this post was submitted on 21 Jul 2024
191 points (76.5% liked)
Technology
59414 readers
3162 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Imaging environment down? If a sysadmin can't figure out how to boot a machine into recovery to remove the bad update file then they have bigger problems. The fix in this instance wasn't even re-imaging machines. It was merely removing a file. Ideal DR scenario would have a recovery image already on the system that can be booted into remotely, so there is minimal strain on the network. Furthermore, we don't live in dial-up age anymore.
Imaging environment would be bitlocker’d with its key stuck in AD which is also bitlocker’d.
Only if you're not practicing 3-2-1 with your backups.
Backup environment is also bitlocker’d.
Then you didn't 3-2-1, because you should be able to restore from your alternate format, e.g. tape, without your existing infrastructure. Ideally your second and offsite copies are also offline, so even if you ignored the separate media rule, it wouldn't have been affected by the crowdstrike update.
Ultimately, nobody should have to tell you not to lock your keys in the car.