CrowdStrike does have a staged rollout in which they push configuration changes to just a subset of 1% of the machines worldwide?
According to their post-mortem, only machines that were online between 4:09 and 5:27 UTC were affected, until it was pulled. So, in the US, it would only affect machines that were on between 9 PM and 1:30 AM (depending on time zone). If you shut off your work computer every night, you'd be saved.
These 2 sentences destroy the basic premise of the article:
And this is where some Rust enthusiasts will zero in and say “Ah-HAH! We got you, fools. If the code had been written in Rust, this bug would not have existed!” And, you know what, that’s literally true: this specific bug would not have happened.
Bottom line:
1. Rust would have prevented this bug, as you acknowledge
2. However, you make the point that Rust does not prevent all bugs. Fine. But it would have prevented this one.