Tech Talk

53 Replies to “Tech Talk”

1. I worked in C++ for more than 15 years, and even gave in-company courses in overcoming its deficiencies. It was a huge relief when I moved to Java. So many issues magically disappeared (although Java introduced a few problems of its own).

2. If simple incompetence by C++ programmers can have such a devastating impact on society imagine what actual sabotage could do.

3. I don’t speak Geek. Will someone please put this in plain English.

   1. The programmer tried to read from a memory location with nothing in it – empty space. Expecting a value (my assumption), the program went to do the next task based upon the value of null (nothingness) and couldn’t do anything because it had nothing to work with. There was also no recovery for a non-existent value – no error path to work around the absence of data so the program crashed…repeatedly as the program did what it was assigned to do.

      This is a programming 101 type error. You have to be a NOOB or extremely careless to make that mistake, OR a hacker trying to kill a system.

      1. “read from a memory location with nothing in it”
         Like Joe Pooh.

      2. I think the guy was explaining that the pointer was null. Pointing to memory location zero rather than the contents of memory at the pointer location being zero which should not cause such a catastrophic crash.

         No matter. Here I am in Seattle trying to get to Toronto and having to fly Portland to Vancouver first because of this mess

         And the overhead monitor at my gate reads “command prompt” which sounds like a dos command to me

      3. Why wouldn’t this be picked up in QC? Surely they run the code first before they send it out to the masses?

         1. A company the size of CrowdStrike, Yes should have mandatory QA etc. But Austin TX where they’re hqed is strongly liberal/dem + the company is big friend of DNC. I checked out of curiosity how much they dropped in value at stock market: 12%. And Microsoft who should have been the auditors of this push, had no change. This makes no sense, CrowdStrike should have dropped significantly. You’re not a serious company if you have Mickey Mouse practices of pushing updates to prod.

         2. Lots of QC work has been automated and really only checks that things compile and that functions give expected outputs when given known inputs (works as designed when used as designed). Yet another way IT is chronically under resourced.

      4. Thanks for that.

         “…have to be a NOOB or extremely careless to make that mistake, OR a hacker trying to kill a system.”

         I was wondering about that.

         1. Most corporations export their IT work to India where they pay cents on the dollar for their “skills”.
            Think major banks, Telcos, etc. No surprise to see this crap happen eventually.

   2. Jamie
      A trial run for “election” interference 2024!

      1. EXACTLY. The election machinery in Arizona broke down and people had to vote in Arizona using provisional ballots.

         https://ballotpedia.org/Arizona_state_executive_official_elections,_2024

      2. Yup. Microsoft, Huawei … no difference. Enemies of freedom.

   3. Correct me if I’m wrong, but isn’t Crowdstrike in the protection business?
      If so, my guess is that it was Crowdstrike’s way of saying to their customers:
      “Hey, that’s a nice little business you got going there. It sure would be a shame if something happened to it…”

      1. Yes, but who are they protecting?

4. He says this might be an excuse to switch from C++ to Rust, which is a much more modern programming language.
   For people looking for a conspiracy, the replacement language for C++, Rust, is compromised by a cabal of woke tards that are doing strange things.
   It’s possible this could be a plot to move mission-critical code to Rust. It’s the only other language Linux is allowing, other than C. But who knows.

   1. Linux is starting to allow Zig now though not in the core code.

5. Got a cash stash?
   Banking crash next?

6. Got paid, paid bills, surfed, shopped, all online. Never noticed anything.

7. Will somebody please unroll this thread???

8. Oh, And for those of you (are you listening Allan S?) who keep insisting that there was no election fraud in 2020, then consider this…
   https://x.com/BehizyTweets/status/1814368602201395679

9. This wasn’t an accident. It was a demonstration of what someone will do if the election does not go their way.

   1. OR: This is a demonstration that the “election” will go their way. Nobody will believe them and this is taste of how to bring everyone in line.

10. As a 40 year programmer who has crashed computers many times by not initializing a pointer I always wondered why the compiler couldn’t check for a null pointer and issue a gentle “hey idiot. Pointer not initialized in aisle five”.

    Or have an actual memory location called zero where an error message terminates your program with “if you’re here your program has a bug”.

    1. Back in the days when I did C programming, we used a “code inspector tool” which had to clear the code (incl checking for null pointers) before the module being allowed to be deployed to the test environment.
       So if this major crash is actually due to not checking for this problem, then the coding team is basically criminally negligent!

       1. OK, kind of had a similar bug in a real time emergency shutdown system (the operating system code),
          This was a triple redundant 2 out of 3 voting system used for ultra high reliability/critical functions like say monitoring a nuclear reactor. The OS was programed in microassembler. It had to execute ultra-fast with the entire application code taking on the order of 100 ms or so to execute.

          Well, someone for got to code a RTN on on of the subroutines. Almost always, this did not make a difference because the next routine that needed to execute was the one immediately following so when the execution just dropped through it was not a problem. Every year to 18 months or so, the unique situation would arise where the program needed to branch but it did not. Uninitialized pointers all over the place. The machine would go tits up and cause a general shutdown just as if someone had hit the emergency shutdown button.

          Long story short, really obvious dumb errors can make it through even a very thorough QA/QC and into production code.

          1. Most people probably think that pointers point to data arrays or lists or variables etc. But they also point to code – executable routines. Nothing worse than accidentally pointing to a section of code entitled “launch the missiles”.

11. Better Dwelling says that the talk about “affordable housing” is just so much blather:
    https://betterdwelling.com/canadas-cmhc-internal-messages-show-housing-supply-narrative-is-bs/

    Internal CHMC memos say higher housing prices are the omly route to more houses being built. The federal Liberals are promising “more affordable” homes.

12. The timing of this ongoing crash is a bit suspect, as it came almost immediately after an attempted assassination on the front runner in the US Presidential Election.

    Can you imagine all the lies they could spout about an investigation into the assassination but this or that evidence was lost due to a worldwide computer (Microsoft) crash.

    But there I go again, one of those crazy conspiracy theories…

    1. I got one for you, SM…
       What’s to stop these demons from invoking yet another emergency, which they will then use as an excused to cancel the upcoming U.S. election in November?

       Not exactly beyond the realm of possibility now, isn’t it?

13. Can’t wait for CBDC. Should go very smoothly.

    “You will eat the software bugs and you will be happy.”

14. Microsoft says CrowdStrike outage could be fixed by turning off Windows PCs 15 times in a row (yes, really)
    https://www.gbnews.com/tech/crowdstrike-outage-fix-15-times-turn-off-pc

    1. That article is as brilliant an example of Gell-Mann amnesia I’ve ever seen. Nearly every single thing it says about the CrowdStrike incident is factually incorrect.

15. Learn to code? Too soon?

    1. Maybe it was a recent federal government coding trainee that made the oopsie. You know, the ones that are paid 60% of the regular rate. But then, why pay someone that much when they can sit at a terminal in Mumbai for a few rupees?

       1. The CEO of the AGR (the glass factory from which Trump’s murder was attempted) appears to hail from Mumbai … The business will be led by AGR’s President, Sudha Jebadurai.

          And no … this woman has not spoken a single word in public about HER campus being used to murder Trump. Can she even speak English? Does she even live in the US?

       2. DEI, Microsoft!

16. Trump mentioned “Crowdstrike” during his perfect call with Zelensky back in 2019. Sure it’s just a coincidence.

    1. The best gender studies hires you can get selecting who can code and who can QC.

17. Back in the 70s, I fell in love with the Algol language, and when its derivative Pascal came along in a form that could compile one-pass very quickly on an 8-bit microprocessor, it was just heaven. Pascal is a strong type checking language and if you stay within a subset of the language and not override its built in safety features, it is extremely reliable. I always thought that C++ was an attempt to make C into a more readable and safer version of C, a sort of C-like Object Pascal. But try as they might, C++ had to keep the whole C pointer paradigm, which had a habit of killing operating systems, not just applications. I’m surprised that people haven’t put these C++ programs into cages or virtual machines where they would not do so much damage. Sadly, Pascal has withered quite a bit, but it survives as Delphi and Lazarus.

    1. I’m a Delphi 12 programmer. You are probably referring to Turbo Pascal 1.0 which I started with. A friend of mine in Computer Science recommended Pascal for its readability. “You can write code one year” he would say “and understand it a year later”. But with C (or C++) it’s like adding accents to the English language. Even though two programmers are writing in C++ neither can read the others code – and they like it like that.

       The original Pascal did not have pointers as I remember. But you can create Objects in Delphi 12 and they are automatically initialized by the compiler at run-time. Otherwise they generate a fatal error when you point to the object and it doesn’t exist in memory. In some cases your pointer can be set (accidentally) into the Windows operating system where it begins to overwrite and that is where the blue screen of death appears.

       Half of the computers at the airport had to be reset manually. And the servers and the printers. I’m still stuck in Oregon trying to get back to Toronto. I hear Boeing hires the same programmers.

       1. I started with UCSD Pascal on an Apple ][, which used p-code and an interpreter to go from p-code to 6502 machine code. This pre-dated Borland Turbo. Very fast (one pass compiler) and it was much more usable than contemporaneous C compilers (3 passes then crash). For some low level stuff, such as talking to our lab equipment, I had to use some 6502 assembler code. The amazing thing is that this all ran in 64K of memory. If you ever want to see what 6502 assembler code looks like, just watch the original Terminator movie. The code as seen through the eyes of “Ahnold” is 6502, which means he was really powered by an Apple ][.

          Later, I put a Z80 CPM card into the Apple and could run Turbo Pascal in CPM. Both UCSD Pascal and Turbo Pascal allowed for pointers, which could be used to access both data types as well as code (i.e., functions). For most purposes, however, pointers were not required, which distinguished the language from C, where you couldn’t do anything without pointers. Pointers mostly were used when memory restrictions required you to do run time allocation of memory for variables.

          Later, we were able to run our mass spectrometer with a 186 PC (yes, there was a 186), with very little change in the code. One thing I like about Free Pascal and Lazarus is that I can take the same code, including events and GUI, and run it in either Linux or Windows. Will work on Macs, I’m told, but to get anything non Apple to install on a Mac tends to mean that you have to use some sort of secret handshake and make special incantations.

18. How is it possible that in 2024 anybody is still using C++? Of all the crappy languages invented this one is/was indubitably the worst. Bad kitty – no biscuit!

    When I was a young programmer many decades ago ( even before the advent of C++, or even C) we had this notion of testing software changes, and new apps, to make sure they worked before installing in the production environment. Glad to see the geniuses of today have moved on from that retrograde type of thinking.

    1. csagent.dll in System sounds like stuff that could easily have at least some C++ in it – as legacy of the operating system practices.

       I think the null is not quite big an issue. The fact it takes 15 boots to failsafe, is.

       Failing ‘System’ means their QC is not covering the whole installation – not ‘eating their own dogfood’ – which is the deeper problem. There must be a systemic HR problem in the mid-high management interface.

       Could honestly be HR doing DEI instead of listening to competence worries. But that is speculation without whistleblower reports.

       1. I’m an Azure Architect. Rebooting a physical Windows machine will do nothing to fix the CrowdStrike bug, one time, fifteen times, a hundred times. Windows has no way of recovering from that on its own.

          Azure VMs running Windows can be fixed by repeated reboots because doing so will trigger Azure VM’s built-in automated self-repair functionality, which will roll the VM back to a previous known-good snapshot.

          There are a lot of people commenting on the CrowdStrike incident, and 99% of them have no idea what they’re talking about.

          1. good to know the azure back-pedalling

    2. Okay, what other languages would you use?

       Typical programmer – no idea how their code gets built or deployed.

       Up until approximately five minutes ago, there were no alternatives for system or performant application programming. Zig isn’t even a 1.0 yet and I own socks older than Rust. Even if you think those languages are all tickety-boo, there’s the fact that eight years is nowhere enough time for their compilers to be battle-tested, and currently their compilers support a limited set of hardware (one reason Linux can’t adopt Rust too quickly is there’s no way to compile it for a specific line of high-performance HP servers that make up a small-by-number-but-huge-by-cost target market). Rust can’t compile on Windows without the MSVC libs, so there’s a whole ‘nother set of potential integration bugs.

       Languages like Rust and Zig have been a long time coming, but there’s a reason it’s been such a long time, and it’ll be an even longer time before code that has been proven to work for over thirty years gets rewritten. Go into BMO some time and peek around the edge of of those fancy OLED monitors on sticks the managers all have. The only thing they’re running is a greenscreen terminal to the 30-year-old mainframe in the basement.

19. Michael Rae Khoury
    @Vltra_MK
    “Timothy Geithner is power of Attorney for CrowdStrike – he was Treasury Secretary under Obama and served as President of the Federal Reserve Bank of New York.”

    https://x.com/vltra_mk/status/1814429561544728726?s=46&t=z7S-uN3flOn-qrtEr-qf1g

20. Much as it’s tempting to believe that there was some nefarious purpose behind all this, that’s a coping mechanism to stave off the realization that the software industry really is this f*cked.

    I’ve been a software engineer specializing in build/release management and DevOps for over 25 years. I’ve worked at FinTechs and MedTechs[1] (the most highly regulated sectors) and I can assure you that catastrophically buggy code making it into production is the default state. It takes absolutely heroic effort from junior coder all the way to the C-suite to get the most basic best practices in code QA and deployment implemented in any organization. The industry is pathologically averse to it.

    I’ve also been responsible for deploying CrowdStrike Falcon – the product that caused the outage – and my impression of it at the time was “half-assed”. It very much felt like a product that was designed not from security outwards, but so that customers could tick off boxes on a feature list to make auditors happy. That’s one of the reasons CrowdStrike became so popular in the first place.

    [1] I have watched government auditors in both sectors get outright bribed by companies to pass them on the mandatory audits.

21. Things actually worked before computers. Believe it or not.

    1. Hell, even I worked in those days.

22. Here’s a little more detail about the crash. Seems it was a pointer within a lookup table was not properly initialized, or something.
    https://www.theverge.com/2024/7/20/24202527/crowdstrike-microsoft-windows-bsod-outage