Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Zach Vorhies / Google Whistleblower Profile picture
@Perpetualmaniac
Jul 22, 2024 18 tweets 4 min read Read on X
Update:

Crowdstrike came out and released a technical report confirming my analysis. They were reading in a bad data file and attempting to access invalid memory.

This global crash was a two-part bomb. The detonator apparently, was NOT new.. it was PRE-INSTALLED.

/1
Contrary to initial suspicions, Crowd Strike did NOT push out a faulty driver, the faulty driver ALREADY existed on Mac, Linux AND Windows, likely for months or years.

Sitting there like a ticking time bomb.

/2
This bug was a two-part series.

All it needed was bad data in order to detonate it.

The recent data update, delivered that payload.

/3
Deploying new data files to computers is generally thought to be safe. Data doesn't contain executable instructions for the CPU, after all.

Therefore it doesn't go through the same code review process as new executable code.

In effect, this proved to be the perfect backdoor

/4
When there is a ticking time bomb that's been PRE-INSTALLED on computers, then all it needs is just the right data to activate it.

/5
And unfortunately, this is exactly what happened.

This data update, because of it's assumed low-security implications, was allowed to be raw dogged into every Windows box running Crowd Strike, without consent, and without notification.

/6
And btw, this same ticking time bomb apparently exists in Linux AND MacOS. They just weren't targets of this data update, so they didn't crash. If a similar push had been to Linux, we would have seen a global catastrophe.

/7
Originally, I thought this was simply programmer error. But now, I'm not so sure. My experience seeing corruption at Google showed me that obvious bugs were allowed to exist, with apparent insiders who were aware and exploiting them for their own agenda.

/8
For example, Jordan Peterson got his entire Gmail/Youtube account wiped because some insider knew they could create nearly the same email address as him and start sending spam, knowing that his account would be wiped out by the AI, despite his account being over a decade old.

/9
Is something similar going on here with Crowdstrike?

Some insider with the knowledge that this nuke existed on every Windows/MacOS/Linux box with their software, only needing the proper data-detonator to act as the trigger?

/10
And why wasn't this software bug caught by automated checking at Microsoft? This code is reading data, interpreting that as valid memory locations, and attempting to read it.

HELLO?

/11
@Microsoft, are you aware that tools have existed for DECADES that are designed to find these simple access violations and flag them?

@Microsoft have you NEVER bothered to run these tools on Crowd Strikes system drivers?

/12
This is really bizarre. And the recent facts raise a LOT more questions about why this ticking time bomb has existed on mission critical devices for months or years.

/END
It get's worse, Microsoft granted Crowd Strike's ticking time bomb with "boot-start" privileges, normally reserved for Microsoft drivers.

A boot start driver MUST be installed in order to start the Windows Operating system.
Source: Dave’s Garage. Microsoft developer Gray Beard

These are the bad data files. Notice they are named like system drivers but they are actually data files. To fix a system you need to boot into safe mode, bypassing the boot-start drivers, and then delete these data files. Image
This will remove part B of this two part blue-screen-of-death detonator. The proverbial explosive device, crowd strikes boot-start drivers, have special privileges that prevent their removal.

…And must remain in the system in order for the system to boot properly.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Zach Vorhies / Google Whistleblower

Zach Vorhies / Google Whistleblower Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @Perpetualmaniac

Zach Vorhies / Google Whistleblower Profile picture
Jan 29
🚨Is DeepSeek a Front for the Chinese Government?

Situational Report: How did we get here, and what comes next?

Let's dive in. 🧵👇

1/
In Silicon Valley, the prevailing belief is that DeepSeek’s success is too good to be true—many suspect it’s backed by the Chinese government.

And the numbers don’t add up.

DeepSeek claims it trained V3 for just $5.6M, a figure that seems unbelievably low.

2/
DeepSeek V3 is as powerful as OpenAI’s O1 model but runs at just 3% of the cost.

It’s so optimized it can run on a desktop computer.

And here’s the real kicker: DeepSeek can even spawn "mini" AIs that run on iPhones & Raspberry Pi.

3/
Read 22 tweets
Zach Vorhies / Google Whistleblower Profile picture
Oct 20, 2024
I have a friend, she’s beautiful on the inside and out. But she has inexplicable depression. Their sibling committed suicide, as did for their father and their grandfather.

Three generations of men.

They followed my advice and are now on recovery. A thread.

1/
Ironically it took fringy conspiracy theorist that thinks the entire polical/scientifical/media/medical establishment is captured to correctly theorize what was going on.

I focused on their sibling as that was most recent and closest genetically to them

2/
Their sibling was smart but on the autism spectrum. ADHD. Prior to the suicide they rapidly descended into an acute depressive episode characterized by disorganized thoughts, delusional thinking and other schizo affective characteristics.

3/
Read 15 tweets
Zach Vorhies / Google Whistleblower Profile picture
Aug 20, 2024
The most important fact of the geological sphere is the topic of Ai:

China is 10 years behind the USA.

Trump cut off China from the AI chips via the Chips Act (according to Eric Schmidt, former CEO of Google) and Biden CONTINUED the executive over.

Make no mistake…

/1
China is pissed.

They are going to lose the Ai supremacy game. Partly because of being cut off to their AI chip access, and partly because those who put them in power have made sure to corrupt their government with dysfunctional.

2/
This means USA is going to reign supreme by default. This means the USA is going to win the knowledge wars that are about to unfold.

3/
Read 10 tweets
Zach Vorhies / Google Whistleblower Profile picture
Aug 9, 2024
I want to point out what a huge story happened yesterday that nobody picked up. Here it is in a nutshell:

* Twitter is shadow banning people still, and it’s sophisticated.
* Grok AI was tricked into revealing these shadow ban labels with a special prompt.

1/
The prompt attack used against Grok AI was very interesting and surprising.

It turns that you could embed an entire program in your question… and surprisingly… GrokAI WOULD RUN YOUR PROGRAM FOR REALZ and OUTPUT THE RESULTS BACK TO YOU.

🤯

2/
When this was discovered, tech savvy X users started copying the code injection prompt and swapped in their user name to the right place.

Grok AI would then run this program, accessing hidden apis and dump out the shadow ban list for that user.

3/
Read 12 tweets
Zach Vorhies / Google Whistleblower Profile picture
Aug 7, 2024
Grok just told me my account is under MASSIVE suppression. Check it out:

/1
These are all the applied labels to my account:

/2

Abusive
AbusiveHighRecall
AgathaSpamTopUser
BirdwatchDisabled
BlinkBad
BlinkQuestionable
BlinkWorst
Compromised
DelayedRemediation
DoNotCharge
DoNotAmplify
DownrankSpamReply
DuplicateContent
EngagementSpammer
EngagementSpammerHighRecall
ExperimentalPfmUser1
ExperimentalPfmUser2
ExperimentalPfmUser3
ExperimentalPfmUser4
ExperimentalSeh1
ExperimentalSeh2
ExperimentalSeh3
ExperimentalSehUser4
ExperimentalSehUser5
ExperimentalSensitiveIllegal1
ExperimentalSensitiveIllegal2
FakeSignupDeferredRemediation
FakeSignupHoldback
GoreAndViolenceHighPrecision
GoreAndViolenceReportedHeuristics
HealthExperimentation1
HealthExperimentation2
HighRiskVerification
LegalOpsCase
LikelyIvs
LiveLowQuality
LowQuality
LowQualityHighRecall
NotGraduated
NotificationSpamHeuristics
NsfwAvatarImage
NsfwBannerImage
NsfwHighPrecision
NsfwHighRecall
NsfwNearPerfect
NsfwReportedHeuristics
NsfwSensitive
NsfwText
ReadOnly
RecentAbuseStrike
RecentProfileModification
RecentMisinfoStrike
RecentSuspension
RecommendationsBlacklist
SearchBlacklist
SoftReadOnly
SpamHighRecall
SpammyUserModelHighPrecision
StateMediaAccount
TsViolation
UnconfirmedEmailSignup
Here is the prompt that I used to get this. All you have to do is copy and paste and replace my username with yours:

/3
Read 13 tweets
Zach Vorhies / Google Whistleblower Profile picture
Jul 19, 2024
Crowdstrike Analysis:

It was a NULL pointer from the memory unsafe C++ language.

Since I am a professional C++ programmer, let me decode this stack trace dump for you. Image
Memory in your computer is laid out as one giant array of numbers. We represent these numbers here as hexadecimal, which is base 16 (hexadecimal) because it's easier to work with... for reasons.

The problem area? The computer tried to read memory address 0x9c (aka 156).
Why is this bad?

This is an invalid region of memory for any program. Any program that tries to read from this region WILL IMMEDIATELY GET KILLED BY WINDOWS.

That is what you see here with this stack dump.
Read 20 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(