Back

@shanselman Yeah, this is more like, "did y'all even fucking test this thing on an actual workstation? Like, sure, it passed whatever unit tests, but why didn't y'all just install it on a test machine/vm and make sure it didn't crash windows somehow?"

@shanselman And the telemetry, don't forget the telemetry. This wouldn't have happened (well it would have, but on a far smaller scale) if a random subset of machines would randomly connect to their servers and acknowledge how many restarts they had in the last n minutes. They should have had a system in place to pause rollouts if too few machines were connecting or too many of them reported crashes, both would have helped here.

@shanselman But, it's so much easier to say, "it's magic," than understand the complexity of zero-trust and everyone's role in such an environment.

@shanselman Project 2025 has started early it seems.

@shanselman as a disabled dev who made a point not to be a diversity hire (my experience has always been that disclosing my disability isn’t advantageous), I was going to write up a whole thing.

Ultimately, I don’t think I have much to add, besides wondering how much attention we should pay to the birdsite, given its continued decay, and reinforcing that good processes help experience and inexperienced people alike, and only impossibly good people can consistently push through bad processes.

@shanselman these are all fundamentally economic, which is to say “resource allocation” and “risk allocation” problems. they’re the human flavour of undecideable, because of difficulties we have working with risks and apportioning costs. most successful companies are successful on the basis of externalizing costs (risks) outside their customers’ businesses, and the “best” ones keep those costs outside their own balance sheet too

@shanselman honestly diverse hiring is more likely to solve these kinds of problems as it means you have more people with different experiences and viewpoints that might see things differently and point out issues that others have missed

As long as management hasn't beat it into them that they aren’t allowed to speak up that is

@shanselman

I saw an unsubstantiated claim this morning that the "channel file" to delete was full of NULs. If true, then the failure cannot even be down to a bad line of code, as it would also involve whatever tool generated the bad data file going very wrong.

However:

I am inclined to disbelieve this claim, as (for starters) this would result in a file without a valid PE header and a "channel file" is notionally an NT driver file as far as I can tell.

@shanselman Was thinking about this exactly. When a problem like this surfaces, it's not just a single failure that occurred but rather the culmination of several failures that coincided.

@shanselman The buck stops with the CEO, right? Given his history of incompetence I’m happy to hold him responsible. Rich white dudes who continue to fail upward is the DEI we have.

@shanselman But this time, *which* "one line of code" is it?

(a) the one that got changed in the data file this week

(b) the top level "try ... catch" in the application code which did not get changed this week because it has never existed

?

@shanselman Inclusion makes for better teams - the company I work for (in the "day job") is better for bringing in and supporting great people. Better commercially, but also makes it a better place to work.

@shanselman
I learnt about the same thing happened with the #white #crowdstrike ceo in 2010 in a different company.
Was that #DEI too?

@shanselman and I'm also wondering and concerned why in CRITIS organizations such updates are deployed untested. If they tested the update at least on one system before rolling out nothing happened.

@shanselman Firing the QA team (in Q4 2023, allegedly) might have something to do with #CrowdStrike issues today...