It's 11 to two RNZ national Time for Tech. Tuesday I'm joined by Dan Watson, who's head of Vertech IT services, and as I understand, three weeks into dry July. How are you getting on Dan?
Daniel Watson (01:39):
Oh, mate, I'm sleeping very well. Lost a little bit of weight. Oh, that's cool. Good or bad myself.
Jesse Mulligan (01:46):
It doesn't just drop off after a couple of days, but after a few weeks, all those extra calories your body starts noticing.
Daniel Watson (01:55):
Yeah. But then I've also been working out quite a bit, so it's not so much of a weight loss, but weight redistribution, so that's good.
Jesse Mulligan (02:05):
Oh, you're making the rest of us feel bad now you're telling me off here you had a couple of golden tickets bought for you. What's that all about?
Daniel Watson (02:12):
Oh, it turns out that if you're doing the whole fundraising through the dry July website, if somebody wants you to attend a special occasion, they can buy you a golden ticket by throwing in a donation of a certain minimum amount and then you've got the night off
Jesse Mulligan (02:27):
A bit. Gives a spread of dry July. I feel like if I knew there was a way around it, way of weaseling my way out of it, then that might be the undoing of me. But it works okay.
Daniel Watson (02:39):
Oh yeah. I mean,
Jesse Mulligan (02:41):
Not to compare you to a weasel, Dan.
Daniel Watson (02:43):
Not, I mean, yeah, mustalids are horrible. All things not quite keen on killing them for me had it was one for the quiz night fundraiser for the community hall there, so it was for a good cause. Plus it was a really great night out
Jesse Mulligan (03:06):
Not to see you with a bottle of 15, can't social, not just you with a bottle of $15 red wine at home thinking. Well, that's kind of a special occasion.
Daniel Watson (03:13):
Not at all. No, no.
Jesse Mulligan (03:16):
Hey, good for you. You've only got a week to go. Well done, mate. I thought of you last week when they were like, there's been a global IT disaster involving a particular sort of software on everyone's computers. And I thought, I hope this isn't a boutique, it caused problem otherwise Dan will be having a very bad weekend.
Daniel Watson (03:36):
Oh, me too, me too. My phone, I've got a peer group and it's mostly Aussie IT business owners. And I was driving along trying to have a chat with the wife and they listened to the radio in the car and heading off to date night and the notifications going, Bing, bing, bing, bing, b bing. Oh gosh, I should look at that later. Anyway, just muted it. When I did have a look at it was like, oh, oh, this is big. And I was like, well, okay, I'm glad that I get to stand by the sidelines on this because we're not a partner of that particular company, CrowdStrike, and we get to stand on the sidelines and watch that all happen. But it was quite interesting.
Jesse Mulligan (04:23):
Yeah, I don't imagine there was much chardon. It could easily have happened to you, I guess, and you'd be thinking about not just the people in charge of fixing it, but all the people who've run into problems with their own businesses, they rely on it. Can you explain to us in simple terms what happened?
Daniel Watson (04:42):
Okay, so CrowdStrike is quite a successful company. They are providing endpoint security or more than half of the fortune thousand in the states. So that's a lot
Jesse Mulligan (04:59):
Of, what's that term? Endpoint security?
Daniel Watson (05:02):
Yeah, I think antivirus. But theirs is kind the really top shelf type stuff now. So that's on, that's why when things went wrong, it affected so many name brands that you are aware of out there, which otherwise probably a smaller company, which probably wouldn't, wouldn't have had such a large impact. But some of these fortune thousand companies have got tens of thousands of computers. And if it's across all of that and it was, then it has a major impact.
Jesse Mulligan (05:41):
And just for people who didn't see the news story, so the flight's canceled. I was following a guy on Twitter who was trying to check into his hotel in Vegas and they couldn't make electronic room keys, so they were going to have to walk everybody back and forward between their rooms, which you can imagine in a thousand room hotel wasn't really going to work particularly well. And that's just a taste of it that fpos was down and I think Woolworth's self-service were down for a while. So it was major real life stuff.
Daniel Watson (06:09):
Oh, very significant. And it did bring to light that I think every business is probably needs to have a bit of a think, do I have some manual processes that are workable? Do I have a good business continuity and DR plan and some incident response procedures. I know we've been talking about it yesterday and today, and isn't nothing particularly wrong with this company, CrowdStrike. It was an internal coding area that unfortunately got pushed out to a large number of computers. Now they'll be having some soul searching themselves and they're being punished through their share price. But if we were to avoid a company that's ever had an issue like that, that we wouldn't be too many we could be dealing with.
Jesse Mulligan (06:59):
Interesting. You talk about
Daniel Watson (07:00):
Wherever you can
Jesse Mulligan (07:02):
A plan B as well. We had this breaking news came through on my phone. I said to Victoria, how decent John's been reduced to using VHF radio and writing things down. She's like, that's terrible. And I said, in a way it's kind of cool that they have that plan, that they have an agreed way that they'll communicate if digital goes down.
Daniel Watson (07:22):
That's right. I mean they still have ambulances and they can still function. There's always going to be businesses where there isn't a workable plan just because of the scale. But for most of us there's ways around things that we can work with. The actual error itself was like a really tiny thing because this antivirus program, in order to successfully protect computers against the kind of threats that can attack a computer needed really, really low level access to the operating system and what's called the kernel at the very core of the seed as it were, of the operating system. And the kernel is the layer of the operating system that sits between the applications that you see in front of you of your computer and the silicon underneath, which is actually doing all the logic using voltage changes. So every application has to go through the kernel to get to the memory and the CPU and the discs, which are doing the ones and zeros and one little file had a line in it that reference in an invalid memory address. So when the program was running and as the computer reads that one particular line and tries to do that, one thing that's illegal, the computer goes, falls over dead reboots. And unfortunately because it was a really low level driver, as soon as the system is booting up and it loads that thing, then it's going to crash even before you get to the login screen type of thing.
(09:22):
And the reason why it only affected Windows computers is because Macintosh doesn't allow access to any third parties to its kernel. It's a very closed system. And Microsoft only does it because in 2009, there was an EU antitrust law decision handed down that said, well, in order to maintain competition in the marketplace, Microsoft, you've got to give out access to this thing. You can't be the only people providing it. And there's that whole thing about eggs in one basket. Competition is actually generally quite good for the consumer because, I dunno if you've noticed that Maxs are a bit more expensive than windows. Those computers on the whole, and they don't do backward compatibility at all the two different mindsets as the way technology has been handled there.
Jesse Mulligan (10:18):
So almost out of time, Dan, what have you learned from this? I'm not saying that you're the one with the lesson to learn, but from the sidelines, have you learned anything?
Daniel Watson (10:30):
Well, as I mentioned before, having a look at what we are doing, if that was to happen to us, these insurance impacts behind that. And as far as I can tell, that almost comes under the acts of God or other exclusions such as network failures and cyber risk policies. The other thing was is that, of course, this is just another thing that the scammers and cyber criminals rapidly took advantage of because within hours of this getting out there, dodgy domains were registered, phishing sites were set up, there was malware being sold as the fix for the problem. There was all sorts of ripoff artists going at it. So maybe there's nothing new under the sun in that respect. It's just a case that sometimes when people are having a bad day, there's no need, need to scream and shout at them because they're already having a, if it's a monumentally bad day like this, everybody needs a bit of kindness say and to always try and help where you can.
Jesse Mulligan (11:39):
And just at a really simple level, how does a faulty line of code end up being pushed to almost every computer in the world? Like heard a double checking.
Daniel Watson (11:50):
Yeah, that is a good question, but I think we're all asking that.
Jesse Mulligan (11:54):
One. Great to chat to you, Dan. Glad it didn't happen to you. And thanks very much for talking us through this big CrowdStrike failure over the weekend.
Daniel Watson (12:06):
Yes, let's hope the week
Jesse Mulligan (12:08):
Gets better. Dan Watson Vertech IT services. That's Tech Tuesday, I just got a text from someone. I am a coder. OMG could so easily have happened to me.