AI: CrowdStrike/Microsoft 'mini-y2k' not just about Technology. RTZ #431
...competition, regulations past, present and future, also drive ecosystem frailty vs resiliency
The Bigger Picture, Sunday, July 28, 2024
Quite the impact, from airline flights to countless other companies across industries. The ripples from last week’s ‘mini-y2k’ event of software security company CrowdStrike taking down 1% of over 850 million Microsoft Windows PCs worldwide are dying down. CrowdStrike has issued fixes, and IT managers everywhere have been to painstakingly apply them to tens of millions of Windows machines to fix things, and get critical systems up and running.
But as has been famously said by so many, “Never let a good crisis go to waste”.
So we are at that stage next of this story, where companies and regulators are making moves not to let this crisis to go waste. And it has implications for the AI Tech Wave just getting started. That’s the AI Bigger Picture for this Sunday.
This is a good subject for a follow-on to last Sunday’s Bigger Picture’. It’s a good case study on why technology ‘failures’ that impact mainstream users worldwide are as much a matter of business competition and politics, as about technology. The inter-connected dynamics of all three, competition, politics, and technology, often drive the perceived ‘frailty’ of technology ecosystems that are otherwise far more resilient than it seems. Let me unpack.
To remind folks as I highlighted yesterday in my AI Weekly Summary:
“CrowdStrike & Microsoft’s ‘mini-y2k’: The unexpected blow to the world’s IT infrastructure across industries by CrowdStrike’s errant software update via Microsoft’s PCs, continued to ripple through the week, with a majority of the outages being addressed by the week’s end.”
“It all of course results in a deeper look at what went wrong, why it happened, and what can be done to prevent these types of events going forward. The event triggered responses by regulators, as well as a look at the unintended consequences of past regulation.”
“Specifically in case of the EU, that allowed direct ‘kernel’ access into Microsoft Windows devices to third party developers in 2019. Apple and Linux machines were not affected since they don’t allow kernel access to third parties in a similar fashion. Microsoft emphasized that the event only impacted about 1% of the 850 million Windows PCs worldwide. CrowdStrike’s security software comprises about 15% of the world’s software security market.”
On the business competition front, Microsoft got to work, to make sure this ‘crisis did not go to waste’. It’s now also a big provider of global software security, in competition with companies like CrowdStrike, Palo Alto Networks and others. And while CrowdStrike has 15% of the global software security market, this crisis is of course an opportunity for its competitors, even if they are platform providers to these services as well.
As the Verge explains in “Microsoft calls for Windows changes and reslience after CrowdStrike outage”:
“Microsoft is still helping CrowdStrike clean up the mess that kicked off a week ago when 8.5 million PCs went offline due to a buggy CrowdStrike update. Now, the software giant is calling for changes to Windows and has dropped some subtle hints that it’s prioritizing making Windows more resilient and is willing to prevent security vendors like CrowdStrike from accessing the Windows kernel.”
“While CrowdStrike has blamed a bug in its testing software for its botched update, its software runs at the kernel level — the core part of an operating system that has unrestricted access to system memory and hardware. This means that if something goes wrong with CrowdStrike’s app, it can take down Windows machines with a Blue Screen of Death.”
“CrowdStrike’s Falcon software uses a special driver that allows it to run at a lower level than most apps so it can detect threats across a Windows system. Microsoft tried to restrict third parties from accessing the kernel in Windows Vista in 2006 but was met with pushback from cybersecurity vendors and EU regulators. However, Apple was able to lock down its macOS operating system in 2020 so that developers could no longer get access to the kernel.”
“Now, it looks like Microsoft wants to reopen the conversations around restricting kernel-level access inside Windows.”
Other CrowdStrike peers like CloudFlare that benefit from kernel access to Microsoft systems also spoke up:
“These hints might kick off a conversation about Windows kernel access, even if Microsoft claims it can’t wall off its operating system in the same way that Apple does due to regulators. Cloudflare CEO Matthew Prince has already warned about the effects of Microsoft locking down Windows further, so Microsoft will need to carefully consider the needs of security vendors if it wants to pursue real change.”
Regulators like the FTC head Lina Khan, also couldn’t resist the opportunity not to let a ‘good crisis go to waste’, outlining in a X/Twitter thread argument:
“1. All too often these days, a single glitch results in a system-wide outage, affecting industries from healthcare and airlines to banks and auto-dealers. Millions of people and businesses pay the price. These incidents reveal how concentration can create fragile systems.”
“2. Concentrating production can concentrate risk, so that a single natural disaster or disruption has cascading effects. This fragility has contributed to shortages in areas ranging from IV bags to infant formula.”
“3. Another area where we may lack resiliency is cloud computing. In response to the FTC’s inquiry, market participants shared concerns about widespread reliance on a handful of cloud providers, noting that consolidation can create single points of failure.”
“4. And we're continuing to collect public comment on serial acquisitions and roll-up strategies across the economy. If you've encountered an area where a series of deals has consolidated a market, we welcome your input.”
That thread prompted me to respond with the following on X/Twitter:
“Respectfully disagree with Lina Khan of the FTC on this Thread. The CrowdStrike event was NOT due to industry concentration. <1% of Microsoft’s 850 million PCs globally were impacted. $CRWD < 15% of software security market.
‘Regulatory Capture’ drives more weaknesses in IT resilience than industry concentration. I’ve already commented extensively about how this AI Tech Wave is facing unusually early headwinds due to regulatory fears on AI, and other market dynamics between open vs closed sourced LLM AI systems, amongst other issues.”
CrowdStrike itself of course is likely more than capable countering to these repercussions, given its notable origins and history under founder/CEO George Kurtz.
Again, as I outlined in last Sunday’s 'AI Bigger Picture’, the AI Tech Wave adds a very different and complex layer atop the global software/IT ecosystem over the next decade and beyond.
It’ll all bring its own vulnerabilities and potential issues like the CrowdStrike events. But we also need to be mindful of the unintended consequences of plain business competition, and regulatory initiatives, to be additional potent ingredients to the mix of tech ecosystem resiliency. That’s the AI Bigger Picture I wanted to outline this Sunday. Stay tuned.
(NOTE: The discussions here are for information purposes only, and not meant as investment advice at any time. Thanks for joining us here)