Comment on CrowdStrike Isn't the Real Problem
timewarp@lemmy.world 3 months agoI’d issue IPMI or remote management commands to reboot the machines. Then I’d boot into either a Linux recovery environment (yes, Linux can unlock BitLocker-encrypted drives) or a WinPE (or Windows RE) and unlock the drives, preferably already loaded on the drives, but could have them PXE boot - just giving ideas here, but ideal DR scenario would have an environment ready to load & PXE would cause delays.
I’d either push a command or script that would then remove the update file that caused the issue & then reboots. Having planned for a scenario like this already, total time to fix would be less than 2 hours.
riskable@programming.dev 3 months ago
At my company I use a virtual desktop and it was restored from a nightly snapshot a few hours before I logged in that day (and presumably, they also applied a post-restore temp fix). This action was performed on all the virtual desktops at the entire company and took approximately 30 minutes (though, probably like 4 hours to get the approval to run that command, LOL).
It all took place before I even logged in that day. I was actually kind of impressed… We don’t usually act that fast.
timewarp@lemmy.world 3 months ago
Somebody give those workers that had their shit together a raise, for real.