THE GLOBAL IT OUTAGE YOU WITNESSED WAS NOT AN ACCIDENT!
IMPORTANT! The purpose of this thread is to explain non-IT and to non information/cyber security professionals why I believe the outage you are seeing around the world due to the update from #Crowdstrike is not an accident.
Before we begin - introduction.
Hi everyone. My name is Ehden Biber. I'm known as the person behind #PfizerLeak, and most of my writing here on X/Twitter has been on ph@rma related topics. HOWEVER, my professional work has been information security and cybersecurity.
My credentials include:
· Head of information security in Metro Bank (UK).
· Merck/MSD Information security office for Europe, Middle East and Africa (EMEA).
· Consultant to insurance and financial institutes.

The opinion you are about to read is based on YEARS of experience.
Let's start with what we have - HUGE number of systems around the world has crashed because of a deployment of an update to a software that was installed on them, that came from a company called Crowdstrike, making them display the infamous Blue Screen of Death (BSoD).
How can a software kill your computer? Simple: most software run in a restrictive mode, meaning the system allow them to run in an environment on your computer and is restricting its access to the real resources of the computer. There are, however, some exceptions.
Drivers are a type of software that run in a highly unrestricted mode. It needs to, because drivers, or example for your screen display, needs to have access to the hardware to operate correctly.
Antimalware/antivirus/antispyware also run in such a way. Why? Because they need to inspect other software on your computer, and thus they run in what is known as privilege mode. If a code that runs in a privilege mode is not written correctly, it can crash your computer.
Since the threats that a modern computer which is connected to the internet is constantly evolving, modern antimalware/antivirus/antispyware manufacturers needed to develop a mechanism that allows them to develop, TEST, and distribute such code, which brings us to DevOps.
DevOps is a set of practices, tools, and cultural philosophies that aim to automate and integrate the processes of software development (Dev) and IT operations (Ops). Its primary goal is to shorten the systems development lifecycle and provide continuous delivery w/high quality.
In traditional software development methods, any update which is being released must be tested by a Quality Assurance (QA) team, and then after the QA team submit their results, they are being reviewed by change management committee who decide whether to deploy the update.
DevOps is an attempt to industrialize and automate the process using technology, so that rapid changes can be developed and installed, and a whole set of platforms have been developed over the years to allow such thing to occur, which brings us to SecOps.
ALL software can lead to unwanted results, to issues related to the confidentiality, integrity, availability, or authenticity of information. Thus, the role of security is to manage these risks. In parallel to the development of DevOps, a new approach to security was formed.
SecOps, or Security Operations, is a discipline within information security that focuses on maintaining and improving the security posture of an organization through continuous monitoring, proactive threat hunting, incident response, and security infrastructure management.
DevOps aims to streamline & accelerate the software development lifecycle (SDLC) by fostering development (Dev) & operations (Ops) teams' collaboration. SecOps aims to integrate security practices into IT operations, ensuring security is maintained throughout the IT lifecycle.
BACK TO CROWDSTRIKE.
Let's focus on a cybersecurity company who has a product that protect computers.
How does security look like in a modern software company? Multiple technologies are being used to automate what in the past took A LOT of time and effort.
Let's say a new threat has been discovered: a script was identified as having the capacity (if run on someone's computer) to give administrative rights to download and install from the internet a malicious code that will allow an attacker to gain control over your computer.
If your company is in the business of protecting systems, you want to make sure that the computers which uses your code to protect their assets will not be vulnerable to that threat.
How would you do it in a way that would be efficient? You write a code that identify the script!
In a DevOps/SecOps environment you submit that update (change), and it passes an automated process that checks for the quality of the change. What does it mean? The automated process takes your code and run it to validate it works correctly!
How do you check such code? You run the update on MULTIPLE systems and based on the results you decide if it works or not!
In other words: you run your update vs A LOT of systems which have your software deployed on, AND YOU TEST YOUR CODE DOES NOT BREAK THE SYSTEM!
Obviously, you will check for more things, but this is THE MOST BASIC THING YOU DO, ESPECIALLY WHEN YOUR CODE IS RUNNING AS A DRIVER ON A COMPUTER SYSTEM!

After your code is tested, you add another layer of protection by performing something called singing your code (or change).
What is signing? Signing is part of cryptography, which is the practice and study of techniques for securing communication and information from adversaries. A digital signature provides authenticity the same way your handwritten signature is used a proof of your authenticity.
Since you do not want your software update mechanism to be hijacked by adversaries (threat agents) you use something called digital signature to make sure that it will ONLY update a code that was signed by your company, and you protect the method of signing!
THIS IS HOW EVERY MODERN COMPANY IN THE WORLD WHO DEVELOP CODE, ESPECIALLY IN THE DOMAIN OF SECURITY, WORLD ACT.

In most cases this is an automated process that takes place after the results of the Quality Assurance process were successful.

Which brings us back to #Crowdstrike!
THERE IS NO WAY ON EARTH THAT THIS UPDATE FROM CROWDSTRIKE HAS PASSED QUALITY ASSURANCE TESTS, AND THERE IS NO WAY ON EARTH SUCH A BAD CODE THAT MUST HAVE CRASHED SO MANY SYSTEMS IN QA PHASE WOULD HAVE BEEN SIGNED … UNLESS SOMEON WANTED TO KILL A LOT OF SYSTEMS AND DO IT FAST!
Why would anyone want to cause such outbreak of so many computer systems? BECAUSE WHEN A COMPUTER SYSTEM CRASHES, IT CAN LEAD TO LOSS OF DATA. Who will want data/information to be lost? People who want to hide things they did. Who want to hide things they did? CRIMINALS!
Can you think of ANY criminal activity that took place in the last week which was SO BIG that could have altered the faith of the world? I'M SURE YOU CAN!

So, if you were behind this criminal activity, and needed to erase evidence, WHAT COULD YOU DO?

THE ANSWER IS ABOVE!
To summarize:
To those who asks: what would they achieve by crashing the systems and how can they delete evidence, here's a plausible explanation:
#Crowdstrike was established in 2011. Over the years I've attended many, MANY talks of people who work in the company and are considered to be subject matters expert in their field of cybersecurity.
The notion that this company f***ed up by mistake has a simply an insult. NO WAY!
IF threat agents conspired to kill a US president, and just a few days later another non imaginable security event occurs, since digital data represents a large part of the data generated in the world, don't you find it HIGHLY PLAUSIBLE that these two are related?
We leave digital traces everywhere, and since the picture that came from the crime scene does not make sense, we must take into account that the most plausible action these threat actors would take is to make these traces disappear.
This is the reality we live in right now.
My purpose of writing this thread is to try to help people grasp the reality we live in. All technologies are double-edged sword. It can bring good into our lives, and if used against us can drag us to the pit of endless despair.
It's all up to us.
Trust god, serve truth w/love.
I'M NOT INTO CONSPIRACIES. I'M INTO CONFIDENCES. When two events which are considered highly unlikely take place one after another, I find great interest in this confidence, as I find great interest in evaluating what is the possibility it was not a coincidence. Here? HIGH.
@0xChooseLambo That doesn't end there. There would be external organizations that would audit these companies for you, and I would spend many hours speaking what them. I take risk management seriously, and #Crowdstrike had the money to hire really good people to automate the process.
@0xChooseLambo It doesn't end there. Changed to the the process that practically "run" different calls that include a creation or use of multiple virtual machines to validate quality. You test the code including using code quality scan. Let's say it misses. That could be.
@0xChooseLambo However the next phase when you test the update is where I don't buy it. Crowdstrike knows well the impact of a failed driver. It's there in their risk management team. I can assure you. It's a huge risk, and the way to manage it is by controlling the quality of automation & QA.
@0xChooseLambo Allow me to guess, inside #Crowdstrike, it was described as a low probability, high impact event. Low because security was automated as part of the release cycle. That is how modern code is being created. Cybersecurity teams rely on DevOps and SecOps, if not they are corrupted.
@frederik_vl Here's a group of people who have actively showed in court their wishes that data that supposed to be owned by the citizens of the US who were told these products were safe and effective should be hidden for years. In this case why allow court to dictate if anyone sees it? ERASE!
@uztr129872 @0x0Fuck There is HUGE AMOUNT OF MONEY in government contracts, and there is a collusion between the state and high tech. Again, are you aware of it, or do you still lives in the la-la-land of mainstream media which is owned by the big state, like #Crowdstrike.
WAKE UP, SMELL the Coffee!
@drunicusrex @0merskywalker I assure you that as part of the risk assessment done long time before this incident has happened the risk department has identified such risk and in order to manage the risk they demanded to integrate added requirements as part of the design of the pipeline. That's how we work.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Ehden (#PfizerLeak/#MonkeyBusiness/#COptiGate) 🌟

Ehden (#PfizerLeak/#MonkeyBusiness/#COptiGate) 🌟 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @eh_den

Jun 3
"MEDICAL GENETICS…WILL BE THE SOUL OF PERCISION MEDICINE IN EVERY FIELD"
It is time to expose another member of the W.H.O. science council and her views on genomics and gene therapy (mRNA). Introducing Dr Mary-Claire King.

[Thread]
[1/7]: Image
[2/7]
Doctor Mary-Claire King is a very known geneticist who has discovered in 1990 BRCA1,which was the first gene for a hereditary form of breast cancer. She is a professor of genome sciences in the university of Washington, Seattle, USA.
medgen.uw.edu/people/mary-cl…
Image
[3/7]
Her later work was focused on the genetics of schizophrenia, she is recognized as a pioneer in the development of DNA sequencing for human rights investigations, and she is also a Senior Associate Core Member of the New York Genome Center.

nygenome.org/news-events/ne…
Image
Read 7 tweets
May 28
THE COUNCIL: INTRODUCING THE W.H.O. SCIENCE COUNCIL THAT IS ABOUT TO CONTROL YOUR LIFE.
As we approach the final stages of the #WHO coup d'état attempt, it is time to expose the group of unelected people who will control your future and their alarming agenda!
#TheCouncil
[Thread] Image
2/
In December 2023 the WHO produced a report that sets the stage to radical changes that soon will be enforced all the citizens of the world: make gene therapy (mRNA) key technology in the fight against infectious diseases, cancer, and combat any resistance to such technologies. Image
3/
It called to develop new gene therapy treatments against pathogens, promote investment in "equitable" development of the technology, use it as THE medical countermeasure mechanism to tackle pandemic threats, and to combat any resistance to the technology ("misinformation").

Image
Image
Image
Read 43 tweets
May 18
@robinmonotti 1) He uses the exaggerated Hamas dataset.
2) He uses a definition of children for anyone under 18 years old.
3) He say Palestinians were expelled in 1948, but don't mention many left because Arab nations told them to so they can butcher Jews in the war they started.
More below.
@robinmonotti 4) He compare the number of children who died to the sum total of children died 3 years before. He does not compare it to the number of children who died in other conflicts IN THE REGION, such as in Syria. That like comparing apples and pears.
More below.
@robinmonotti 5) The definition of who is a Palestinian by the UN is ANYONE WHO LIVED IN THE MANDATED PALESTINE FOR TWO YEARS prior to June 1848! No ancestors required!
This also made Egyptians who escaped Egypt not to become work slave in the creation of the Suez canal into Palestinians. Image
Read 4 tweets
May 6
THE AZ STUDY: Why did AZ asked to withdraw their EUA marketing authorisation approval, and how come you didn't hear about it?
Short answer: BECAUSE THEIR LONG TERM SAFETY STUDY SHOWN THAT THEIR COV!D19 SH0TS K!LLED AND HARMED PEOPLE.
Long answer: READ THE THREAD!
#TheAZStudy
1/
Image
Image
2/
As you might have heard, AstraZeneca ASKED in March 2024 to have their COV!D19 SH0TS product approval withdrawn from Europe's EMA. It was not the European Union (EMA) who decided to withdraw their approval due to the damage they caused people. BUT WHY?

ec.europa.eu/health/documen…
Image
3/
To understand what happened, let's start with a QUICK, SHORT reminder (the following 3 posts) before we will go into the details.
I promise you it's worth reading!

29 JANUARY 2021: EMA recommends COVID-19 Vaccine AstraZeneca for authorisation in the EU
ema.europa.eu/en/news/ema-re…
Read 19 tweets
May 1
MURDER, THEY PLANNED.
The mechanism in which the spike protein impacts the mitochondria, and how it leads to myocarditis, heart attacks, cancer, and neurological disorders such as face paralysis, Alzheimer and Parkinson's disease.
Highlights from my latest article.
[THREAD]
1/ Image
2/
In order to encode proteins (including the spike protein), the cells are using a mechanism called tRNA so that the ribosome could translate the mRNA sequence to a protein (or more correctly, to translate each codon to an amino acid).
3/
tRNAs acquire their specific amino acids through a process known as aminoacylation, facilitated by specialized enzymes called Aminoacyl tRNA Synthetases (AARS). The process is fuelled by the energy derived from Adenosine Triphosphate (ATP), created by the mitochondria.
Read 18 tweets
Dec 26, 2023
THE PFIZER LAB: THE GAZA WAR EDITION.
[THREAD]
#Pfizer is AGAIN using Israelis as a laboratory rats to test its products, AGAIN the Israeli ministry of health and Israeli doctors are taking part and AGAIN patients are not being informed that they are lab rats.
#Fosmanogepix Image
2/
My 1st tweet included a translation from Hebrew of a tweet that was posted today by @MaytalYasur, the health correspondent of an Israeli newspaper called @israelhayomheb.
#Fosmanogepix
3/
This "report" is a follow-up of what was reported by Israeli TV channel @kann_news's health "reporter" @kettydor, who stated that an Israeli soldier has died from an infection that was caused by fungus that is found in Gaza two weeks ago.
#Fosmanogepix
Read 21 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(