CrowdStrike's impact on aviation

Original Article ↗ Hacker News Discussion ↗

Delta vs. other airlines’ recovery

  • Multiple comments say Delta’s crew-tracking / crew-scheduling tools were hit hard and couldn’t process the flood of changes after the outage, delaying recovery.
  • Others note Delta’s hub‑and‑spoke model, FAA duty‑time limits, and East Coast timing (less time before morning peak) made catching up harder.
  • Some argue Delta cancelled flights aggressively while others mostly delayed, leaving Delta with planes and crews badly out of position.
  • A quoted Reddit analysis (endorsed by several) claims United and American had better‑rehearsed DR/continuity plans, while Delta had over‑outsourced IT and under‑invested in DR.

Crew scheduling complexity

  • Once scheduling is down, airlines “borrow” crews across flights, which cascades into legal‑hours and positioning problems over days.
  • Recovery sometimes requires a deliberate “reset”: cancel many flights, manually re‑reconcile crew locations/hours, then restart.

Windows 3.1 / Southwest and legacy systems

  • The viral claim that Southwest runs Windows 3.1 is repeatedly debunked; it originated from a joking tweet and misread articles.
  • Southwest’s internal tools are described as looking like Windows 95‑era UI, not running on such OSes.
  • Broader point: huge amounts of critical infrastructure (airlines, telecom, hospitals, industrial control, transit) run very old software/OSes (XP, mainframes, AS/400, etc.) because “if it ain’t broke, don’t fix it.”

CrowdStrike, monoculture, and DR

  • Core issue is a faulty CrowdStrike update to Windows kernel‑level components; Linux and mainframe “prod” often stayed up while Windows “corp” environments were wrecked.
  • Some argue real DR must not share identical failure modes (e.g., same agent on primary and DR). Others counter that you can’t be resilient to every scenario, and diversity increases operational complexity and attack surface.
  • Ideas floated: cold/rotated DR systems, more heterogeneity, and not auto‑updating early‑boot kernel modules.

Air-gaps, critical systems, and EDR

  • Debate over whether production/OT and 911/CAD endpoints should be internet‑connected or run general‑purpose OSes with EDR.
  • Practitioners describe partial segmentation (separate VLANs/PCs) but note regulatory mandates (e.g., law‑enforcement standards) and vendor moves toward cloud APIs push systems online anyway.

Liability, contracts, and lawsuits

  • CrowdStrike’s terms explicitly disclaim use in aircraft navigation, air‑traffic control, life‑support, etc., and deny fault‑tolerance.
  • Several note similar boilerplate exists in many OS/software EULAs; big customers often negotiate custom terms or MSAs.
  • Discussion that lawsuits against CrowdStrike/Microsoft may be limited by waivers and by airlines’ own DR failures.

Media, misinformation, and trust

  • Strong criticism of tech and mainstream outlets for repeating the Southwest/Windows 3.1 myth and generally misframing the incident as “a Windows problem.”
  • Thread uses this as an example of “information laundering” and source‑laundering: weak claims echoed up the media chain and even onto Wikipedia.