I read today that crowdstrike already did this years ago and that the ceo apparently worked for mcaffee when they did the same. Maybe he should face some consequences for his actions.
He won’t and chances are it wasn’t just a single persons fault. Also targeting a individual instead of a company is fairly problematic and not really something that is done.
Do target individuals. CEOs should be responsible for neglect and rockstar culture.
The CEOs won’t take any blame. It’ll be Joe C-sharp who gets axed.
I don’t think that should be the default. A company shouldn’t be able to just put the blame on a single person. Also if that were the case no one would want to be CEO.
A company shouldn’t be able to just put the blame on a single person.
You misunderstand. The Justice department sould go after whatever executive or executives that allowed their company to be run so sloppily that something this destructive would occur, and you criminally charge them and make examples of them while simultaneously fining the company itself and opening it up to a flood of lawsuits that will put it entirely out of business, a deserved consequence for fucking up so badly that people fucking died.
Yeah the ceo gets credit for pumping a company up, but no we can’t possibly blame them for the company’s failures. This should be coming out of his paycheck/bonus.
There would definitely still be people that want the money/authority that comes from a CEO position, they would just be held to a standard. A company is not an organization or the processes that it follows, it is the people that create and carry out those processes. If you separate the responsibility for the company from the people that make up that company you allow mistakes without real consequences for those that had a part in causing it.
Based on what I have heard the last day, the CEO of Crowdstrike created a culture of cutting corners in the organization he is responsible for that led to a reduced focus on QA testing which in turn let this bug slip into the production machines of a significant number of other companies and organizations counting on that not happening. If the responsibility for that mistake lies with something as nebulous as “the company” then the organization may close, but the people that were responsible would be separated from the consequences of their negligence and free to move on to any other company having learned they can do the same things without being harmed personally. That sounds less than ideal.
I think the CEO should have some consequences. Maybe not jail time (although maybe if there were people in medical situations that died because the machines being used to keep them alive were bricked) but a real fine that impacts him personally may prompt a greater drive to organize the company to avoid the issue in the future, or prevent it at future companies.
I think any discipline should come from the board. It isn’t the governments place to dictate the company internals. They can structure how they like as long as they follow the laws. The liability falls onto the company and if the board gets pissed they can fire the CEO
‘We have investigated ourselves and have found no wrong doing.’
targeting a individual instead of a company is fairly problematic
Yeah man, super problematic to hold business owners responsible for the criminal negligence of their companies. This is America, business owners are to be insulated against harsh legal consequences. That’s what interns are for.
You don’t blame the intern you blame the company. They get a large fine and then the board starts asking questions. Also if a CEO messes up bad enough they told to leave.
Oh, so this was nobody’s fault and nobody gets any real legal trouble? Just business as usual, and if shareholders are mad enough the CEO gets a Golden parachute…
I’m confused, are you just lecturing us on how things currently work, or are you actually advocating for protecting high-level decision-makers from the legal consequences of their own negligent actions? Because the latter is some capitalist bullshit.
Businesses run this badly can be blamed on leaders. When negligence causes this much damage, those leaders need to face actual consequences, if only as a warning to other business owners that you won’t get away with it.
Taking extreme risks with the world’s infrastructure is a gamble that might win you a few years in federal prison. We should make that clear before the next “disruptor” comes along and tries running critical operational software like it’s an EA video game…
Not sure what your experience with companies is but I‘ve built a couple and you absolutely go to jail if your company does certain things. Sadly, that still doesnt really apply often enough. Here’s a list of ceos that went to jail for their deeds: https://www.nbcnews.com/business/markets/10-ceos-who-went-boardroom-cell-block-flna783944
The important part is that the „mistake“ that has happened is called negligence and if that happens multiple times (as it did), you should have put systems in place to not let it happen again.
As I already mentioned, this doesnt apply often as large companies that make billions - and their ceos - have much better lawyers than average joe (even if joe owns a small company).
The landscape of entrepreneurship looks vastly different from the normal legal system and money does make and break a lot. Only if you‘re either a huge idiot or steal a lot of shit, you go in no matter your resources.
I don’t know why you’re being downvoted here. I thought a lot of the audience here was relatively informed on what it’s like to work in IT/programming. Where we do what we can to make sure all our updates go well, but things slip through the cracks.
This was a massive fuckup, but it’s likely not that different than pushing a bug to prod, it just so happens that their prod has such a huge audience. I would hope they have very strict rules about what gets in, but I can also respect that no matter how many processes you put in place to make sure bad things don’t happen, problems can still make it through.
Crowdstrike should be held to a higher standard of course, because of how impactful these mistakes can be for their software. And it’s pretty crazy that something this bad slipped through. But I wouldn’t jump to criminal negligence here without more information.
p.s. I’m not saying CEOs / corps should not be held accountable. They should be. And CEOs do have the power to drive the company into criminal acts and they should be held accountable with jail time for that. I’m just saying I don’t think that’s the case here.
Airports and some other stuff wouldnt have been an issue so i feel like it would be similar not much worse.
Crowdstrike is very entrenched in healthcare. Hospitals were routinely at capacity in 2020.
The outage this weekend probably killed some people due to disruptions in delivering care. It definitely would have then.
Why?
Everyowkring from home and access to on-site locations are limited, imagine the chaos of everyone at their office having to travel to IT to fix their PC, or IT traveling to locations with problems while trying to maintain isolation rules.
It still is a nightmare. Most people never return to the office so this issue essentially still exists. It’s actually not that hard to fix now since we have a patch it’s just fiddly.
I am wondering if I can just re-image from an ISO on a USB drive, because I think most systems are set up automatically to boot from USB as the primary device. Should save a lot of time.
Can confirm. I have 200 users and at least 1/4th of that work from home at any time. Anything that requires hands on approach you can’t do over remote assistancce software is a logistical nightmare, mostly because people can’t or wont swing by office.
Everyone I know still works from home, but they all use MacBook Pros.
Covid. Where were you?
I’m 3 years old that’s why I guess ╮(︶▽︶)╭
It affected tons of hospitals. People probably died because they didn’t get the care they needed, this time. In 2020 when all hospitals were over capacity? People definitely would have died.