August 09, 2024

270: The Cloud Pod Puts a Hex-LLM on all these AI Announcements

Listen Later

53 minutes

The Cloud Pod Puts a Hex-LLM on all these AI Announcements

Welcome to episode 270 of the Cloud Pod Podcast – where the forecast is always cloudy! Jonathan, Ryan, Matt and Justin are your hosts today as we sort through all of the cloud and AI news of the week, including updates to the Crowdstrike BSOD event, more info on that proposed Wiz takeover (spoiler alert: it’s toast) and some updates to Bedrock. All this and more news, right now on the Cloud Pod!

Titles we almost went with this week:

The antivirus strikes back

The return of the crowdstrike

The cloud pod is worth more than 23B

The cloud pod is rebranded to the AI podcast

The cloud pod might need to move to another git provider

Amazon finally gets normal naming for end user messaging

Amazon still needs to work on it’s end user messaging

The CloudPod goes into hibernation before the next crisis hits

EC2 Now equipped with ARM rests

A big thanks to this week’s sponsor:

Follow Up

01:33 In what feels suspiciously like an SNL skit, CrowdStrike sent its partners $10 Uber Eats gift cards as an apology for mass IT outage

As you can imagine, Twitter (or X) had thoughts.

Turns out they were just for third party partners that were helping with implementation.

2024 Economics wants to know – what are you going to do with only $10 with Uber Eats?

Crowdstrike: Preliminary Post Incident Review

Moving on to the actual story – The Preliminary Post Incident Review (PIR) is now out for the BSOD Crowdstrike event we talked about last week.

Crowdstrike reports that a Rapid Response Content Update for the Falcon sensor was published to Windows hosts running sensor version 7.11 and above.

The update was to gather telemetry on new threat techniques that targeted named pipes in the kernel but instead triggered a BSOD on systems online from 4:09 – 5:27 UTC.

Ultimately, the crash occurred due to undetected content during validation checks, which resulted in an out-of-bounds memory read.

To avoid this, Crowdstrike plans to do a bunch of things:

Improve rapid response content testing by using testing types such as Local developer, content update and rollback, stress, fuzzing, fault injection, stability and content interface testing.

Introduce additional validation checks in the content validator to prevent similar issues.

Strengthen error handling mechanisms in the Falcon sensor to ensure errors from problematic content are managed gracefully.

Adopt staggered deployment strategies, starting with a canary deployment to a small subset of systems before further staged rollouts

Enhanced sensor and system performance monitoring during the staggered content deployment to identify and mitigate issues promptly.

Allowing a granular section of when and where these updates are deployed will give customers greater contro

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

The Cloud Pod

By Justin Brodley, Jonathan Baker, Ryan Lucas and Matthew Kohn

4.9

3333 ratings

August 09, 2024

270: The Cloud Pod Puts a Hex-LLM on all these AI Announcements

Listen Later

53 minutes

The Cloud Pod Puts a Hex-LLM on all these AI Announcements

Welcome to episode 270 of the Cloud Pod Podcast – where the forecast is always cloudy! Jonathan, Ryan, Matt and Justin are your hosts today as we sort through all of the cloud and AI news of the week, including updates to the Crowdstrike BSOD event, more info on that proposed Wiz takeover (spoiler alert: it’s toast) and some updates to Bedrock. All this and more news, right now on the Cloud Pod!

Titles we almost went with this week:

The antivirus strikes back

The return of the crowdstrike

The cloud pod is worth more than 23B

The cloud pod is rebranded to the AI podcast

The cloud pod might need to move to another git provider

Amazon finally gets normal naming for end user messaging

Amazon still needs to work on it’s end user messaging

The CloudPod goes into hibernation before the next crisis hits

EC2 Now equipped with ARM rests

A big thanks to this week’s sponsor:

Follow Up

01:33 In what feels suspiciously like an SNL skit, CrowdStrike sent its partners $10 Uber Eats gift cards as an apology for mass IT outage

As you can imagine, Twitter (or X) had thoughts.

Turns out they were just for third party partners that were helping with implementation.

2024 Economics wants to know – what are you going to do with only $10 with Uber Eats?

Crowdstrike: Preliminary Post Incident Review

Moving on to the actual story – The Preliminary Post Incident Review (PIR) is now out for the BSOD Crowdstrike event we talked about last week.

Crowdstrike reports that a Rapid Response Content Update for the Falcon sensor was published to Windows hosts running sensor version 7.11 and above.

The update was to gather telemetry on new threat techniques that targeted named pipes in the kernel but instead triggered a BSOD on systems online from 4:09 – 5:27 UTC.

Ultimately, the crash occurred due to undetected content during validation checks, which resulted in an out-of-bounds memory read.

To avoid this, Crowdstrike plans to do a bunch of things:

Improve rapid response content testing by using testing types such as Local developer, content update and rollback, stress, fuzzing, fault injection, stability and content interface testing.

Introduce additional validation checks in the content validator to prevent similar issues.

Strengthen error handling mechanisms in the Falcon sensor to ensure errors from problematic content are managed gracefully.

Adopt staggered deployment strategies, starting with a canary deployment to a small subset of systems before further staged rollouts

Enhanced sensor and system performance monitoring during the staggered content deployment to identify and mitigate issues promptly.

Allowing a granular section of when and where these updates are deployed will give customers greater contro

...more

More shows like The Cloud Pod

Software Engineering Radio - the podcast for professional software developers by se-radio@computer.org

Software Engineering Radio - the podcast for professional software developers

272 Listeners

Risky Business by Patrick Gray

Risky Business

361 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

628 Listeners

The Changelog: Software Development, Open Source by Changelog Media

The Changelog: Software Development, Open Source

283 Listeners

Freakonomics Radio by Freakonomics Radio + Stitcher

Freakonomics Radio

32,202 Listeners

Heavy Networking by Packet Pushers

Heavy Networking

325 Listeners

The Cloudcast by Massive Studios

The Cloudcast

153 Listeners

The Vergecast by The Verge

The Vergecast

3,669 Listeners

LINUX Unplugged by Jupiter Broadcasting

LINUX Unplugged

265 Listeners

Software Engineering Daily by Software Engineering Daily

Software Engineering Daily

624 Listeners

AWS Podcast by Amazon Web Services

AWS Podcast

202 Listeners

Kubernetes Podcast from Google by Abdel Sghiouar, Kaslin Fields

Kubernetes Podcast from Google

181 Listeners

The Stack Overflow Podcast by The Stack Overflow Podcast

The Stack Overflow Podcast

64 Listeners

Hard Fork by The New York Times

Hard Fork

5,420 Listeners

Oxide and Friends by Oxide Computer Company

Oxide and Friends

47 Listeners