• Robin@lemmy.world
      link
      fedilink
      English
      arrow-up
      38
      arrow-down
      1
      ·
      4 months ago

      For a company this big it would also have to have gotten past a code review and QA team, right? … right? …

        • yrmp@lemmy.world
          link
          fedilink
          arrow-up
          6
          ·
          4 months ago

          We do.

          “If something goes down over the weekend, fewer people see it” - my leadership team.

          I guess Asia can report the problem on Sunday and I’ll get a nastygram and fix it that afternoon.

      • merc@sh.itjust.works
        link
        fedilink
        arrow-up
        4
        ·
        4 months ago

        Code review, QA team, hours of being baked on an internal test network, incremental exponential roll out to the world, starting slow so that any problems can be immediately rolled back. If they didn’t have those basics, they have no business being a tech company, let alone a security company who puts out windows drivers.

    • qjkxbmwvz@startrek.website
      link
      fedilink
      arrow-up
      19
      ·
      4 months ago

      Yeah, something this big is absolutely not one engineer’s fault. Even if that engineer maliciously pushed an update, it’s not their fault — it was a complete failure of the organization, and one person having the ability to wreck havoc like this is the failure.

      And I actually have some amount of hope that, in this case, it is being recognized as such.

        • merc@sh.itjust.works
          link
          fedilink
          arrow-up
          9
          ·
          4 months ago

          No they won’t, not if they’re in the slightest bit competent.

          Blameless post-mortem culture is very common at big IT organizations. For a fuck-up this size, there are going to be dozens of problems identified, from bad QA processes, to bad code review processes, to bad documentation, to bad corner cases in tools.

          There will probably be some guy (or gal) who pushed the button, but unless what that person did was utterly reckless (like pushing an update while high or drunk, or pushing a change then turning off her phone and going dark, or whatever) the person who pushed the button will probably be a legend to their peers. Even if they made a big mistake, if they followed standard procedures while doing it, almost everyone will recognize they’re not at fault, they just got to be the unlucky person who pushed the button this time.

    • JustinA
      link
      fedilink
      English
      arrow-up
      13
      arrow-down
      1
      ·
      4 months ago

      This is an industry wide issue. This is just the first symptom.

    • explodicle@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      6
      ·
      4 months ago

      He’ll just get fired, apply somewhere else, and they’ll only know the dates he worked at CrowdStrike.

      If anybody cared, they would have switched away from M$ by now.