Today's Outage Brought To You By a Lack of Competition
The CrowdStrike and Windows problem isn't big because of the technical details, it's big because of the market one.
Today's "oh crap" moment for cybersecurity and IT people around the world IS brought to you by a technical problem. Today they're scrambling to fix systems at a scale not seen since the bad old days of Microsoft updates routinely breaking their own OS, something Microsoft has generally learned from.
But for the general public who can't get on a flight or can't access their bank records, or generally can't get something they rely on in their daily lives, this issue is a competition problem.
Tech Companies Make Mistakes
If you came here looking to watch me dance on CrowdStrike or Microsoft's grave, you're going to be thoroughly disappointed. The reality is this, quality assurance testing is incredibly difficult to get right every time. The infinite variety of options in a product like CrowdStrike, combined with the variety of options in Windows itself creates an exponential number of combinations and permutations (covering all my probability bases here) that could be tested.
Cybersecurity companies are not immune from this rule. Earlier this year most of the market leading VPN and firewall appliance manufacturers were pantsed by having to patch fundamental directory traversal vulnerabilities in their code. Okta is famous for having lost plenty of customer data over the past few years. The list goes on and on, but hopefully this illustrates the point. These things will happen. You'd hope they wouldn't happen with this level of impact however.
CrowdStrike Market Share
Depending on who you trust to estimate these things, CrowdStrike has somewhere in the neighborhood of 25% of the market in the endpoint protection space. So approximately one in every four computers has CrowdStrike on it. Sure, back in the day you could assume that the world's AV coverage was 51% McAfee and 49% Norton/Symantec, so you could say there's some improvement. However by design today's EDR tools are able to impact more parts of the OS more deeply than ever dreamed of in the "old days." They're more powerful tools to fill a more vast need.
So if one in every four computers in the world is running CrowdStrike, we're probably really lucky that not all of those computers are also Windows boxes, right?
The Redmond Elephant In the Room
Microsoft Windows is the 800 pound gorilla of the desktop space. Where the server room has long seen a more healthy mix of Linux and Windows, the desktop is a near monopoly, with some estimates showing Windows owning fully 75% of that space. That's a ridiculous number: almost 3 in 4 workstation, laptops, and desktop computers run Windows worldwide. Runner up MacOS X is at a robust 15%.
Trouble by the Numbers
By my math that means that we go from 1 in 4 desktops potentially impacted to 1 in 5, only reducing down to about 20% of computers being potentially impacted today.
Now these numbers are all estimates, and frankly dubious ones at that. The CrowdStrike market share, for example, is by number of customers, not number of deployed agents. Given that CrowdStrike skews towards the enterprise in their marketing and sales, their actual endpoint counts probably show a higher percentage of market share than their customer counts. Also, how many embeded systems are running Windows desktop software compared to Windows server software? Is that entertainment "server" on your airplane running a Windows desktop system? How about that in the gate area showing you flight information? Windows is running in plenty of places you're not aware of. There are even several sites dedicated to BSODs in strange places. Let's not even think about the intersection of Windows + CrowdStrike + Healthcare at the moment.
So what are our options? Diversify. It's that simple. If you're an IT buyer, consider buying something other than Windows and CrowdStrike. If you're a home user, do the same in your life. There's an argument to be made as well for contacting your elected officials about the issues this sort of monopoly and market dominance causes.