The Blue Screen Butterfly Effect: How CrowdStrike’s Outage Could Have Been Avoided… 15 years ago

July 23, 2024

The July 2024 CrowdStrike outage underscores an inconvenient truth: Well-intentioned regulations designed to protect competition can sometimes backfire, especially when they don’t keep up with societal norms. This incident is particularly relevant as governments worldwide contemplate AI regulations. Here’s what happened and what we can learn from it:

Digital Transformation has to make way for Continuous Transformation in the Age of AI, inclusive of government regulations.

The OS Kernel: Poking Around the Brain Stem of Modern Operating Systems

The OS kernel, the most fundamental part of any operating system (OS), acts as its brain stem. Anomalies here can cause the system to crash (blue screen) to safeguard data integrity. This true of all modern OSes including Windows, MacOS, and Linux. CrowdStrike is an independent software vendor who has a low-level driver with direct access to the kernel. The errant code caused the kernel to shut down (panic) to preserve data integrity, causing the blue screen we all know. But why do they have access to the kernel in the first place?

In 2009, Microsoft attempted to restrict software vendors’ access to the OS kernel due to security concerns. However, cybersecurity vendors (formerly antivirus providers) protested, leading to intervention from EU legislators and inquiry from others. Consequently, Microsoft agreed with the EU to keep the kernel accessible to software vendors.

So, software vendors such as CrowdStrike are able to attach their code to the OS’s kernel – which is also an attack vector for viruses and malware such as Stuxnet, Rustock, and ZeroAccess.

The Legacy of the DOJ and EU Windows Compete Agreements

To understand Microsoft’s 2009 concession, we need to revisit November 2001, when Microsoft and the US Department of Justice (DOJ) reached a historic settlement to avoid breaking up the company. This agreement included restrictions on Microsoft’s OS to maintain competition. The DOJ Consent Decree Compliance Committee was established, granting technical advisors access to Windows source code and regular check-ins/depositions.

During this period, I was tasked as a liason to the DOJ Compliance Committee, deposed alongside the new Windows Chief (CVP) to present Windows futures. I personally observed the integrity of those involved, including then Chief Counsel now Microsoft Co-Chairman and President Brad Smith, who worked with me personally. It was an enlightening, albeit stressful time for all. Misunderstanding and/or misperception was a top concern.

The Aftermath and Unintended Consequences

The DOJ consent decree was extended to 2009, coinciding with the EU’s complaints about continuing to allow access to the Windows OS kernel. At that time, only about 25% of the global population had Internet access, and the focus was on local PC antivirus providers, not the globally connected cybersecurity systems we rely on today. In a recent Wall Street Journal article, Microsoft cited the 2009 EU agreement as the reason software vendors still had access to the kernel. Yet this is not just a Microsoft issue. Just four years ago, Apple removed kernel access from MacOS, citing security concerns. Despite protests from its software vendors, with MacOS having only a ~10% market share, different rules applied.

Just four years ago, Apple removed kernel access from MacOS, citing security concerns. Despite protests from its software vendors, with MacOS having only a ~10% market share, different rules applied.

The Butterfly Effect of Outdated Tech Policies

We are witnessing The Butterfly Effect of a policy decision made 15 years ago, which has not been revisited, now resulting in global disruption. AI technology is experiencing exponential growth, compressing what would traditionally be a decade of advancements into just one year. This rapid progression is driven by significant improvements in computational power, algorithms, and data availability. Microsoft itself recently noted that in the not-too-distant future, quantum computing will compress the next 250 years of advancement into the next 25. We have to stop playing legislative catch-up.

Quantum computing will compress the next 250 years of advancement into the next 25. We have to stop playing legislative catch-up.

As these events show, among the remediations should be an emphasis on having tech-literate legislators whose role is to revisit these outdated decisions. Digital Transformation has to make way for Continuous Transformation in the Age of AI.

(These are my personal views and may not reflect those of my employers, current or former.)