At one point overnight airlines were calling for an "international ground stop for all flights globally". Planes in the air were unable to get clearance to land or divert. I don't believe such a thing has ever happened before except in the immediate aftermath of 9/11.
A pilot WILL land, even without clearance. They're not going to crash their own plane. Either way, ATC has fallback procedures and can just use radio to communicate and manage everything manually. Get all the planes on the ground in safe order and then wait for a fix before clearing new takeoffs. https://aviation.stackexchange.com/questions/43379/is-there-...
Planes always get landing clearance via radio. "Planes in the air were unable to get clearance to land or divert" strongly suggests that the radios themselves were not working if it's actually true.
I wouldn't expect emergency rooms and 911 to stop working either, but here we are, so until someone says otherwise, I'm assuming some ATCs went down too.
I imagine the flight planning software they use was affected (so their ability to coordinate with other airport's ATC), but not their radio systems or aircraft radar (nearly all radar systems I've worked with are run on Linux, and are hardened to the Nth degree). Been out of the game for 12 years though, so things have likely changed.
The Tenerife disaster (second-deadliest aviation incident in history, after 9/11) was ultimately caused by chaotic conditions due to too many airplanes having to be diverted and land at an alternate airport that wasn't equipped to handle them comfortably.
I'd argue that Tenerife was due to taking off (in bad weather), not landing. But of course, a bunch of planes landing at the same airport without ATC sounds quite dangerous.
There were a lot of contributing causes, but it wouldn't have happened if not for the fact that Tenerife North airport was massively overcrowded due to Gran Canaria airport being suddenly closed (for unrelated reasons) and flights forced to divert.
The issue wasn't with landing specifically; I'm just using it as a general example of issues caused by havoc situations in aviation.
Pilots know where there are other places to land, e.g. there are a lot of military strips and private airfields where some craft can land, depending on size.
I would also point out that the backup plan (Radio and Binoculars) are not only effective but also extremely cheap & easy to keep ready in the control tower at all times.
Why does this tool exist and must be installed on servers? Well, Windows OS design definitely plays a role here.
Why does this software run in a critical path that can cause the machine to BSOD? This is where the OS is a problem. If it is fragile enough that a bad service like this can cause it to crash in an unfixable state (without manual intervention), that’s on Windows.
> Why does this tool exist and must be installed on servers?
Fads, laziness, and lack of forethought. This tool didn't exist a few years ago. Nobody stopped IT departments worldwide and said "hey, maybe you shouldn't be auto-rolling critical software updates without testing, let alone doing this via a third-party tool with dubious checks."
This could have happened on any OS. Auto deployment is the root problem.
In this very thread there was report of a Debian Linux fleet being kernel crashed in exactly the same scenario by exactly the same malware few months ago.
So the only blame Windows can take is its widespread usage, compared to Debian.
Yes, the Linux device driver has many of the same issues (monolithic drivers running in kernel space/memory). I’m not sure what the mitigations were in that case, but I’d be interested to know.
But we both know this isn’t the only model (and have commented as such in the thread). MacOS has been moving away from this risk for years, largely to the annoyance of these enterprise security companies. The vendor that was used by an old employer blamed Apple on their own inability to migrate their buggy EDM program to the new version of macOS. So much so that our company refused to upgrade for over 6 months and then it was begrudgingly allowed.
A tool that has full control of the OS (which is apparently required by such security software) fundamentally must have a way to crash the system, and continue to do so at every restart.
This really should be a hell no. Perhaps Microsoft's greatest claim to fame is their enduring ability to quickly and decisively react to security breaches with updates. Their process is extremely public and hasn't significantly changed in decades.
If your company can't work with Microsoft's process, your company is the problem. Every other software company in the last forty years has figured it out.
I don't blame Windows, but do blame these systems for running Windows, if that makes sense.
I imagined a lot of this ran on some custom or more obscure and hardened specialty system. One that would generally negate the need for antiviruses and such. (and obviously, no, not off the shelf Linux/BSD either)
Legit question, not trolling. Android is the next biggest OS used to run a single application like POS, meter readers, digital menus, navigation systems. It might be the top one by now. It's prone to all the same 'spyware' drawbacks and easier to set up than "Linux".
It would be better than Windows for sure. You’ve got A/B updates, verified boot, selinux, properly sandboxed apps and a whole range of other isolation techniques.
For something truly mission critical, I’d expect something more bespoke with smaller complexity surface. Otherwise Android is actually not a bad choice.
Any sort of Immutable OS would be better for critical systems like this. The ability to literally just rollback the entire state of the system to before the update would have gotten things back online as fast as a reboot...
Something like Android Lollipop from 2014 supports all the latest techniques. It's likely there's no security issues left on Lollipop by now.
A lot of the new forced updates on Android is to prevent people some apps from being used to spy on other apps, stealing passwords, notification backdoor etc, but you don't need that if it's just a car radio.
the same time new showed up here, on wechat tiktok clone (moments i think, in English) was showing animations of the usa air traffic maps and how the tech blackout affected it. from those images i that it was huge.
