Fragility of the World's Internet Infrastructure?
"it is a very, very uncomfortable illustration of the fragility of the world's core Internet infrastructure" said Ciaran Martin, Professor of Oxford's Blavatnik School of Government and former head of UK national cyber security center...
Amazingly it still takes some effort to know what is and what is not an Internet issue. Better read this brief, clear text from ISOC, by Olaf Kolkmann and Dan York: https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates... Alejandro Pisanty [https://www.internetsociety.org/wp-content/uploads/2024/07/outage-ATM-screen-1.jpg]<https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates-need-for-resiliency-in-software-systems/> Global Tech Outage Demonstrates Need for Resiliency in Software Systems - Internet Society<https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates...> www.internetsociety.org Today's global outage of many systems was not an Internet outage, but it demonstrates the need for greater resilience in all our technical systems. ________________________________ De: Sivasubramanian M via At-Large <at-large@icann.org> Enviado: viernes, 19 de julio de 2024 05:59 a. m. Para: at-large@atlarge-lists.icann.org; internetpolicy@elists.isoc.org Asunto: [At-Large] Fragility of the World's Internet Infrastructure? "it is a very, very uncomfortable illustration of the fragility of the world's core Internet infrastructure" said Ciaran Martin, Professor of Oxford's Blavatnik School of Government and former head of UK national cyber security center...
Yeah Software NOT internet related at all Those of us who don’t use that company’s products weren’t impacted at all Though I am glad I wasn’t flying with Ryanair today! Mr Michele Neylon Blacknight Hosting & Domains https://www.blacknight.com @mneylon Sent from mobile so typos and brevity are normal On 19 Jul 2024, at 20:18, Dr. Alejandro Pisanty Baruch via At-Large <at-large@icann.org> wrote: [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. Amazingly it still takes some effort to know what is and what is not an Internet issue. Better read this brief, clear text from ISOC, by Olaf Kolkmann and Dan York: https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates... Alejandro Pisanty [https://www.internetsociety.org/wp-content/uploads/2024/07/outage-ATM-screen-1.jpg]<https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates-need-for-resiliency-in-software-systems/> Global Tech Outage Demonstrates Need for Resiliency in Software Systems - Internet Society<https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates...> www.internetsociety.org Today's global outage of many systems was not an Internet outage, but it demonstrates the need for greater resilience in all our technical systems. ________________________________ De: Sivasubramanian M via At-Large <at-large@icann.org> Enviado: viernes, 19 de julio de 2024 05:59 a. m. Para: at-large@atlarge-lists.icann.org; internetpolicy@elists.isoc.org Asunto: [At-Large] Fragility of the World's Internet Infrastructure? "it is a very, very uncomfortable illustration of the fragility of the world's core Internet infrastructure" said Ciaran Martin, Professor of Oxford's Blavatnik School of Government and former head of UK national cyber security center... _______________________________________________ At-Large mailing list -- at-large@icann.org To unsubscribe send an email to at-large-leave@icann.org At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
<off topic> Any idea on who is going to pay for the damages? Cheers, R. On 19.07.2024, at 22:16, Michele Neylon - Blacknight via At-Large <at-large@icann.org> wrote: Yeah Software NOT internet related at all Those of us who don’t use that company’s products weren’t impacted at all Though I am glad I wasn’t flying with Ryanair today! Mr Michele Neylon Blacknight Hosting & Domains https://www.blacknight.com @mneylon Sent from mobile so typos and brevity are normal On 19 Jul 2024, at 20:18, Dr. Alejandro Pisanty Baruch via At-Large <at-large@icann.org> wrote: [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. Amazingly it still takes some effort to know what is and what is not an Internet issue. Better read this brief, clear text from ISOC, by Olaf Kolkmann and Dan York: https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates... Alejandro Pisanty [https://www.internetsociety.org/wp-content/uploads/2024/07/outage-ATM-screen-1.jpg]<https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates-need-for-resiliency-in-software-systems/> Global Tech Outage Demonstrates Need for Resiliency in Software Systems - Internet Society<https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates...> www.internetsociety.org Today's global outage of many systems was not an Internet outage, but it demonstrates the need for greater resilience in all our technical systems. ________________________________ De: Sivasubramanian M via At-Large <at-large@icann.org> Enviado: viernes, 19 de julio de 2024 05:59 a. m. Para: at-large@atlarge-lists.icann.org; internetpolicy@elists.isoc.org Asunto: [At-Large] Fragility of the World's Internet Infrastructure? "it is a very, very uncomfortable illustration of the fragility of the world's core Internet infrastructure" said Ciaran Martin, Professor of Oxford's Blavatnik School of Government and former head of UK national cyber security center... _______________________________________________ At-Large mailing list -- at-large@icann.org To unsubscribe send an email to at-large-leave@icann.org At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on. _______________________________________________ At-Large mailing list -- at-large@icann.org To unsubscribe send an email to at-large-leave@icann.org At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Insurance maybe? I doubt that CrowdStrike or anyone else will accept liability Mr Michele Neylon Blacknight Hosting & Domains https://www.blacknight.com @mneylon Sent from mobile so typos and brevity are normal On 19 Jul 2024, at 21:42, Roberto Gaetano <roberto_gaetano@hotmail.com> wrote: [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. <off topic> Any idea on who is going to pay for the damages? Cheers, R. On 19.07.2024, at 22:16, Michele Neylon - Blacknight via At-Large <at-large@icann.org> wrote: Yeah Software NOT internet related at all Those of us who don’t use that company’s products weren’t impacted at all Though I am glad I wasn’t flying with Ryanair today! Mr Michele Neylon Blacknight Hosting & Domains https://www.blacknight.com @mneylon Sent from mobile so typos and brevity are normal On 19 Jul 2024, at 20:18, Dr. Alejandro Pisanty Baruch via At-Large <at-large@icann.org> wrote: [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. Amazingly it still takes some effort to know what is and what is not an Internet issue. Better read this brief, clear text from ISOC, by Olaf Kolkmann and Dan York: https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates... Alejandro Pisanty [https://www.internetsociety.org/wp-content/uploads/2024/07/outage-ATM-screen-1.jpg]<https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates-need-for-resiliency-in-software-systems/> Global Tech Outage Demonstrates Need for Resiliency in Software Systems - Internet Society<https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates...> www.internetsociety.org Today's global outage of many systems was not an Internet outage, but it demonstrates the need for greater resilience in all our technical systems. ________________________________ De: Sivasubramanian M via At-Large <at-large@icann.org> Enviado: viernes, 19 de julio de 2024 05:59 a. m. Para: at-large@atlarge-lists.icann.org; internetpolicy@elists.isoc.org Asunto: [At-Large] Fragility of the World's Internet Infrastructure? "it is a very, very uncomfortable illustration of the fragility of the world's core Internet infrastructure" said Ciaran Martin, Professor of Oxford's Blavatnik School of Government and former head of UK national cyber security center... _______________________________________________ At-Large mailing list -- at-large@icann.org To unsubscribe send an email to at-large-leave@icann.org At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on. _______________________________________________ At-Large mailing list -- at-large@icann.org To unsubscribe send an email to at-large-leave@icann.org At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
From the German newsfeeds: In view of the global IT breakdown, the German Insurance Association (GDV) has emphasized that damage caused by the failure or disruption of IT service providers is not covered by cyber insurance under the GDV model terms and conditions if this causes customers' systems to fail. “This exclusion serves to avoid jeopardizing the economic performance of cyber insurers in the event of a cyber disaster,” says the GDV. So, no. They will not pay anything. Von: Michele Neylon - Blacknight via At-Large <at-large@icann.org> Gesendet: Freitag, 19. Juli 2024 22:45 An: Roberto Gaetano <roberto_gaetano@hotmail.com> Cc: At Large <at-large@atlarge-lists.icann.org>; InternetPolicy@elists.isoc.org Betreff: [At-Large] Re: Fragility of the World's Internet Infrastructure? Insurance maybe? I doubt that CrowdStrike or anyone else will accept liability Mr Michele Neylon Blacknight Hosting & Domains https://www.blacknight.com @mneylon Sent from mobile so typos and brevity are normal On 19 Jul 2024, at 21:42, Roberto Gaetano <roberto_gaetano@hotmail.com> wrote: [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. <off topic> Any idea on who is going to pay for the damages? Cheers, R. On 19.07.2024, at 22:16, Michele Neylon - Blacknight via At-Large <at-large@icann.org> wrote: Yeah Software NOT internet related at all Those of us who don’t use that company’s products weren’t impacted at all Though I am glad I wasn’t flying with Ryanair today! Mr Michele Neylon Blacknight Hosting & Domains https://www.blacknight.com @mneylon Sent from mobile so typos and brevity are normal On 19 Jul 2024, at 20:18, Dr. Alejandro Pisanty Baruch via At-Large <at-large@icann.org> wrote: [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. Amazingly it still takes some effort to know what is and what is not an Internet issue. Better read this brief, clear text from ISOC, by Olaf Kolkmann and Dan York: https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates... Alejandro Pisanty <https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates...> <https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates...> Global Tech Outage Demonstrates Need for Resiliency in Software Systems - Internet Society www.internetsociety.org Today's global outage of many systems was not an Internet outage, but it demonstrates the need for greater resilience in all our technical systems. _____ De: Sivasubramanian M via At-Large <at-large@icann.org> Enviado: viernes, 19 de julio de 2024 05:59 a. m. Para: at-large@atlarge-lists.icann.org; internetpolicy@elists.isoc.org Asunto: [At-Large] Fragility of the World's Internet Infrastructure? "it is a very, very uncomfortable illustration of the fragility of the world's core Internet infrastructure" said Ciaran Martin, Professor of Oxford's Blavatnik School of Government and former head of UK national cyber security center... _______________________________________________ At-Large mailing list -- at-large@icann.org To unsubscribe send an email to at-large-leave@icann.org At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on. _______________________________________________ At-Large mailing list -- at-large@icann.org To unsubscribe send an email to at-large-leave@icann.org At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
The Terms and Conditions §8.6 says: https://www.crowdstrike.com/terms-conditions/ … EXCEPT FOR THE EXPRESS WARRANTIES IN THIS SECTION 8, CROWDSTRIKE AND ITS AFFILIATES DISCLAIM ALL OTHER WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE. TO THE MAXIMUM EXTENT PERMITTED UNDER APPLICABLE LAW, CROWDSTRIKE AND ITS AFFILIATES AND SUPPLIERS SPECIFICALLY DISCLAIM ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT WITH RESPECT TO THE OFFERINGS AND CROWDSTRIKE TOOLS. THERE IS NO WARRANTY THAT THE OFFERINGS OR CROWDSTRIKE TOOLS WILL BE ERROR FREE, OR THAT THEY WILL OPERATE WITHOUT INTERRUPTION OR WILL FULFILL ANY OF CUSTOMER’S PARTICULAR PURPOSES OR NEEDS. THE OFFERINGS AND CROWDSTRIKE TOOLS ARE NOT FAULT-TOLERANT AND ARE NOT DESIGNED OR INTENDED FOR USE IN ANY HAZARDOUS ENVIRONMENT REQUIRING FAIL-SAFE PERFORMANCE OR OPERATION. NEITHER THE OFFERINGS NOR CROWDSTRIKE TOOLS ARE FOR USE IN THE OPERATION OF AIRCRAFT NAVIGATION, NUCLEAR FACILITIES, COMMUNICATION SYSTEMS, WEAPONS SYSTEMS, DIRECT OR INDIRECT LIFE-SUPPORT SYSTEMS, AIR TRAFFIC CONTROL, OR ANY APPLICATION OR INSTALLATION WHERE FAILURE COULD RESULT IN DEATH, SEVERE PHYSICAL INJURY, OR PROPERTY DAMAGE. … Hence: No, they will not pay anything. You can ask the purchase department, why they ordered this clearly inappropriate product. You can ask the IT department, why they installed an update from an untrustworthy source without any staging environment directly into production. You can ask the security department, why they insist on nice, graphical reports instead of functional setups. Von: Roberto Gaetano via At-Large <at-large@icann.org> Gesendet: Freitag, 19. Juli 2024 22:43 An: Michele Neylon - Blacknight <michele@blacknight.com> Cc: At Large <at-large@atlarge-lists.icann.org>; InternetPolicy@elists.isoc.org Betreff: [At-Large] Re: Fragility of the World's Internet Infrastructure? <off topic> Any idea on who is going to pay for the damages? Cheers, R. On 19.07.2024, at 22:16, Michele Neylon - Blacknight via At-Large <at-large@icann.org <mailto:at-large@icann.org> > wrote: Yeah Software NOT internet related at all Those of us who don’t use that company’s products weren’t impacted at all Though I am glad I wasn’t flying with Ryanair today! Mr Michele Neylon Blacknight Hosting & Domains https://www.blacknight.com @mneylon Sent from mobile so typos and brevity are normal On 19 Jul 2024, at 20:18, Dr. Alejandro Pisanty Baruch via At-Large <at-large@icann.org <mailto:at-large@icann.org> > wrote: [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. Amazingly it still takes some effort to know what is and what is not an Internet issue. Better read this brief, clear text from ISOC, by Olaf Kolkmann and Dan York: https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates... Alejandro Pisanty <https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates...> <https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates...> Global Tech Outage Demonstrates Need for Resiliency in Software Systems - Internet Society www.internetsociety.org <http://www.internetsociety.org> Today's global outage of many systems was not an Internet outage, but it demonstrates the need for greater resilience in all our technical systems. _____ De: Sivasubramanian M via At-Large <at-large@icann.org <mailto:at-large@icann.org> > Enviado: viernes, 19 de julio de 2024 05:59 a. m. Para: at-large@atlarge-lists.icann.org <mailto:at-large@atlarge-lists.icann.org> ; internetpolicy@elists.isoc.org <mailto:internetpolicy@elists.isoc.org> Asunto: [At-Large] Fragility of the World's Internet Infrastructure? "it is a very, very uncomfortable illustration of the fragility of the world's core Internet infrastructure" said Ciaran Martin, Professor of Oxford's Blavatnik School of Government and former head of UK national cyber security center... _______________________________________________ At-Large mailing list -- at-large@icann.org <mailto:at-large@icann.org> To unsubscribe send an email to at-large-leave@icann.org <mailto:at-large-leave@icann.org> At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on. _______________________________________________ At-Large mailing list -- at-large@icann.org <mailto:at-large@icann.org> To unsubscribe send an email to at-large-leave@icann.org <mailto:at-large-leave@icann.org> At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Thank you Lutz! Any aware (can I say 'woke' here?) CIO would have asked those questions and facilitated the necessary conduct before the SHTF. Carlton ============================== *Carlton A Samuels* *Mobile: 876-818-1799Strategy, Process, Governance, Assessment & Turnaround* ============================= On Mon, 22 Jul 2024 at 05:49, Lutz Donnerhacke via At-Large < at-large@icann.org> wrote:
The Terms and Conditions §8.6 says: https://www.crowdstrike.com/terms-conditions/
… EXCEPT FOR THE EXPRESS WARRANTIES IN THIS SECTION 8, CROWDSTRIKE AND ITS AFFILIATES DISCLAIM ALL OTHER WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE. TO THE MAXIMUM EXTENT PERMITTED UNDER APPLICABLE LAW, CROWDSTRIKE AND ITS AFFILIATES AND SUPPLIERS SPECIFICALLY DISCLAIM ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT WITH RESPECT TO THE OFFERINGS AND CROWDSTRIKE TOOLS. THERE IS NO WARRANTY THAT THE OFFERINGS OR CROWDSTRIKE TOOLS WILL BE ERROR FREE, OR THAT THEY WILL OPERATE WITHOUT INTERRUPTION OR WILL FULFILL ANY OF CUSTOMER’S PARTICULAR PURPOSES OR NEEDS. THE OFFERINGS AND CROWDSTRIKE TOOLS ARE NOT FAULT-TOLERANT AND ARE NOT DESIGNED OR INTENDED FOR USE IN ANY HAZARDOUS ENVIRONMENT REQUIRING FAIL-SAFE PERFORMANCE OR OPERATION. NEITHER THE OFFERINGS NOR CROWDSTRIKE TOOLS ARE FOR USE IN THE OPERATION OF AIRCRAFT NAVIGATION, NUCLEAR FACILITIES, COMMUNICATION SYSTEMS, WEAPONS SYSTEMS, DIRECT OR INDIRECT LIFE-SUPPORT SYSTEMS, AIR TRAFFIC CONTROL, OR ANY APPLICATION OR INSTALLATION WHERE FAILURE COULD RESULT IN DEATH, SEVERE PHYSICAL INJURY, OR PROPERTY DAMAGE. …
Hence: No, they will not pay anything.
You can ask the purchase department, why they ordered this clearly inappropriate product.
You can ask the IT department, why they installed an update from an untrustworthy source without any staging environment directly into production.
You can ask the security department, why they insist on nice, graphical reports instead of functional setups.
*Von:* Roberto Gaetano via At-Large <at-large@icann.org> *Gesendet:* Freitag, 19. Juli 2024 22:43 *An:* Michele Neylon - Blacknight <michele@blacknight.com> *Cc:* At Large <at-large@atlarge-lists.icann.org>; InternetPolicy@elists.isoc.org *Betreff:* [At-Large] Re: Fragility of the World's Internet Infrastructure?
<off topic>
Any idea on who is going to pay for the damages?
Cheers,
R.
On 19.07.2024, at 22:16, Michele Neylon - Blacknight via At-Large < at-large@icann.org> wrote:
Yeah
Software NOT internet related at all
Those of us who don’t use that company’s products weren’t impacted at all
Though I am glad I wasn’t flying with Ryanair today!
Mr Michele Neylon
Blacknight Hosting & Domains
@mneylon
Sent from mobile so typos and brevity are normal
On 19 Jul 2024, at 20:18, Dr. Alejandro Pisanty Baruch via At-Large < at-large@icann.org> wrote:
*[EXTERNAL EMAIL]* Please use caution when opening attachments from unrecognised sources.
Amazingly it still takes some effort to know what is and what is not an Internet issue. Better read this brief, clear text from ISOC, by Olaf Kolkmann and Dan York:
https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates...
Alejandro Pisanty
<https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates...>
Global Tech Outage Demonstrates Need for Resiliency in Software Systems - Internet Society <https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates...>
www.internetsociety.org
Today's global outage of many systems was not an Internet outage, but it demonstrates the need for greater resilience in all our technical systems.
------------------------------
*De:* Sivasubramanian M via At-Large <at-large@icann.org> *Enviado:* viernes, 19 de julio de 2024 05:59 a. m. *Para:* at-large@atlarge-lists.icann.org; internetpolicy@elists.isoc.org *Asunto:* [At-Large] Fragility of the World's Internet Infrastructure?
"it is a very, very uncomfortable illustration of the fragility of the world's core Internet infrastructure" said Ciaran Martin, Professor of Oxford's Blavatnik School of Government and former head of UK national cyber security center...
_______________________________________________ At-Large mailing list -- at-large@icann.org To unsubscribe send an email to at-large-leave@icann.org
At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
_______________________________________________ At-Large mailing list -- at-large@icann.org To unsubscribe send an email to at-large-leave@icann.org
At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
_______________________________________________ At-Large mailing list -- at-large@icann.org To unsubscribe send an email to at-large-leave@icann.org
At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
An alternative to chest-thumping and slurs exists in the real world (TL:DR from the article: "it's easier said than done"): https://thenewstack.io/7-urgent-lessons-from-the-crowdstrike-disaster Alejandro Pisanty On Mon, Jul 22, 2024 at 10:56 AM Carlton Samuels via At-Large < at-large@icann.org> wrote:
Thank you Lutz! Any aware (can I say 'woke' here?) CIO would have asked those questions and facilitated the necessary conduct before the SHTF.
Carlton
============================== *Carlton A Samuels*
*Mobile: 876-818-1799Strategy, Process, Governance, Assessment & Turnaround* =============================
On Mon, 22 Jul 2024 at 05:49, Lutz Donnerhacke via At-Large < at-large@icann.org> wrote:
The Terms and Conditions §8.6 says: https://www.crowdstrike.com/terms-conditions/
… EXCEPT FOR THE EXPRESS WARRANTIES IN THIS SECTION 8, CROWDSTRIKE AND ITS AFFILIATES DISCLAIM ALL OTHER WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE. TO THE MAXIMUM EXTENT PERMITTED UNDER APPLICABLE LAW, CROWDSTRIKE AND ITS AFFILIATES AND SUPPLIERS SPECIFICALLY DISCLAIM ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT WITH RESPECT TO THE OFFERINGS AND CROWDSTRIKE TOOLS. THERE IS NO WARRANTY THAT THE OFFERINGS OR CROWDSTRIKE TOOLS WILL BE ERROR FREE, OR THAT THEY WILL OPERATE WITHOUT INTERRUPTION OR WILL FULFILL ANY OF CUSTOMER’S PARTICULAR PURPOSES OR NEEDS. THE OFFERINGS AND CROWDSTRIKE TOOLS ARE NOT FAULT-TOLERANT AND ARE NOT DESIGNED OR INTENDED FOR USE IN ANY HAZARDOUS ENVIRONMENT REQUIRING FAIL-SAFE PERFORMANCE OR OPERATION. NEITHER THE OFFERINGS NOR CROWDSTRIKE TOOLS ARE FOR USE IN THE OPERATION OF AIRCRAFT NAVIGATION, NUCLEAR FACILITIES, COMMUNICATION SYSTEMS, WEAPONS SYSTEMS, DIRECT OR INDIRECT LIFE-SUPPORT SYSTEMS, AIR TRAFFIC CONTROL, OR ANY APPLICATION OR INSTALLATION WHERE FAILURE COULD RESULT IN DEATH, SEVERE PHYSICAL INJURY, OR PROPERTY DAMAGE. …
Hence: No, they will not pay anything.
You can ask the purchase department, why they ordered this clearly inappropriate product.
You can ask the IT department, why they installed an update from an untrustworthy source without any staging environment directly into production.
You can ask the security department, why they insist on nice, graphical reports instead of functional setups.
*Von:* Roberto Gaetano via At-Large <at-large@icann.org> *Gesendet:* Freitag, 19. Juli 2024 22:43 *An:* Michele Neylon - Blacknight <michele@blacknight.com> *Cc:* At Large <at-large@atlarge-lists.icann.org>; InternetPolicy@elists.isoc.org *Betreff:* [At-Large] Re: Fragility of the World's Internet Infrastructure?
<off topic>
Any idea on who is going to pay for the damages?
Cheers,
R.
On 19.07.2024, at 22:16, Michele Neylon - Blacknight via At-Large < at-large@icann.org> wrote:
Yeah
Software NOT internet related at all
Those of us who don’t use that company’s products weren’t impacted at all
Though I am glad I wasn’t flying with Ryanair today!
Mr Michele Neylon
Blacknight Hosting & Domains
@mneylon
Sent from mobile so typos and brevity are normal
On 19 Jul 2024, at 20:18, Dr. Alejandro Pisanty Baruch via At-Large < at-large@icann.org> wrote:
*[EXTERNAL EMAIL]* Please use caution when opening attachments from unrecognised sources.
Amazingly it still takes some effort to know what is and what is not an Internet issue. Better read this brief, clear text from ISOC, by Olaf Kolkmann and Dan York:
https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates...
Alejandro Pisanty
<https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates...>
Global Tech Outage Demonstrates Need for Resiliency in Software Systems - Internet Society <https://www.internetsociety.org/blog/2024/07/global-tech-outage-demonstrates...>
www.internetsociety.org
Today's global outage of many systems was not an Internet outage, but it demonstrates the need for greater resilience in all our technical systems.
------------------------------
*De:* Sivasubramanian M via At-Large <at-large@icann.org> *Enviado:* viernes, 19 de julio de 2024 05:59 a. m. *Para:* at-large@atlarge-lists.icann.org; internetpolicy@elists.isoc.org *Asunto:* [At-Large] Fragility of the World's Internet Infrastructure?
"it is a very, very uncomfortable illustration of the fragility of the world's core Internet infrastructure" said Ciaran Martin, Professor of Oxford's Blavatnik School of Government and former head of UK national cyber security center...
_______________________________________________ At-Large mailing list -- at-large@icann.org To unsubscribe send an email to at-large-leave@icann.org
At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
_______________________________________________ At-Large mailing list -- at-large@icann.org To unsubscribe send an email to at-large-leave@icann.org
At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
_______________________________________________ At-Large mailing list -- at-large@icann.org To unsubscribe send an email to at-large-leave@icann.org
At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
_______________________________________________ At-Large mailing list -- at-large@icann.org To unsubscribe send an email to at-large-leave@icann.org
At-Large Official Site: http://atlarge.icann.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - Dr. Alejandro Pisanty Facultad de Química UNAM Av. Universidad 3000, 04510 Mexico DF Mexico +525541444475 Blog: http://pisanty.blogspot.com LinkedIn: http://www.linkedin.com/in/pisanty Unete al grupo UNAM en LinkedIn, http://www.linkedin.com/e/gis/22285/4A106C0C8614 Twitter: http://twitter.com/apisanty ---->> Unete a ISOC Mexico, http://www.isoc.org . . . . . . . . . . . . . . . .
On 7/22/24 3:47 AM, Lutz Donnerhacke via At-Large wrote:
The Terms and Conditions §8.6 says: https://www.crowdstrike.com/terms-conditions/
I've been writing a paper with the title "Anything Goes? – How Much Longer Can Internet and Software Products Evade Liability?" It covers, among other these, these kinds of "we ain't responsible for nuttin'" kinds of disclaimers. Sun used to have a warning on their workstations that they should not be used in conjunction with nuclear reactors (as does the Crowdstrike disclaimer you quoted) - yet they were routinely used in that way. The point of my paper is that just as the legal system eroded these kinds of disclaimers for consumer products, particularly those capable of producing human harm, such a change is long overdue for products controlled by software. Here in the US this kind of change has been very slow (beginning in the 1950s), partially at state levels and partially at the Federal level, As in many things it often requires a human catastrophe to trigger even a small change (and there is often intense resistance to those changes, just witness how here in the US makers of firearms have obtained a very unique statutory immunity.) --karl--
… EXCEPT FOR THE EXPRESS WARRANTIES IN THIS SECTION 8, CROWDSTRIKE AND ITS AFFILIATES DISCLAIM ALL OTHER WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE. TO THE MAXIMUM EXTENT PERMITTED UNDER APPLICABLE LAW, CROWDSTRIKE AND ITS AFFILIATES AND SUPPLIERS SPECIFICALLY DISCLAIM ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT WITH RESPECT TO THE OFFERINGS AND CROWDSTRIKE TOOLS. THERE IS NO WARRANTY THAT THE OFFERINGS OR CROWDSTRIKE TOOLS WILL BE ERROR FREE, OR THAT THEY WILL OPERATE WITHOUT INTERRUPTION OR WILL FULFILL ANY OF CUSTOMER’S PARTICULAR PURPOSES OR NEEDS. THE OFFERINGS AND CROWDSTRIKE TOOLS ARE NOT FAULT-TOLERANT AND ARE NOT DESIGNED OR INTENDED FOR USE IN ANY HAZARDOUS ENVIRONMENT REQUIRING FAIL-SAFE PERFORMANCE OR OPERATION. NEITHER THE OFFERINGS NOR CROWDSTRIKE TOOLS ARE FOR USE IN THE OPERATION OF AIRCRAFT NAVIGATION, NUCLEAR FACILITIES, COMMUNICATION SYSTEMS, WEAPONS SYSTEMS, DIRECT OR INDIRECT LIFE-SUPPORT SYSTEMS, AIR TRAFFIC CONTROL, OR ANY APPLICATION OR INSTALLATION WHERE FAILURE COULD RESULT IN DEATH, SEVERE PHYSICAL INJURY, OR PROPERTY DAMAGE. …
participants (9)
-
Alejandro Pisanty -
Carlton Samuels -
Dr. Alejandro Pisanty Baruch -
Karl Auerbach -
Lutz Donnerhacke -
Michele Neylon - Blacknight -
Nikesh B.SIMMANDREE -
Roberto Gaetano -
Sivasubramanian M