| 00:00 - 00:05 | CrowdStrike gets $3 billion yearly in subscriptions |
| 00:05 - 00:07 | they write signatures |
| 00:07 - 00:10 | for malware, call them channel updates |
| 00:11 - 00:16 | they push out their signatures worldwide |
| 00:17 - 00:21 | they spend $0 testing them first |
| 00:21 - 00:24 | no running tests at all |
| 00:29 - 00:31 | pushed it to prod worldwide |
| 00:31 - 00:34 | they crash 70% of the fortune 100s windows boxes |
| 00:38 - 00:40 | the computers can't even boot |
| 00:41 - 00:47 | they can't push out a fix because the boxes are boot looping |
| 00:47 - 00:50 | Delta, United, American airlines all down |
| 00:50 - 00:56 | "ransomware protector" stopped more hospitals operating than ransomware did |
| 00:58 - 00:59 | The CEO |
| 00:59 - 01:01 | 10 years ago |
| 01:04 - 01:06 | was McAfee's CTO |
| 01:06 - 01:08 | when McAfee crashed |
| 01:13 - 01:14 | all their clients |
| 01:14 - 01:16 | with a bad update |
| 01:16 - 01:20 | this was the second time |
| 01:21 - 01:27 | you have to boot into safe mode |
| 01:35 - 01:36 | and delete a file |
| 01:36 - 01:39 | manually |
| 01:41 - 01:44 | while embedded devices |
| 01:44 - 01:47 | like industrial control systems |
| 01:47 - 01:49 | and medical equipment |
| 01:50 - 01:53 | have no keyboard |
| 01:54 - 01:56 | CrowdStrike's CSO |
| 01:56 - 01:58 | releases a statement |
| 01:58 - 02:02 | praising himself for working for the FBI |
| 02:05 - 02:07 | like you should thank him |
| 02:10 - 02:11 | Feeling bad |
| 02:11 - 02:13 | they decide to |
| 02:15 - 02:17 | send out a gift card |
| 02:17 - 02:20 | a $10 uber eats gift card |
| 02:21 - 02:28 | and then to top it off they send out an update that breaks the gift card |
| 02:29 - 02:30 | really |
| 02:30 - 02:32 | their update broke the $10 gift card too |
| 02:36 - 02:39 | four days later |
| 02:40 - 02:42 | Delta flights are all still delayed |
| 02:50 - 02:55 | bags piled up in airports everywhere |
| 02:56 - 02:58 | CrowdStrike's terms |
| 02:58 - 03:04 | disclaim any responsibility or liability |
| 03:04 - 03:09 | all because they were overreacting to a minor Cobalt Strike update |
| 03:09 - 03:11 | that used named pipes |
| 03:16 - 03:20 | the CSO sold 4000 shares the prior day |
| 03:23 - 03:26 | they never tested their content update |
| 03:31 - 03:36 | and the whole kernel driver's still written in C |
