Not really Fintech but it could affect some services.
From this tweet, it looks like there’s something massive causing widespread Blu screen of death affecting several companies and individuals.
It is allegedly affecting everyone using Cloud strike.
I have seen Airlines, banks, media houses all hit including Sky news.
Crowdstrike security software. A badly-formatted update caused the main Crowdstrike Windows driver to crash causing a BSOD. Apparently shares in the company were down 20% at market open (now around -8%).
It’s had a small effect, hasn’t it?! 
and Ancestry being affectedAnd Microsoft’s answer? Turn it off and back on again… 15 times 
I read that George Kurtz was CTO at McAfee when they had a similar incident a few years ago.
Luckily Microsoft can afford the bill
Why would Microsoft be on the hook for anything?
Nevermind, for some reason I thought it was a subsidiary
No, another public company that makes really invasive antivirus software…that likes to install kernel-level drivers and not test them first. Microsoft can probably take some of the blame for not vetting drivers before they are pushed out, particularly to their Azure cloud service. Oh, and for having an operating system that is insecure by design.
They should just release a linux distribution, call it Windows 12 and have done with it. 
Mac OS and Linux users always say the same thing but if it situations were reversed (i.e. dominant market share) then you guarantee that holes would be found pronto.
Entirely possible, but at least with Linux people are able to scrutinise the code. It also runs most of the internet and nearly every supercomputer these days. Seems to be doing fine.
This happened with Linux a few months ago apparently but the wider world didn’t notice.
I trust MacOS, but only because recently some Israeli Defence Company tried making software to crack iOS 17.4 (or 5, can’t remember) and wasn’t able to break into the phone at all, even with direct access.
It was the same company too --Cloudstrike. It only hit Debian and Red Hat based distributions though.
What do you mean ‘crack’ and ‘break into the phone’?
How does this stress test on iOS inform your view on macOS?
iOS and macOS are very different beasts; one being a very locked down walled garden and the other being a desktop OS which the user can install any compatible third party software on and do funky things via a terminal.
The typical colloquial usage of the terms, why do you ask?
Shows Apple takes security seriously.
This is true, I am one of those who installs third party software and does funky things via terminal. I still trust it more than I would my Windows PC.
Well, because ‘crack’ and ‘break into phone’ sounds rather like jailbreaking, which is absolutely possible (although not supported). From context it seems like this might be something more like hacking in to a secured device, which is something else.
Not really a fair test though, when the competition don’t have a walled-garden phone OS (any more in the case of Microsoft) you could compare to. The Xbox Series X/S is pretty locked down but I wouldn’t advise taking cues on that device’s security and inferring from that Windows must be quite tough…
I would slightly agree - although to be totally honest the reality is that Windows is pretty battle hardened from being the dominant operating system for the entire history of the world-wide web. That’s not to say people don’t seek exploits on macOS, they do, but not in near the volume.
I’ve used Windows most of my life, but for a long while used Ubuntu at work and more recently totally switched to macOS - first for work, then for my personal lappy.
What drew me in to macOS was the efficiency of Apple Silicon - I can do a whole day in London, using my MBP on the train down for 2 hrs, 6 hrs or so in the office then still have enough battery to use it all the way home, it’s only just starting to need a charge now on my London days and I’ve used and abused it for 2 years now. So far as I know, that’s not something other similar devices can match.
I do appreciate how crap-free the experience is, everytime I look at Windows they’ve added some BS nobody wants to the interface - Cora, copilot, store etc etc. And whenever I boot my remaining Windows 10 desktop it both tries to sell me Microsoft 365 and also warn me they’re ditching support for it (despite the fact it’s perfectly capable of running Windows 11 other than some arbitrary processor restriction) so I need to buy a new PC… yeah, I think I’ll pass.
With Windows it is not hackers I’m worried about, it’s Microsoft. Recent versions of Windows are entirely driven by the collection of user data to sell to advertisers. They’ve even started putting ads in the Start menu again.
You might find this perspective interesting.
iOS is no longer the security safe haven it used to be. No matter what Apple tries to do. Regulations poke holes that are impossible to mitigate completely, though not from a lack of trying.
For their locked down nature, consoles (including the latest Xbox) are surprisingly easier to hack into. More so, I would say, than a hardened install of macOS. So toughness impressions do track with this analogy.
The reality with Windows though, is Microsoft’s hands are largely tied by the regulators who designed the OS for them. There are certain things they’ve been forced to do by the EU, which is what made an incident like this possible in the first place.
Where Microsoft and Apple differ here, is one has gone to pretty great lengths to try to keep the security impact minimal, and the other didn’t. What I don’t yet know is if that difference in approach to compliance is what makes the difference in facilitating an incident like this, or if it would have happened either way. I’m erring towards the latter though at the moment.
But that difference in approach tracks with the desktop operating systems too. macOS is inherently more secure than Windows by design, despite being unix based, and despite being more open than its iOS sibling. It is less prone (though not impervious) to the same sort of security issues windows is, and it’s not solely down to obscurity.
It’s a bit disingenuous to blame the EC when many security companies’ products have the same level of access as Crowdstrike’s products but manage to provide updates without causing such devastation. Only Crowdstrike are at fault here for not testing their updates properly.
I think it stems though, from the frustration that Microsoft has been taking a lot of the heat and blame from users and the media alike. It’s pretty damaging to them. But it’s the EC regulations which ultimately opened the door to crowdstrike being able to break devices in this way.
I don’t know if it’s that this never happens with others (it almost certainly does) or if we just notice it less because of their smaller market share when things go wrong. But the reality with those regulations is that it could happen with any of them. Software update blunders like this err closer to being an eventuality rather than outright preventable. They’re more common than people think with software like this integrating so deep into the system.
On the Mac side, for instance, Little Snitch (which is well loved in contrast to Crowdstrike) has had a few updates over the years which have caused similar problems. Taking machines offline, requiring local access to update permissions and get them remotely accessible again. Yet no one will have ever heard about it unless you were an impacted customer.
