Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Your IT wizard is probably wrong. There is a fix that involves booting into safe mode and deleting a file.

Unless you have an encrypted file system this should be a relatively trivial fix.



Machinery shipped to users usually do not allow for the users of the machinery to "boot into safemode". Thank John Deere and the anti-"Right to Repair" crowd for that.


I doubt it was shipped from the factory with CrowdStrike, and if they had enough access to install it, they have enough access to fix it.


These things are "cost optimized" and don't feature the kind of remote management iDRAC/openBMC/piKVM that would allow it to be remotely fixed. Embedded windows connected to the internet is super ***.


You can doubt, but you literally don’t know.


CNCs might not allow direct Windows access for end-users and require on-premise support from the manufacturer. Our cnc can be remotely serviced… if Windows boots.


So the CNC manufacturers pay for crowdstrike licenses? That's crazy


Yes because compliance requirements say “EDR must be installed on all machines”.


Out of curiosity, what set of requirements would that be for?


SOC2, PCI, FedRAMP, cyber insurance. Just about any cybersecurity related compliance will have "All machines must have EDR."


I’ve seen comments mention banking, or privacy references maybe when handling SSN and birthdates together (airports, hospitals?).


They probably have to due to CrowdStrike lobbying and fear-mongering requirements for their kind of software into export-controlled hardware.


If you’ve got physical access to the machine it’s your machine. All you need is a USB port.

I’d expect that the manufacturer puts out their own fix which basically copies crowdstrikes suggestion. I’d even suspect it by the end of the day today.

The fix is really simple, and luckily also very simple to automate. It’s going to be a lot of running around for IT staff (if deputized helpers!) but this should all be over by the weekend.


> If you’ve got physical access to the machine it’s your machine. All you need is a USB port.

You're a few years out of date here. Physical access is not the end like it used to be. We live in an era of hardware-backed anti-tamper and signed loaders/kernels.

If you have a way around it, I suggest you start reaching out these companies because you could make a lot of money.


Fair enough and I've been out of IT for a while. I wish I was still in it though, I'd love to be working on this!


No it really is not. If you have a service contract, you do not touch it.


Nobody is going to try physically tampering with the HMI attached to their 50k$+ machine when you have a support contract indeed




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: