Hacker News new | past | comments | ask | show | jobs | submit login

There's nothing different than what Delta did and what most F500 corporations did, other that many companies don't use Crowdstrike.

After that it's all the same stack with the same liabilities on it. All the while hoping your security office and vendors don't fuck up.

E.g. Will that security software mark the latest update of MS SqlServer as malware and quarantine it? What happens to your enterprise DB if that happens?




That's not true - other airlines were hit and Delta was hit far worse. There was a comment on HN discussing how Delta has the least disaster recovery planning of any of the airlines, and as a result they were wholly unprepared to respond.


What's not true? That airlines suck when shit hits the fan? That F500 security stacks on windows are largely the same?

Try flying United into or out of Chicago when a snow storm hits, and tell me that United does more to prepare than any Delta.


You are considering the wrong type of disaster recovery. Disaster recovery in this case means IT DR - failing over to other systems, data centers, etc.

The other airlines that were impacted by Crowdstrike were able to come back online much more quickly than Delta was. That is a fact.

Scheduling recovery is dependent on those systems, but an entirely different process. I have worked on those recovery systems before.


Right, so do you, or do you not, run the same security stack on your DR systems? If you do you're f'ed. If you don't you might also be f'ed particularly if you're in the middle of an attack.

DR isn't in and of itself the solution. Would it have better to run linux? Well no, since crowdstrike did the same thing there.


And DR includes the literal recovery portion. American had IT ready to deploy and quickly fix the problem at the actual terminals, Delta didn’t.

We have baselines for airlines doing this better, why are you defending Delta so aggressively? They didn’t invest in the people, tools, or tech to recover from a severe outage and the CEO clearly wants to pass the blame.

If this had only happened to them due to some vendor they relied on, the argument makes sense, but it didn’t, it happened to multiple airlines of similar scale.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: