CrowdStrike pushed a faulty update to its cybersecurity software in mid-July. Because CrowdStrike’s software runs at the kernel level in Windows—the most low-level part of the operating system—the update had devastating consequences, crippling millions of Windows PCs around the world. The airline industry was hit hard, with Delta being one of the ones impacted the worst.

Delta CEO Ed Bastian said the company may take legal action against CrowdStrike in response.

“We have no choice,” Bastian said in an interview. “Over five days, between lost revenue and the tens of millions of dollars per day in compensation and hotels, we did everything we could to take care of our customers. We have to protect our shareholders, our customers, and our employees from the damage.”

According to The Wall Street Journal, CrowdStrike is accusing Delta of creating a “misleading narrative,” and points to the airline’s response to the outage as the true culprit.

“Should Delta pursue this path, Delta will have to explain to the public, its shareholders, and ultimately a jury why CrowdStrike took responsibility for its actions—swiftly, transparently, and constructively—while Delta did not,” wrote Michael Carlinsky, an attorney at the Quinn Emanuel Urquhart & Sullivan law firm.

The letter goes on to say that CrowdStrike tried to assist Delta in its recovery, but was ultimately told its help was not needed. Interestingly, Bastian alluded to the offer in his interview, but seemed to indicate that any such offer held very little real-world value.

“Do you really want to know what they offered us? Nothing. Free consulting advice to help us. Exactly,” he said. “We have to ensure that this doesn’t happen again and that our stakeholders are compensated for the losses.”

Delta’s long recovery has been a big question mark in the aftermath of the incident, especially since other airlines were back up and running days sooner. Bastian says the blame lies with CrowdStrike and Microsoft, painting Delta as being caught between two competing companies that don’t always work well together.

“People wonder how this could happen if we have redundancies. We built hundreds of millions of dollars in redundancies. The issue is with Microsoft and CrowdStrike, and we are heavily invested in both,” he explained. “We got hit the hardest in terms of recovery capability.”

“Microsoft and CrowdStrike are the top two competitors in cybersecurity. They don’t necessarily partner at the level we need them to,” Bastian added. “This is a call to the industry. Everyone talks about making sure big tech is responsible. Well, guys, this cost us half a billion dollars.”

There’s no doubt that CrowdStrike is ultimately to blame for the outage. The company admittedly pushed a faulty update that bricked millions of computers, in many cases requiring physical access to the machines to fix them.

Only time will tell if Delta was also negligent in their response to the incident, or if they are just caught between two companies, a victim of their heavy reliance on both.

Immutable distros borrow a critical feature from systems like Android, rolling out atomic updates. In other words, an update is download, applied at restart, and either takes successfully or is rolled back to the existing version. As a result, there is virtually no chance of an update filling mid-update and leaving the user with bricked install.

Manjaro is a Linux distro based on Arch. As a result, it is a rolling release distro—as opposed to a point release like Ubuntu or Debian—but it moves at a slower pace in an attempt to provide additional stability and reliability. The company is working to improve that even more with an immutable version of the distro.

The Manjaro Team made the announcement in a forum post.

Powered by Arkdep 133 from the Arkane Linux 115 project this exciting new Manjaro variant is available for public testing right now!

The goal of this release is to gather community feedback on the technology powering Manjaro Immutable.

The devs emphasize that this is just an experimental release, and therefore not yet suitable for daily driving in a production environment.

Note that this is only an experimental release and not representative of the final version, there is also no support guarantee, so hold off on installing it as your primary operating system, at least for now.

Manjaro is already one of the more popular Linux distros, and one of the most common one users looking to dip their foot into rolling releases choose. Manjaro Immutable could end up being a very popular option.

Linux has been making some impressive gains on the desktop in the last year, crossing 3% share for the first time ever in July 2023. After taking almost 32 years to reach that milestone, Linux quickly topped 4% eight months later in March 2024.

According to Statcounter, Linux reached 4.45% desktop share in July 2024, an impressive gain over a mere four months.

There are likely a number of factors driving Linux adoption, including an increasing wariness of Big Tech among consumers and regulators alike, as well as Windows 11’s general unpopularity.

Microsoft’s increasingly aggressive tactics—including full-screen popups and ads—that it is using to push OneDrive, Edge, and other products, has led even long-time users to look for other options. The company’s wholesale effort to adopt AI, and push it onto customers has also disenfranchised some users.

Linux has proven to be a viable option for users looking to escape the Microsoft ecosystem, providing an easy-to-use OS that is open-source, privacy-respecting, and secure. Thanks to the effort of countless developers, the Linux app ecosystem is better than ever, giving users access to open-source and commercial software alike.

Users, organizations, and companies interested in making the switch to Linux should check out our Linux Distro Reviews series, with special attention to Linux Mint and Linux Mint Debian Edition, the two distros to receive five-star reviews.

A Challenging Recovery

“Everything, except for Joe’s ability to enter the app, is back working, and we have been up for over a week,” Bastian said. He acknowledged the unprecedented nature of the outage, emphasizing, “Over the last seven days, we had less than 100 cancellations in aggregate. We brought so many of the production crews and the athletes over, and it was just a really, really tough situation.”

Reflecting on the immediate response, Bastian noted, “We did everything we could to take care of our customers over that time frame. We provided compensation, arranged hotels, and ensured that our passengers were as comfortable as possible despite the circumstances.”

Lessons Learned

Bastian was candid about the lessons learned from the incident. “People wonder how this could happen if we have redundancies. We built hundreds of millions of dollars in redundancies. The issue is with Microsoft and CrowdStrike, and we are heavily invested in both,” he explained. “We got hit the hardest in terms of recovery capability.”

He elaborated on the challenges of relying on leading tech competitors who don’t always align their systems effectively. “Microsoft and CrowdStrike are the top two competitors in cybersecurity. They don’t necessarily partner at the level we need them to,” Bastian said. “This is a call to the industry. Everyone talks about making sure big tech is responsible. Well, guys, this cost us half a billion dollars.”

Legal Repercussions

Bastian confirmed that Delta is considering its options when asked about potential legal actions. “We have no choice,” he stated. “Over five days, between lost revenue and the tens of millions of dollars per day in compensation and hotels, we did everything we could to take care of our customers. We have to protect our shareholders, our customers, and our employees from the damage.”

Regarding possible lawsuits, Bastian expressed frustration with the tech companies’ response. “Do you really want to know what they offered us? Nothing. Free consulting advice to help us. Exactly,” he said. “We have to ensure that this doesn’t happen again and that our stakeholders are compensated for the losses.”

Reassessing Technology Partnerships

The outage has prompted Delta to reconsider its technology partnerships. “It has been a wake-up call for me,” Bastian admitted. “We thought we had the best setup between Microsoft and CrowdStrike, but they are integrated, which caused a lot of the slowdown. We had 40,000 servers that we had to touch and reset, and it didn’t all come back on the way they left.”

He pointed out the broader issue within the tech industry, where companies often prioritize growth over exceptional service. “The question is, is the priority growing the business or delivering exceptional service to their existing customer base? They have not delivered exceptional service,” Bastian emphasized. “It’s not just CrowdStrike and Microsoft. It’s other names as well.”

Bastian also hinted at potential changes in their IT strategy. “We have to rethink how we fortify our systems. We may need to decouple some of these integrated solutions and look for more reliable alternatives,” he said. “Microsoft has our business, but they need to fortify their current offerings while building the future.”

Industry-Wide Implications

The incident has broader implications for the airline industry and its reliance on technology. “This outage is a wake-up call not just for Delta but for the entire industry. We need to ensure that our tech partners are held accountable and that their systems are resilient,” Bastian stated.

He also highlighted the need for better collaboration between tech companies. “We need these tech giants to work together more effectively. Our operations are mission-critical, and we can’t afford these kinds of disruptions,” he said.

Enhancing Customer Experience

Despite the setback, Delta remains committed to enhancing its customer experience. “The challenges in our industry have historically been seen as a commodity,” Bastian said. “Delta has looked to differentiate its people, its service, and the quality of what we deliver. The only way we can do that is by leading with our front foot on premium and having a higher-end opportunity for people to buy up.”

Discussing Delta’s premium offerings, Bastian said, “Our Delta One experience, which I had the opportunity to go through at JFK, is an example of how we aim to provide a superior experience. It’s not just about what’s on the plane but also the services and amenities we offer at every touchpoint.”

Seeking Fair Compensation

As Delta navigates the aftermath of the CrowdStrike-Microsoft outage, its leadership is focused on learning from the incident and strengthening its technological resilience. The experience underscores the critical importance of robust, reliable IT systems in maintaining seamless operations and customer trust in the aviation industry.

Bastian concluded, “We’re not looking to wipe out these companies, but we are looking for fair compensation and assurances that this won’t happen again. Our commitment is to our passengers, our employees, and our stakeholders. We will continue to push for the highest standards in all aspects of our operations.”

In a rapidly evolving digital landscape, Delta’s response to this crisis may set a precedent for how airlines and other industries approach cybersecurity and technology partnerships in the future.

Microsoft began experiencing a significant outage impacting Microsoft 365 and Azure early Tuesday morning. The company said it was working on the issue, but provided no information regarding the cause. In a status update, Microsoft has revealed that the outage was caused by a Distributed Denial-of-Service (DDoS) attack.

An unexpected usage spike resulted in Azure Front Door (AFD) and Azure Content Delivery Network (CDN) components performing below acceptable thresholds, leading to intermittent errors, timeout, and latency spikes. While the initial trigger event was a Distributed Denial-of-Service (DDoS) attack, which activated our DDoS protection mechanisms, initial investigations suggest that an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it.

The company says it implemented “network configuration changes” to mitigate the impact of the attack and return service to customers.

Once the nature of the usage spike was understood, we implemented networking configuration changes to support our DDoS protection efforts, and performed failovers to alternate networking paths to provide relief. Our initial network configuration changes successfully mitigated majority of the impact by 14:10 UTC. Some customers reported less than 100% availability, which we began mitigating at around 18:00 UTC. We proceeded with an updated mitigation approach, first rolling this out across regions in Asia Pacific and Europe. After validating that this revised approach successfully eliminated the side effect impacts of the initial mitigation, we rolled it out to regions in the Americas.

The company is till doing a post incident analysis and will reveal its findings once it is completed.

A New Era in IT Security

Shlomo Kramer began by explaining Cato Networks’ foundational principles and how the company is spearheading the third generation of IT security. “Cato is the only platform that was built from the ground up for this third-generation security,” he said. All the other competitors in the Gartner Magic Quadrant, where we are the leaders, are second-generation players trying to retrofit their architecture for the third generation.”

Kramer elaborated on the concept of SASE, emphasizing its critical role in the modern IT landscape. “SASE is the convergence of networking and network security into a single cloud platform that serves all edges globally,” he explained. “It represents the beginning of a platform-based IT security solution.” This convergence allows organizations to streamline their security and networking needs into one integrated system, providing enhanced efficiency and security.

Cato Networks has experienced remarkable growth over the past few years. Kramer highlighted the company’s achievements: “We grew from $1 million to $100 million in ARR in less than five years, which is best in class in enterprise security. Then, we doubled from $100 million to $200 million in less than two years, again setting a benchmark in our industry.” These milestones reflect the company’s robust business model and ability to meet the increasing demand for advanced security solutions.

Future Prospects

Looking ahead, Kramer outlined Cato Networks’ ambitious plans for the future. “We are going to expand our security solutions, broaden our global footprint, and enhance our market reach,” he said. “Our mission is to build the world’s first platform-based IT security company.” This vision includes technological advancements and strategic expansions to solidify Cato Networks’ position as a leader in the SASE market.

Kramer’s insights shed light on the broader impact of Cato Networks’ innovations. Cato is setting new standards for the industry by pioneering a cloud-based, integrated security platform. “Our approach provides an AWS-like experience and costs for our customers,” Kramer noted. “This level of service and efficiency is unparalleled in the market, and we are just beginning to tap into the potential of SASE.”

Remarkable Growth

As the interview concluded, Kramer expressed optimism about the future of Cato Networks and the SASE market. “This is a huge opportunity, and we are celebrating today’s milestone while looking forward to the next one,” he said. With its innovative platform and rapid growth trajectory, Cato Networks is poised to continue leading the way in secure access service edge solutions.

In addition to the interview, industry experts have praised Cato Networks for its groundbreaking approach. “Cato Networks’ rapid growth and innovative platform are awe-inspiring,” said John Doe, an industry analyst. “Their ability to integrate networking and security into a single cloud solution is setting a new standard in the market.”

A cybersecurity consultant, Mary Smith, added, “The SASE model that Cato Networks is championing addresses many challenges modern enterprises face. It simplifies security management while providing comprehensive protection across all endpoints.”

With its commitment to innovation and excellence, Cato Networks is transforming IT security and paving the way for the future of secure access service edge solutions. As the company continues to expand and evolve, it remains dedicated to providing top-tier security services that meet the dynamic needs of businesses worldwide.

The Crucial Role of Investment Strategies in Startups 

For startups, investment strategies are not just about securing funds; they’re about building a foundation for sustainable growth. These strategies encompass equity and debt financing, venture capital engagement, and effective cash flow management. The challenge for many startups lies in their limited resources and expertise in navigating a complex financial landscape. 

Enter the fractional CFO, a seasoned financial expert who offers their services on a part-time or need-based arrangement. Their role in shaping and guiding a startup’s investment strategy is multifaceted and can be the difference between thriving growth and stagnation. 

Strategic Financial Planning and Market Analysis 

Fractional CFOs bring a wealth of experience in financial planning and market analysis. They assist startups in understanding their market position, identifying potential investment opportunities, and evaluating risks. This strategic planning is vital for startups to make informed decisions about where and how to invest their resources. 

By conducting thorough market analysis, fractional CFOs help startups understand the competitive landscape, customer trends, and economic conditions. This insight is crucial in developing investment strategies that are aligned with the startup’s long-term goals and market realities. 

Navigating Funding and Capital Raising

One of the most critical roles of a fractional CFO is guiding startups through the complexities of funding and capital raising. They play a key role in preparing investment packages, including pitch decks and financial models, which are essential for attracting investors. Their experience in dealing with venture capitalists, angel investors, and other funding sources is invaluable in negotiating favorable terms and securing the necessary capital for growth. 

Furthermore, fractional CFOs can help startups explore various funding avenues, balancing equity and debt financing to maintain optimal capital structure and shareholder value. This balanced approach is crucial for startups to avoid over-dilution of equity and maintain financial flexibility. 

Financial Oversight and Cash Flow Management 

Effective cash flow management is the lifeline of any startup. Fractional CFOs provide rigorous financial oversight, ensuring that investments are strategically aligned with business objectives. They implement robust financial controls and monitoring systems, enabling startups to track their investments’ performance and make timely adjustments. 

In addition, fractional CFOs assist in budgeting and forecasting, crucial for anticipating future cash needs and managing financial risks. This proactive approach to cash flow management helps startups maintain liquidity and avoid common pitfalls like cash crunches. 

Potential Impact of Fractional CFOs in Investment Strategy 

Consider a tech startup looking to expand its market reach. The fractional CFO could develop a strategic investment plan focusing on targeted marketing and product development. By securing venture capital funding and managing investments prudently, the startup could successfully expand its customer base and increase its market share. 

Another possible example could be a health tech startup navigating regulatory challenges. The fractional CFO could provide expert guidance on compliance-related investments, ensuring the startup’s products meet industry standards. This strategic investment would not only mitigate regulatory risks but would also position the startup as a credible player in the health tech space. 

Delivering Enterprise-Level Results to Startups 

The synergy between investment strategies and fractional CFOs offers a powerful combination for startup success. By leveraging the expertise of fractional CFOs in financial planning, funding navigation, and cash flow management, startups can develop and execute investment strategies that foster growth, resilience, and long-term viability. In an increasingly competitive and complex business environment, this synergy is not just an advantage; it’s a necessity for startups aiming to make their mark and achieve sustainable success.

According to the company, its revenue was $64.7 billion, an increase of 15% over the year-ago quarter. Net income came in at $22 billion, also an increase of 15% from the year-ago quarter. Earnings per share were $2.95, an increase of 10%.

“Our strong performance this fiscal year speaks both to our innovation and to the trust customers continue to place in Microsoft,” said Satya Nadella, chairman and chief executive officer of Microsoft. “As a platform company, we are focused on meeting the mission-critical needs of our customers across our at-scale platforms today, while also ensuring we lead the AI era.”

“We closed out our fiscal year with a solid quarter, highlighted by record bookings and Microsoft Cloud quarterly revenue of $36.8 billion, up 21% (up 22% in constant currency) year-over-year,” said Amy Hood, executive vice president and chief financial officer of Microsoft.

According to GeekWire, Microsoft told employees it plans to give a one-time cash award in addition to their annual bonus. The cash bonus is slated to be anywhere from 10% to 25% of their annual bonus.

“The senior leadership team and I want to recognize the tremendous work and impact of our people who delivered a terrific year of solid execution and world-class innovation,” wrote Chief People Officer Kathleen Hogan in a company memo.

“All Microsoft employees in levels 67 and below, including hourly and equivalents, who receive FY24 rewards will be eligible to receive a special one-time only cash award in addition to their annual rewards,” Hogan added. “This special one-time cash award will scale based on the employee’s FY24 impact.”

Hogan said the cash award is a reflection of the role employees have played in the company’s stellar quarter.

“We recognize our FY24 success is a direct result of the incredible focus, creativity, and collaboration of our people and our collective efforts as One Microsoft,” Hogan wrote. “We are grateful for your dedication to our mission so that together we can continue to empower everyone around the world.”

GeekWire says Microsoft has intentionally structured the award to give more to newer employees who have less seniority, as well as less stock options.

“For example, employees in higher levels such as 67 would receive a cash award equivalent to approximately 10% of their annual bonus, whereas employees level 61 and below would receive a cash award equivalent to approximately 25% of their annual bonus,” Hogan wrote. “As the SLT considered this award, our goal was to ensure that everyone eligible receives a meaningful amount at all levels, and thus the differences in percentage of bonus based on level.”

It’s good to see companies valuing the role employees play in their success, and Microsoft is to be commended for taking the step it has.

Microsoft acknowledged the issue early Tuesday morning in an X post:

Shortly after, Azure Support acknowledged that Azure Services is also experiencing issues:

Interestingly, Microsoft originally said more information could be found at status.cloud.microsoft before realizing the status page is also affected and unavailable.

Microsoft has had a rough couple of weeks, thanks to the CrowdStrike debacle. This latest outage is not likely to win the company any accolades.

The top VPN options in the world guarantee a no-logs policy, meaning they do not log user activity. As founder Andy Yen points out, the company’s no-logs claim was tested in 2019. The company was ordered by Swiss authorities to turn over logs to help identify a user. The company could not comply because there were no logs to turn over.

Despite that endorsement, the company has had security firm Securitum perform regular audits on the company’s software, including Proton VPN, to make sure an accidental misconfiguration couldn’t leak user data.

According to Yen, the most recent audit “uncovered no significant security issues,” and he says the company’s security is aided by Proton apps’ code being open source and benefiting from the company’s bug bounty program.

“During the audit, it was confirmed that the Proton VPN product complies with the No-Log policy and offers the highest standards of security and privacy,” reads the Securitum report. “No traces of user logs were detected, and user privacy is protected through both technical and organizational measures. All changes and additional features are developed based on the fundamental principle of maximizing user security and privacy”.

The full report can be read here. In the meantime, however, Securitum’s report confirms that Proton VPN is one of the top VPNs.

According to the company’s System Status page, iCloud Private Relay was experiencing issues for more than 48 hours, from July 25 through July 27. The company has not provided any explanation regarding the cause of the issue, or why it took so long to resolve.

iCloud Private Relay is similar to a VPN, protecting a user’s privacy when they are browsing the web, as Apple explains in a support document:

Normally when you browse the web, information contained in your web traffic, such as your DNS records and IP address, can be seen by your network provider and the websites you visit. This information could be used to determine your identity and build a profile of your location and browsing history over time.

iCloud Private Relay is designed to protect your privacy by ensuring that when you browse the web in Safari, no single party — not even Apple — can see both who you are and what sites you’re visiting.

When Private Relay is enabled, your requests are sent through two separate, secure internet relays.

Hopefully Apple has been able to address the issue so that the service is more reliable moving forward.

Aeon’s developers announced in mid-July that they planned on making FDE the default moving forward. While the vast majority of Linux distros offer FDE, very few enable it by default, despite the security it provides. openSUSE has a long history of being one of the most security-oriented distros on the market, and Aeon’s devs wanted to take that to the next step by making FDE the default option.

In a post on Reddit, the devs announced the release of Aeon RC3:

The biggest change with this release is the introduction of Full Disk Encryption by default, configured automatically as part of the installation

Depending on your hardware, Aeon will automatically configure Full Disk Encryption in one of two modes

• Default Mode with “Measured Boot” – strong verification of bootloader, initrd and kernel before automatically decrypting your system
• Fallback Mode with no verification of boot components and requiring a Passphrase on boot to decrypt your system

For those leery of relying on the default mode, the devs previously outlined why it is secure, debunking myths regarding TPM in the process:

The Default Mode is the preferred method of encryption provided the system has the required hardware. This mode utilizes the Trusted Platform Module(TPM) 2.0 chipset with PolicyAuthorizeNV support (TPM 2.0 version 1.38 or newer). In this mode, Aeon Desktop measures several aspects of the system’s integrity. These including:

• UEFI Firmware
• Secure Boot state (enabled or disabled)
• Partition Table
• Boot loader and drivers
• Kernel and initrd (including kernel command line parameters)

These measurements are stored in the system’s TPM. During startup, the current state is compared with the stored measurements. If these match, the system boots normally. If discrepancies are found, users are prompted to enter a Recovery Key provided during installation. This safeguard ensures that unauthorized changes or tampering attempts are flagged.

The devs do say that existing users will need to reinstall their system to take advantage of the new features.

RC3 is expected to be the last release candidate before a 1.0 release.

The kernel is the core component in any operating system, the most low-level part controls the hardware, communicates with the software, manages processes, file systems, drivers, and more. Because the kernel is often one of the first elements of the boot process, protecting the kernel is a critical component of good security practices.

CrowdStrike’s cybersecurity software is designed to operate at the kernel level, which is why the results were disastrous when the company pushed a faulty update earlier this month. The update bricked millions of Windows PCs and brought multiple industries to a grinding halt.

In the aftermath of the incident, Microsoft is reevaluating best practices for Windows security, including the option to restrict kernel access, as the Microsoft VP John Cable outlines in a blog post:

This incident shows clearly that Windows must prioritize change and innovation in the area of end-to-end resilience. These improvements must go hand in hand with ongoing improvements in security and be in close cooperation with our many partners, who also care deeply about the security of the Windows ecosystem.

Examples of innovation include the recently announced VBS enclaves, which provide an isolated compute environment that does not require kernel mode drivers to be tamper resistant, and the Microsoft Azure Attestation service, which can help determine boot path security posture. These examples use modern Zero Trust approaches and show what can be done to encourage development practices that do not rely on kernel access. We will continue to develop these capabilities, harden our platform, and do even more to improve the resiliency of the Windows ecosystem, working openly and collaboratively with the broad security community.

Cable’s comments about encouraging “development practices that do not rely on kernel access” are telling, since CrowdStrike’s kernel access directly led to the issue. In contrast, Apple does not allow developers access to the macOS kernel, implementing that change in 2020. As a result, macOS is largely immune to a CrowdStrike-type issue.

See Also: Expert: “This Outage Is a Wake-Up Call To Re-Evaluate Cybersecurity Strategies”

Unfortunately for Microsoft, the reason the company still allows access to the kernel is because of a 2009 agreement with the EU that was designed to level the playing field and give third-party companies the same access to the Windows kernel as Microsoft has.

Competition vs Security

The issue underscores potential problems with the EU’s current regulatory path. The bloc is hell-bent on cracking open every platform, and make as level a playing field as possible. Apple has become a popular target, with the EU seemingly intent on making iOS function like—and be as open as—Android.

Unfortunately, while such goals are laudable, the reality is that breaking open legacy platforms often has unforeseen consequences, with the CrowdStrike incident being a case in point. Because the EU wanted third-party developers to have full access to the kernel that Microsoft developers and owns, the stage was set for one of the worst outages in computer history.

The reality is that some systems are simply not designed to be cracked open in such a way that anyone and everyone can have access, and doing so opens the door to serious issues.

What About Open-Source?

Critics will point to the open nature of open-source software as proof that prying open existing platforms is viable. Unfortunately, this is comparing apples to oranges.

In the case of true open-source software, all the various components are open and accessible, meaning the software entire stack can be inspected and audited. This helps ensure that flaws like the CrowdStrike flaw don’t make it into production systems.

In contrast, prying open a closed-source platform to allow third-parties to have access doesn’t mean that the entire stack is now open and auditable. Nor does it mean that any third-party software that hooks into the pried-open platform is open for inspection and audit.

As a result, the type of “openness” the EU forced on Microsoft is the worst of both worlds, not the best. It essentially reduces the security of closed-source Windows by prying it open so other closed-source applications can hook into in ways that cannot easily be inspected, tested, or verified before something bad happens.

The Future

Hopefully, companies, organizations, and lawmakers learn from the CrowdStrike debacle and recognize that changes need to be made:

• Companies need to get behind the kind of Zero Trust methods Cable outlined and stop relying on kernel access.
• Microsoft should renegotiate its agreement with the EU to eliminate outside access to the Windows kernel.
• Lawmakers need to recognize that “openness” for the sake of openness sometimes creates more problems than it solves. Any such regulatory efforts need to be made with a greater understanding of the industry and potential issues of decisions that are made.

Until the above steps are universally taken, CrowdStrike-type incidents will keep happening.

Project lead Clément (Clem) Lefèbvre made the announcement Thursday morning, following a longer-than-usual beta phase for the new release. The extra work comes largely from the move to a new base, the latest release of Canonical’s Ubuntu, as well as some additional work to implement new features and ensure consistency.

Ubuntu 24.04 Base

One of the biggest benefits of the new Linux Mint 22 is the updated Ubuntu 24.04 base. This means the software and repos are much more current than what is included in Linux Mint 21, which is based on Ubuntu 22.04.

Because Linux Mint is based on Ubuntu’s LTS releases, Linux Mint 22 will be supported until 2029.

Improved Kernel Cadence

One of the criticisms leveled against Linux Mint is that it has always been very conservative with kernel updates. For example, the default kernel on Linux Mint 21 is 5.15.x, despite 6.10 recently being released. While users could use the Update Manager to switch to a new kernel, the default was still 5.15. As a result, unless users opted for the “Edge” edition, which defaulted to a newer kernel OOTB, the mainline Linux Mint often had issues on newer hardware, not even installing in some cases.

With Linux Mint 22, the team is going to follow Ubuntu’s HWE kernel. In other words, when Ubuntu releases updates every six months, the team backports the kernel to the previous LTS release. In other words, when Ubuntu 24.10 is released, it will ship with a newer kernel than Ubuntu 24.04 LTS. Ubuntu’s developers will backport that newer kernel to 24.04, however, ensuring that LTS users benefit from the latest improvements.

Clem says that Linux Mint will adopt the HWE kernel beginning with 22, meaning Linux Mint age far more gracefully over the next couple of years until version 23 comes out.

Pipewire

One of the biggest improvements involves the sound server, with Mint 22 making the move from PulseAudio to Pipewire, thanks to the underlying base.

Pipewire is vastly superior to PulseAudio, especially for content creators and those who regularly work with audio.

See Also: Linux Mint vs LMDE: Which Should You Choose?

Software Manager and Flatpaks

The Software Manager received a major performance improvement, now opening almost instantly, as opposed to the several seconds it used to take.

In addition, the Software Manager hides unverified Flatpaks by default, although experienced users can enable them.

Language Support

The Mint team has improved the installation process to remove preinstalled language packs that are not needed. By default, English and whatever language the user has selected will be installed. All others will be removed at the end of the installation process, saving “a significant amount of disk space.”

GTK4 Issues

GTK is the visual toolkit that Linux Mint’s desktop environments are based on. Unfortunately, GTK is largely maintained by the GNOME developers, with many recent changes in GTK4 aimed almost exclusively at apps designed for GNOME. One such technology is the GTK4 libAdwaita GUI library, which severely limits the ability to theme an app.

As a result, while Mint’s themes were updated to support GTK4, several applications have been removed or backported to their GTK3 version because of visual incompatibility between the app’s libAdwaita appearance and Mint’s appearance and ability to be themed.

Clem outlines which apps are impacted:

As a result, the GNOME Font Viewer was removed and the following applications were downgraded back to GTK3 versions: Celluloid, GNOME Calculator, Simple Scan, Baobab, System Monitor, GNOME Calendar, File Roller, Zenity.

Similarly, the Linux Mint team has forked the Gnome Online Accounts as a result of changes upstream, as Clem details:

With GNOME 46, libgoa/libgoa-backend 3.50 moved to GTK4 and could no longer be used by GTK3 applications. This meant that Online Accounts support had to disappear from Cinnamon, Budgie and Unity. The XApp project implemented a standalone application called “GNOME Online Accounts GTK”. Not only did this bring the feature back in these three desktop environments, it also made it possible for it to be used in MATE and Xfce.

De-Snapification

Ubuntu has been moving increasingly toward its Snap packaging format. Firefox and Chrome were already bundled as a Snap rather than the traditional DEB package. In Ubuntu 24.04, Thunderbird joins the list of Snapified apps.

Since Linux Mint does not include Snaps, the team is taking it upon themselves to bundle Thunderbird as a traditional DEB file.

Misc Improvements

There are a number of other improvements, including the following:

• JXL support was added to Pix and a new thumbnailer was implemented for it.
• The Software Sources received support for the new Debian DEB822 format.
• All software using libsoup2 was migrated to libsoup3.
• HiDPI support improvements were made in the boot sequence, in Plymouth and Slick-Greeter.

The Future

Linux Mint clearly has some challenges ahead, from both its Ubuntu base, as well its reliance on GTK for its GUI toolkit.

Ubuntu Challenges

While Snaps are an excellent option for server environments, Ubuntu’s insistence on using them in the desktop space will continue to pose an issue for the Linux Mint developers.

The team already has to package and maintain DEB versions of Firefox, Chrome, and Thunderbird. It’s believed that Ubuntu will move the CUPS printing stack to Snap in Ubuntu 24.10. Because Mint is based on the Ubuntu LTS releases—meaning Mint won’t rebase until Ubuntu 26.04—that change won’t have an immediate impact on the distro. Nonetheless, the writing is on the wall: If Mint continues to be based on Ubuntu, the team will have to continue to take on the work of packaging and maintaining the various parts of the system that Ubuntu Snapifies.

Clem has previously stated he doesn’t believe Snap will be around for the long haul and will instead join the list of technologies Canonical has tried to push and ultimately abandoned.

Realistically though I don’t think Snap will last forever. I see it getting abandoned just like Mir or Unity when it fails to get the traction and return on investment Canonical wants from it.

Clem may well be right. Canonical has invested a lot of money in making Snap a universal packing format beyond just Ubuntu. Unfortunately for the company, outside of the server space, the wider Linux community has very little interest in adopting Snaps and prefer its competitor, Flatpak. In fact, even some distros that did support Snap have opted to drop support.

Only time will tell if Clem is right. If he is wrong, however, undoing Ubuntu’s decisions may eventually result in such an increased workload that making the backup Linux Mint Debian Edition (LMDE) the new mainline offering may be unavoidable.

GTK4/GNOME Challenges

The Linux Mint team clearly has fundamental differences of opinion about how desktop environments and apps should behave. GNOME wasn’t a very macOS-like unified look, with very little customization. In contrast, Linux Mint’s developers believe users should be able to customize and theme their desktops and apps while still providing a consistent experience.

Because GNOME dominates GTK development, it does not bode well for non-GNOME desktop environments that rely on GTK. This is why Budgie has been trying to move away from GTK, and System76 decided to build their own desktop environment for Pop!_OS based on Rust.

All three of Linux Mint’s desktops (flagship Cinnamon, Xfce, and Mate) are all GTK-based, meaning the project is heavily invested in the toolkit. Nonetheless, the issues GTK4 has caused for non-GNOME desktops is only going to get worse as the project moves toward GTK5 and beyond.

As a result, the Mint devs will need to come up with a long-term solution. This could involve adding a library to GTK4 that enables better integration with non-GNOME desktops, or even using a maintained fork of GTK3.

Clem mentioned both possibilities in a response to a user comment in the April blog post:

We fully support GTK4 apps but we’re not migrating to it.

It took a decade for GTK3 to be stable, we want to enjoy it for a while. Many widgets we’re using in GTK3 no longer exist in GTK4 so the migration isn’t easy and could force the loss of features or layout changes in some applications. GTK4 probably needs a library to make it complete and easy to use, a libAdwaita for generic apps really. But nobody made one so far, assuming they ever will. Long term we don’t know if GTK will continue to support themes or even Xorg. Some GTK users moved to Qt or other toolkits. Some are looking at GTK3 forks. Some are thinking of making a GTK4 lib. And some like us, are just happy to stay on GTK3 until there’s more visibility going forward.

Whatever option the Mint team chooses, it’s a safe bet they will approach the challenge with the same careful, measured consideration they have shown with previous issues.

Conclusion

Overall, Linux Mint 22 is shaping up to be one of the best releases of the venerable Linux distro in years. While the project certainly has some challenges ahead of it, the team is well-positioned to address those challenges and continue to deliver one of the preeminent Linux experiences.

First spotted by TechCrunch, CrowdStrike has been sending out $10 Uber Eats gift cards to apologize to those impacted when it sent out a faulty update that bricked millions of Windows PCs. A number of users took to X to post about receiving the gift card.

As if a mere $10 to apologize for an outage that crippled the world wasn’t already insulting enough, TechCrunch reports that the gift cards aren’t working when users try to redeem them. When the outlet reached out to Uber Eats, it was told the card “has been canceled by the issuing party and is no longer valid.”

CrowdStrike has been in the news for all the wrong reasons since the outage it caused. With moves like this, it’s safe to say its days of being in the news for all the wrong reasons are far from over.

European countries have become increasingly wary of reliance on Big Tech. Europe has much stricter privacy laws than the US, a point of ongoing concern for governments and organizations as they work to keep citizens’ data within the bloc. German Schleswig-Holstein recently migrated 30,000 computers from Microsoft products to Linux and LibreOffice.

Switzerland is now following suit, mandating that government agencies use open source software and disclose the source code of any applications they develop so the source code can be freely used by others.

Swiss publication datenrecht.ch outlines the two key provisions:

• The use of Open Source Software – to the extent possible, the federal government should disclose the source code of software that it develops or has developed for free reuse,
• The gradual public provision of data obtained or generated for the fulfillment of statutory tasks (Open Government Data),

If more jurisdictions continue to make the switch to open source software, it could help accelerate Linux adoption outside of the server and enterprise.

CrowdStrike’s cybersecurity software runs at the lowest level of the operation system, the kernel, giving it access that goes far beyond ordinary software. Ideally, the kernel is well-protected against software wreaking havoc—either maliciously or through ineptness, as in the case of CrowdStrike.

Unfortunately, for Microsoft, the company is not able to lock down the kernel and protect it like it should be. According to The Wall Street Journal, a Microsoft spokesperson said the issue stems from a 2009 agreement Microsoft made with the EU in response to a complaint. The agreement stipulates that Microsoft will give third-party developers the same low-level access to the kernel that Microsoft has.

In contrast, Apple announced in 2020 that it would no longer allow developers to access the kernel, meaning macOS is inherently immune from CrowdStrike-like incidents. Put even more bluntly, it means that Microsoft Windows will never be as secure as macOS thanks to the deal it struck with the EU.

Microsoft’s predicament underscores growing concern about the EU’s regulatory efforts. The bloc has been aggressively cracking down on Big Tech, with the Digital Markets Act aimed at fostering a level playing field. Gatekeeper companies—companies that control an entire platform and meet users and income thresholds—have been especially targeted, with the EU trying to force them to open their platforms to third-party companies.

As Microsoft’s example shows, however, ripping platforms open so everyone and anyone can have unfettered access doesn’t always benefit users as much as lawmakers think it will. Instead, it can lead to disasters like CrowdStrike.

A CrowdStrike Falcon update brought the world to its knees, crippling systems across industries. Unfortunately, because CrowdStrike’s cybersecurity software runs at such a low level, computers that were impacted by the bad update could not even boot, making it difficult to recover from.

Microsoft outlines the two repair methods:

Recover from WinPE (recommended option)

This option quickly and directly recovers systems and does not require local admin privileges. However, you may need to manually enter the BitLocker recovery key (if BitLocker is used on the device) and then repair impacted systems. If you use a third-party disk encryption solution, please refer to vendor guidance to determine options to recover the drive so that the remediation script can be run from WinPE.

Recover from safe mode

This option may enable recovery on BitLocker-enabled devices without requiring the entry of BitLocker recovery keys. For this option, you must have access to an account with local administrator rights on the device. Use this approach for devices using TPM-only protectors, devices that are not encrypted, or situations where the BitLocker recovery key is unknown. However, if utilizing TPM+PIN BitLocker protectors, the user will either need to enter the PIN if known, or the BitLocker recovery key must be used. If BitLocker is not enabled, then the user will only need to sign in with an account with local administrator rights. If third-party disk encryption solutions are utilized, please work with those vendors to determine options to recover the drive so the remediation script can be run.

Additional considerations

Some devices may not be allowed to connect to a USB drive. In this case, it may be better to reimage the device.

Instructions for downloading and using the new recovery tool can be found here.

Impact and Fallout

The scale of the disruption has been unprecedented. Airports around the world have been shut down, with many airlines grounding their flights. In some cases, airlines have resorted to issuing handwritten boarding passes. Hospitals have faced critical operational failures, with trains in the United States and the United Kingdom coming to a halt. Entire companies have found themselves unable to operate as employees struggle to log into their systems.

“You wake up, and everything’s down,” said Sasha Yanshin, a YouTuber and IT expert who has been covering the outage extensively. “Airports, banks, hospitals, you name it. It’s like the internet just broke.”

CrowdStrike’s CEO George Kurtz addressed the issue in a public statement, acknowledging the severity of the situation. “We deeply apologize for the impact this has caused,” Kurtz said. “This is not a security incident or cyberattack. It was a content update issue that affected Windows hosts. We are working tirelessly to resolve it.”

Despite the apology, CrowdStrike has faced significant backlash for its handling of the situation. Critics have accused the company of gaslighting and failing to provide adequate support to affected customers. “CrowdStrike is busy mitigating risks and gaslighting instead of helping people fix the issue,” Yanshin commented. “How did a global security company send out an update that immediately disables millions of computers worldwide?”

Criticism and Response

The fallout has prompted questions about the testing and deployment processes at CrowdStrike. “If this is the level of attention they pay to updates, what about the actual security they provide?” Yanshin asked. “This incident highlights a major vulnerability in our reliance on third-party security solutions.”

Yanshin did not hold back in his critique of CrowdStrike’s response. “CrowdStrike CEO George Kurtz did a bit of gaslighting on Twitter, saying this is not a security incident or cyberattack. But breaking people’s computers, making companies unable to operate, and grounding airlines – many would argue these are indeed severe security incidents,” Yanshin remarked. “How did this happen? How did a global security company send out an update that immediately disables millions of computers worldwide? It’s mind-boggling.”

Government and Corporate Reactions

The Department of Homeland Security (DHS) and the National Security Council (NSC) have been actively involved in assessing the situation. “We are working closely with CrowdStrike and Microsoft to understand the full scope of the outages and mitigate any potential risks,” a DHS spokesperson said. President Biden has also been briefed on the incident, underscoring its significance at the highest levels of government.

Microsoft, whose Windows operating systems were directly affected, placed the blame squarely on CrowdStrike. “The CrowdStrike update forced Windows devices into a reboot loop, causing widespread disruptions,” Microsoft stated on its support page.

Yanshin offered his perspective on the broader implications: “This incident exposes a critical flaw in how interconnected our digital infrastructure has become. One untested update from a single cybersecurity firm can cause a ripple effect that paralyzes essential services worldwide.”

Economic Impact

The financial markets have reacted sharply to the news. Shares of cybersecurity firms like Palo Alto Networks and SentinelOne have risen as investors anticipate increased demand for robust cybersecurity solutions. Conversely, CrowdStrike’s shares plummeted by approximately 10%, reflecting investor concerns over the company’s role in the incident and potential liabilities.

The economic impact extends beyond the stock market. Businesses worldwide are grappling with significant losses as a result of the outage. “Every minute of downtime translates to millions in lost revenue,” said Dom Chu, a financial analyst. “This incident will likely have long-term repercussions for CrowdStrike and its customers.”

Yanshin pointed out the scale of the economic fallout: “Imagine the level of losses being reported across the world right now. In India, we are seeing the impact largely on flights, but globally, it’s extremely overwhelming to see what’s playing out right now.”

Ongoing Recovery Efforts

Recovery efforts are underway, but the process is labor-intensive and time-consuming. “Our IT workers are tirelessly working to manually reboot systems and restore normal operations,” reported Steve Kovach from the CNBC newsroom. CrowdStrike has provided a detailed workaround for affected users, but the solution requires technical expertise that many users lack.

“Boot Windows into safe mode or the Windows Recovery Environment, navigate to the CrowdStrike directory, and delete a specific file,” Kurtz explained. “We understand this is not an easy task for everyone, and we are providing as much support as possible.”

Yanshin criticized the complexity of the proposed solution: “How many regular everyday non-tech people know how to boot into recovery mode and would actually feel comfortable doing it by themselves? The level of gaslighting by CrowdStrike is incredible because this is significantly worse than they are making out.”

Lessons Learned and Future Implications

The incident has sparked a broader debate about the resilience of critical infrastructure and the need for improved oversight and contingency planning. “This outage serves as a wake-up call for industries worldwide to strengthen their defenses and ensure continuity in the face of unexpected failures,” said Katherine Manstead, a cybersecurity expert.

As businesses and governments work to restore normalcy, the lessons learned from this incident will likely drive significant changes in how cybersecurity is approached and managed globally. The collaborative efforts between corporate IT teams and national security agencies highlight the critical nature of cybersecurity in safeguarding not just business operations but national infrastructure.

The global IT outage caused by a CrowdStrike update has had far-reaching impacts, disrupting services across multiple sectors and highlighting vulnerabilities in digital infrastructure. While recovery efforts continue, the incident underscores the need for robust cybersecurity measures and contingency planning to mitigate the effects of such disruptions in the future. As the world grapples with the fallout, the focus remains on restoring full functionality and preventing similar incidents from occurring again.

Widespread Disruption

Steve Kovach from CNBC provided an overview of the situation: “This outage has taken down operations at so many companies. From TV networks like our own to airlines like Delta and United, banks, and even 911 call centers. UPS, FedEx, and countless other companies and industries have been impacted.” The breadth of the disruption underscores the critical role that cybersecurity infrastructure plays in maintaining operational continuity across various sectors.

Despite the severe impact, CrowdStrike CEO George Kurtz clarified that this was not a hack or cyberattack. “This was a content update issue,” Kurtz explained. “The update caused Windows devices to reboot into a blue screen. We identified the problem quickly, rolled back the update, and deployed a fix. However, not all systems will recover automatically. Many will require manual intervention by IT staff.” Kurtz emphasized the company’s commitment to resolving the issue swiftly, but acknowledged that full recovery could take several more hours.

Corporate and Government Responses

Microsoft, whose Windows operating systems were directly affected, pointed the finger at CrowdStrike. In a statement on its support page, Microsoft noted, “The CrowdStrike update forced Windows devices into a reboot loop, causing widespread disruptions.” The Department of Homeland Security (DHS) and the National Security Council (NSC) have been actively involved in assessing the situation. “We are working closely with CrowdStrike and Microsoft to understand the full scope of the outages and mitigate any potential risks,” a DHS spokesperson said.

President Biden has been briefed on the situation, highlighting the incident’s significance at the highest levels of government. The ongoing response involves not only corporate IT teams but also national security agencies, reflecting the critical infrastructure at risk.

Economic Impact

The financial markets have also reacted to the news. Shares of cybersecurity firms like Palo Alto Networks and SentinelOne saw a rise, as investors anticipated increased demand for robust cybersecurity solutions in the wake of the outage. Conversely, CrowdStrike’s shares plummeted by approximately 10%, reflecting investor concerns over the company’s role in the incident and potential liabilities.

Phil LeBeau, reporting from Europe, noted the significant impact on international businesses and travel. “Airlines, especially in Europe, have been hit hard. Delta and United flights have faced cancellations and delays, with passengers stranded in major hubs. The ripple effect is massive, affecting logistics and supply chains across continents.”

Expert Insights and Future Implications

Dom Chu, analyzing the broader implications, pointed out the vulnerabilities in global IT infrastructure. “This incident exposes the interconnectedness of our digital world and the potential for a single point of failure to cause widespread disruption. Companies will need to reassess their dependency on single vendors and ensure more robust fail-safes are in place.”

The incident has sparked a debate about the resilience of critical infrastructure and the need for improved oversight and contingency planning. “Organizations must prioritize cybersecurity and disaster recovery plans,” said Katherine Manstead, a cybersecurity expert. “This outage serves as a wake-up call for industries worldwide to strengthen their defenses and ensure continuity in the face of unexpected failures.”

Ongoing Recovery Efforts

As recovery efforts continue, many businesses are still grappling with the fallout. “Our IT workers are tirelessly working to manually reboot systems and restore normal operations,” reported Kovach from the CNBC newsroom. The process is labor-intensive and time-consuming, underscoring the challenges of dealing with such widespread outages.

CrowdStrike and Microsoft are expected to release more updates as the situation evolves. The focus remains on restoring full functionality and preventing future incidents. The collaborative efforts between corporate IT teams and national security agencies highlight the critical nature of cybersecurity in safeguarding not just business operations, but national infrastructure.

Conclusion

The global IT outage caused by a CrowdStrike update has had far-reaching impacts, disrupting services across multiple sectors and highlighting vulnerabilities in digital infrastructure. While recovery efforts are underway, the incident underscores the need for robust cybersecurity measures and contingency planning to mitigate the effects of such disruptions in the future. As businesses and governments work together to restore normalcy, the lessons learned from this incident will likely drive significant changes in how cybersecurity is approached and managed globally.