The day after the Republican National Convention, a massive cyber failure wrought havoc on the world.
Microsoft and CrowdStrike were at the center of it all and refuted the idea that it was a deliberate act.
And a Google whistleblower is pulling back the curtain on what really happened with last week’s major cyber crisis.
One of the largest cyber crises of all time
On Friday, July 19, Americans woke up to the news that a massive cyber crisis was unfolding around the world.
Countless Americans then went to work to find Microsoft’s blue screen of death on their computers.
The massive failure by CrowdStrike, a cybersecurity company whose programs are run on Microsoft’s Windows operating system, resulted in payment machines going offline, flights being canceled, and countless web services being interrupted.
IT departments around the world scrambled to restore services to their employees and customers, but it will take weeks for everything to get back to normal.
Experts estimate that it will cost billions of dollars to remediate the situation.
Microsoft and CrowdStrike issued statements on Friday afternoon in which they claimed that a software update caused the mayhem.
Former Google coder turned whistleblower Zach Vorhies is breaking it all down on his X feed.
Bad data led to countless programs getting “KILLED” by Windows
Vorhies “decoded” the evidence leading up to the event and said that part of the computer code pointed to nothing, which caused Windows to shut down.
“Memory in your computer is laid out as one giant array of numbers. . .” and these numbers contain directions for the computer to follow.
The problem here was that the software pointed to a “memory address” that was “null.”
“This is an invalid region for any program. Any program that tries to read from this region WILL IMMEDIATELY GET KILLED BY WINDOWS,” he continued.
Crowdstrike Analysis:
It was a NULL pointer from the memory unsafe C++ language.
Since I am a professional C++ programmer, let me decode this stack trace dump for you. pic.twitter.com/uUkXB2A8rm
— Zach Vorhies / Google Whistleblower (@Perpetualmaniac) July 19, 2024
That resulted in what Vorhies calls a “stack dump,” and it could have been prevented.
“Programmers in C++ are supposed to check for this when they pass objects around by ‘checking full null,’” he said.
The tech expert said that this was all a “programming error,” and that someone basically forgot to check behind their work.
Now, he’s giving a startling update that shows this could have been intentional.
Detonator for “ticking time bomb” was “PRE-INSTALLED”
Vorhies released another thread just a few days after his initial breakdown.
The programmer says that the latest technical report from CrowdStrike confirmed his initial analysis.
But something else became glaringly obvious.
“This global crash was a two-part bomb. The detonator apparently, was NOT new…it was PRE-INSTALLED,” he said.
Update:
Crowdstrike came out and released a technical report confirming my analysis. They were reading in a bad data file and attempting to access invalid memory.
This global crash was a two-part bomb. The detonator apparently, was NOT new.. it was PRE-INSTALLED.
— Zach Vorhies / Google Whistleblower (@Perpetualmaniac) July 22, 2024
Vorhies slammed “initial suspicions” that the company had pushed out a “faulty driver” with their update.
“The faulty driver ALREADY existed on Mac, Linux, AND Windows, likely for mothers or years,” he explained.
Vorhies described the mistake as “a ticking time bomb.”
“This bug was a two-part series. All it needed was the bad data in order to detonate it. The recent update delivered that payload,” he said.
Vorhies continued to explain that because “deploying new data files to computers is generally thought to be safe,” which allowed for the update to be pushed out faster.
The tech expert calls the circumstances “really bizarre,” and wants to know why these major tech companies hadn’t discovered and removed this bug much sooner.
