XenTegra - IGEL Weekly

IGEL Weekly: How to recover Blue screened Windows endpoints to IGEL OS

XenTegra Season 1 Episode 97


IGEL helps companies to quickly recover, whenever productive work comes to a halt due to an IT outage.

IGEL offers a secure read-only lightweight Linux Operating System allowing you to convert existing PC’s to IGEL OS or boot from USB (thus not affecting the existing Operating System or data) whilst in a Disaster Recovery situation, allowing users to connect to services such as VDI, DaaS and\or WEB and SaaS applications.

In a DR scenario IGEL OS will work without the need for management infrastructure to be setup and configured, simply boot to IGEL OS, download evaluation licenses for 90 days; install any client applications you require to connect to your VDI, DaaS and\or WEB and SaaS applications and get your users back up and running FAST.

This may also have the advantage of granting the IT team breathing space whilst they continue to troubleshoot any ongoing outages.

Host: Andy Whiteside
Co-host: Chris Feeney

WEBVTT

1
00:00:02.310 --> 00:00:28.040
Andy Whiteside: Hello, everyone! Welcome to Episode 97 of Igel Weekly. I'm your host for this one, Andy Whiteside, hopefully. Well, not hopefully. I know Barry Brown and his team are doing some of the community versions of this. But this is our more corporate version. Where we talk about the you know the blogs that Igel puts out, and we've got a we've got a very hot topic for today that Chris Feeney, who's with me here, is gonna help me cover and we can go super deep, or we can go super wide, or we can do a little above Chris. How's it going.

2
00:00:28.510 --> 00:00:31.587
Chris Feeney: Going. Well, Andy, it's always a pleasure to get with you, and

3
00:00:33.000 --> 00:00:37.210
Chris Feeney: what a time to be alive. I mean.

4
00:00:37.840 --> 00:00:50.910
Chris Feeney: it's an interesting world we live in some of those things we'll talk about today. We've been talking about for quite a while, anyway. So it's not necessarily new, but it's new from a different angle that I don't think any of us ever thought

5
00:00:51.220 --> 00:00:53.859
Chris Feeney: would happen. But but yeah.

6
00:00:53.860 --> 00:01:21.090
Andy Whiteside: Well, you know what, Chris, it it happens all the time, and here's what I mean. It happens to the common user all day every day. Here's the blog is from July 19th is from Andy Prior, I think, must be on on the igl team somewhere or somewhere in the ecosystem, and the title of this blog is, Don't use windows unless you have to use windows. Microsoft Windows. Oh, wait a minute. That's not the title. The title is how to recover blue screens, windows, endpoints using the Igeos. Chris.

7
00:01:21.290 --> 00:01:35.789
Andy Whiteside: I know we're gonna talk about the thing that happened. And we're gonna talk about your vacation, and we're gonna talk about airline madness associated with the crowd. Strike security patch that went out roughly. 5 or 6 days ago. But Chris, true or false.

8
00:01:36.200 --> 00:01:37.260
Andy Whiteside: for the last

9
00:01:37.300 --> 00:01:44.420
Andy Whiteside: 3 or 4 years, however long you've been at eye. Gel, you have gone to airports and seen blue screens of death at Airport, commonly.

10
00:01:45.720 --> 00:01:48.680
Chris Feeney: Definitely, not every time, but definitely I've seen them. Yes.

11
00:01:48.680 --> 00:01:57.379
Andy Whiteside: So this thing we're gonna talk about today has been happening for a long time. And people have just been okay with it until

12
00:01:57.510 --> 00:01:59.279
Andy Whiteside: it happened bad enough

13
00:01:59.620 --> 00:02:03.949
Andy Whiteside: where it's now caused issues, and people are upset about it right now.

14
00:02:05.400 --> 00:02:07.439
Andy Whiteside: But they'll forget about it in 3 months.

15
00:02:07.800 --> 00:02:11.209
Andy Whiteside: and we'll be back to business as usual. Don't forget about it in 2 weeks.

16
00:02:11.270 --> 00:02:12.850
Andy Whiteside: Business as usual.

17
00:02:12.920 --> 00:02:15.590
Andy Whiteside: but it's going to happen again. It's like

18
00:02:15.610 --> 00:02:16.810
Andy Whiteside: pandemics

19
00:02:17.120 --> 00:02:29.440
Andy Whiteside: once in a lifetime, I hope. But viruses are common every every winter all throughout the year, even blue screens of death happen all the time. It's just we mitigate the impact hopefully.

20
00:02:29.710 --> 00:02:30.889
Andy Whiteside: This time we did.

21
00:02:31.470 --> 00:02:33.859
Chris Feeney: And well, I learned a thing about how this.

22
00:02:34.190 --> 00:02:37.759
Chris Feeney: how blue screen actually occurs. Research that

23
00:02:38.341 --> 00:02:44.649
Chris Feeney: coming back from vacation as I was seeing it happen, play out, live and and into the weekend. But

24
00:02:45.020 --> 00:02:46.070
Chris Feeney: but yeah.

25
00:02:46.070 --> 00:02:49.400
Andy Whiteside: Tell us about. Tell us about that, because a lot of people see blue screens

26
00:02:49.570 --> 00:02:52.909
Andy Whiteside: and they don't associate it with what's really happening.

27
00:02:53.860 --> 00:02:57.809
Andy Whiteside: You tell. Tell us what happens when you see a blue screen on a windows computer.

28
00:02:58.121 --> 00:03:04.979
Chris Feeney: So it really kinda understand. It's an understanding of how an operating system works. Right? So there are. You know, there's

29
00:03:05.000 --> 00:03:08.280
Chris Feeney: OS itself, and then the OS. Has a kernel

30
00:03:08.390 --> 00:03:10.890
Chris Feeney: which interoperates with the hardware.

31
00:03:11.030 --> 00:03:20.020
Chris Feeney: Igel is a Linux OS. We have a kernel that interoperates with the hardware. Then you have 3rd party applications that can run on the OS. And, generally speaking.

32
00:03:20.110 --> 00:03:23.850
Chris Feeney: those 3rd party apps should not have kernel access.

33
00:03:25.280 --> 00:03:28.639
Chris Feeney: and in the case of a blue screen.

34
00:03:29.278 --> 00:03:32.320
Chris Feeney: It's windows responding to something

35
00:03:32.380 --> 00:03:40.660
Chris Feeney: that is occurring in a kernel driver or system driver. Those require elevated privileges. And it's basically saying.

36
00:03:40.820 --> 00:03:47.759
Chris Feeney: and I, generally speaking, my, my general understanding is it was trying to call a place in memory. Yeah, reserve for this.

37
00:03:47.940 --> 00:03:54.020
Chris Feeney: you know, special privileged area and windows was like Nope, and it does what it does as a protective mechanism.

38
00:03:54.020 --> 00:04:01.149
Andy Whiteside: It's the. It's the old TV show from the sixties and same seventies. Danger, will Robertson. Danger, Will Robertson? Here's a blue screen. Stop

39
00:04:01.410 --> 00:04:02.030
Andy Whiteside: right.

40
00:04:02.030 --> 00:04:15.384
Chris Feeney: And if it's if it's not a kernel driver, then you basically the the operating system will kill the process cause it doesn't have that system. Level kernel driver sort of scenario.

41
00:04:16.170 --> 00:04:16.600
Andy Whiteside: It will.

42
00:04:16.600 --> 00:04:17.100
Chris Feeney: And.

43
00:04:17.100 --> 00:04:39.099
Andy Whiteside: Driver as software, whether it's driving hardware, whether it's software application running in this cases, maybe maybe secure security related things. And within the operating system, and and hopefully, not in the kernel. The kernel is very important and very protected. The the way I describe a kernel to someone who knows anything about biology. It's like the hypothalamus of the human being.

44
00:04:39.980 --> 00:04:40.415
Chris Feeney: Yeah.

45
00:04:40.970 --> 00:04:49.020
Chris Feeney: And if you need to know what that is, go back to 7th grade biology and read up, just do a Google search on hypothalamus. But the point is.

46
00:04:49.220 --> 00:04:54.400
Chris Feeney: the kernel is, I mean, that's sort of the foundational piece. That's the that's the stuff

47
00:04:55.050 --> 00:04:57.719
Chris Feeney: your apple iphone, your your

48
00:04:57.770 --> 00:05:04.999
Chris Feeney: you know Google Android. You know, they all have a kernel, and that interoperates with the hardware that you're running on. And that's that's

49
00:05:05.180 --> 00:05:07.070
Chris Feeney: that's just how an OS works.

50
00:05:07.070 --> 00:05:09.389
Andy Whiteside: Hey? Real quick! What is the kernel of windows? 11.

51
00:05:09.540 --> 00:05:10.380
Andy Whiteside: Cold.

52
00:05:11.120 --> 00:05:12.033
Chris Feeney: Oh, man!

53
00:05:12.490 --> 00:05:13.080
Andy Whiteside: Easy.

54
00:05:13.770 --> 00:05:17.660
Andy Whiteside: It's it's windows in T. It's the same thing that's been around since the 90 S.

55
00:05:17.790 --> 00:05:24.279
Andy Whiteside: Multi-user kernel windows. Nt versus windows. 95 and windows 98. What was the kernel for that?

56
00:05:25.950 --> 00:05:30.519
Chris Feeney: Oh, it was! Dang it! I know it cause antique was the the

57
00:05:30.700 --> 00:05:31.390
Chris Feeney: that's what.

58
00:05:31.390 --> 00:05:32.709
Andy Whiteside: Dogs. It was dogs!

59
00:05:32.710 --> 00:05:34.480
Chris Feeney: Us. You didn't miss us. Yeah.

60
00:05:34.480 --> 00:05:35.080
Andy Whiteside: Good.

61
00:05:35.690 --> 00:05:36.800
Chris Feeney: 32 bit

62
00:05:37.700 --> 00:05:38.469
Chris Feeney: didn't I mean.

63
00:05:38.470 --> 00:05:40.770
Andy Whiteside: Original. What's the original name of the Dallas operating system?

64
00:05:41.740 --> 00:05:42.340
Andy Whiteside: Toss.

65
00:05:42.340 --> 00:05:43.469
Chris Feeney: So s. 2.

66
00:05:43.470 --> 00:05:44.430
Andy Whiteside: No toss.

67
00:05:44.870 --> 00:05:45.939
Chris Feeney: Toss, interesting.

68
00:05:45.940 --> 00:05:47.510
Andy Whiteside: You know T. Stood for.

69
00:05:47.860 --> 00:05:48.520
Chris Feeney: No.

70
00:05:48.520 --> 00:05:49.300
Andy Whiteside: Trash

71
00:05:49.640 --> 00:05:51.070
Andy Whiteside: trash operating system.

72
00:05:53.250 --> 00:05:58.170
Andy Whiteside: long story there, but nonetheless dos which Microsoft got from, I think, Xerox

73
00:05:58.700 --> 00:06:00.699
Andy Whiteside: and helped Ibm with something

74
00:06:00.910 --> 00:06:10.100
Andy Whiteside: anyway. Long story there. But my, the point is the kernel. We gotta protect the kernel. Gotta protect the kernel. Our kernels today in the mainstream are 2. Linux is a kernel

75
00:06:10.474 --> 00:06:18.010
Andy Whiteside: and when and windows Nt. Is a kernel, nt. Is a kernel. Those are the 2 kernels in the x 86 world. Normally.

76
00:06:18.810 --> 00:06:19.810
Chris Feeney: Right? Yeah.

77
00:06:20.860 --> 00:06:26.060
Chris Feeney: So what's interesting here is is obviously what was unique about

78
00:06:26.480 --> 00:06:29.830
Chris Feeney: this particular situation with Crowdstrike. And

79
00:06:30.120 --> 00:06:35.370
Chris Feeney: it's it's obviously a very well known company. Lots of customers

80
00:06:35.876 --> 00:06:41.353
Chris Feeney: protecting a very well entrenched operating system out there in the world.

81
00:06:41.830 --> 00:06:44.139
Chris Feeney: From the things we talk about.

82
00:06:44.290 --> 00:06:47.389
Chris Feeney: lot of these ransomware and what ransomware tries to do. And

83
00:06:47.440 --> 00:06:53.490
Chris Feeney: you know, gain kernel, access or hardware. And so this this particular software has special privileges.

84
00:06:53.490 --> 00:06:57.590
Andy Whiteside: Can we talk about that super quick? Because you kind of you're gonna want to cover here.

85
00:06:57.690 --> 00:07:08.140
Andy Whiteside: Windows is my favorite operating system. Microsoft windows is my favorite operating system. It's what I built my career on. It's super super

86
00:07:08.380 --> 00:07:09.939
Andy Whiteside: by default.

87
00:07:10.130 --> 00:07:14.400
Andy Whiteside: coded to be unbelievably malleable and powerful.

88
00:07:15.480 --> 00:07:18.559
Andy Whiteside: which is what allows it to do so many great things.

89
00:07:19.130 --> 00:07:23.780
Andy Whiteside: It's also what allows so many people to do me so many bad things.

90
00:07:24.930 --> 00:07:27.160
Chris Feeney: Oh, yeah, yeah, absolutely. Yeah.

91
00:07:28.924 --> 00:07:31.529
Chris Feeney: And we've talked about this before.

92
00:07:31.910 --> 00:07:32.970
Chris Feeney: you know.

93
00:07:33.000 --> 00:07:41.749
Chris Feeney: Well, I I went on, Igel's been doing OS stuff for 20. Some odd years Linux has been around for just over 30. So

94
00:07:42.622 --> 00:07:44.640
Chris Feeney: but it was

95
00:07:45.150 --> 00:07:47.159
Chris Feeney: design from the ground up

96
00:07:47.360 --> 00:08:00.269
Chris Feeney: from a security perspective to a minimalist approach and a read only scenario that you could manage the devices as well from a from a scaling perspective. So just a a different approach to

97
00:08:00.380 --> 00:08:01.600
Chris Feeney: an OS.

98
00:08:02.436 --> 00:08:03.410
Chris Feeney: That was

99
00:08:03.460 --> 00:08:07.560
Chris Feeney: built for a specific purpose, you know. Accessing remote

100
00:08:08.289 --> 00:08:08.939
Chris Feeney: S.

101
00:08:08.950 --> 00:08:16.090
Chris Feeney: Or not necessarily remote all the time. But even even terminal emulators, you know, could be fine, whatever. But

102
00:08:16.797 --> 00:08:17.972
Chris Feeney: but yeah,

103
00:08:19.130 --> 00:08:24.880
Chris Feeney: But in this specific situation you've got a very powerful piece of software designed to protect

104
00:08:24.900 --> 00:08:26.799
Chris Feeney: that had a

105
00:08:26.820 --> 00:08:36.620
Chris Feeney: regular update. On that you have many updates over time. And this one particular caused an issue that unfortunately affected millions of machines.

106
00:08:36.620 --> 00:08:36.950
Andy Whiteside: So.

107
00:08:36.950 --> 00:08:37.520
Chris Feeney: Chris.

108
00:08:37.520 --> 00:08:57.979
Andy Whiteside: I wanna get back to the let's run windows where you need to run windows and everywhere else. You don't need to run it. Don't run it conversation. But I do. Wanna ask you a question because cause I don't know the answer. This, I keep meaning to listen to podcasts and try to read up on this, and I don't know if it's public knowledge yet. But what went wrong this time did was was there no change control? Was there no testing? Was there? You know, rogue

109
00:08:57.980 --> 00:09:08.129
Andy Whiteside: person that calls this. Do you know what the issue was here? Cause look, cross strikes a big boy company they've got, you know, mitigations in place to prevent this from happening. What? What went wrong.

110
00:09:09.000 --> 00:09:15.420
Chris Feeney: I haven't seen anything. I mean, maybe something's come out since the weekend. I haven't seen anything yet.

111
00:09:16.028 --> 00:09:18.520
Chris Feeney: I mean, so I can't

112
00:09:18.580 --> 00:09:25.349
Chris Feeney: definitively answer that question. It would seem that something in the Qa. Process got missed, or whatever

113
00:09:25.746 --> 00:09:34.289
Chris Feeney: somehow, where this would have been caught early before it got out the door. That would be the general operating theory, in my opinion, but I I can't say for sure exactly.

114
00:09:34.710 --> 00:09:35.920
Chris Feeney: I'm sure.

115
00:09:36.189 --> 00:09:38.349
Andy Whiteside: You hope they have some kind of canary

116
00:09:38.450 --> 00:09:43.000
Andy Whiteside: concept where they they rolled it out to a portion of the environment.

117
00:09:43.030 --> 00:09:52.430
Andy Whiteside: and they didn't try to roll it, and not the whole thing, and they didn't try to roll it out to everybody, but it feels like they roll it out to everybody like somebody told somebody, hey? I don't know. Just hit the button.

118
00:09:53.320 --> 00:09:58.109
Chris Feeney: Yeah. And I again, I I was trying to catch up on what happened. I just don't know exactly

119
00:09:58.990 --> 00:09:59.800
Chris Feeney: what

120
00:09:59.920 --> 00:10:03.350
Chris Feeney: what happened in this particular scenario

121
00:10:03.961 --> 00:10:09.310
Chris Feeney: other than the update got out and caused the obviously a large impact

122
00:10:09.370 --> 00:10:11.150
Chris Feeney: that is still being felt.

123
00:10:12.530 --> 00:10:13.390
Chris Feeney: but.

124
00:10:13.390 --> 00:10:26.849
Andy Whiteside: Let's try to revisit that on a future. Podcast. Once we know cause. I I want people to know what you know, how not to do this. I mean, this happens every day with inside corporations. It just doesn't make the news because it doesn't have as big a impact.

125
00:10:28.680 --> 00:10:30.157
Chris Feeney: Yeah, no doubt.

126
00:10:31.140 --> 00:10:41.810
Chris Feeney: So today's topic is is really on this blog, you know, if you find yourself in a situation where the operating system. In this case, running windows.

127
00:10:42.150 --> 00:10:46.360
Chris Feeney: you have a B side, and and you somehow can't get out of this.

128
00:10:46.480 --> 00:10:48.960
Chris Feeney: What they refer to as a boot loop essentially.

129
00:10:49.260 --> 00:10:53.040
Chris Feeney: You go to boot and bam. You hit the B side and you can't get out of it.

130
00:10:53.830 --> 00:10:55.230
Chris Feeney: Well, the

131
00:10:55.689 --> 00:11:17.089
Chris Feeney: options that we kinda highlight are not for those that have listened to the podcast and no. I gel, it's not something that we're necessarily brand new with a solution the Ud pocket is certainly a a very it's built for bypassing the local hard drive on the machine, and and then just booting to it. Now, obviously, too.

132
00:11:17.530 --> 00:11:22.890
Chris Feeney: get to that. You have to be able to allow booting to USB, so that would require

133
00:11:23.680 --> 00:11:27.249
Chris Feeney: getting into what is called the ufe or

134
00:11:27.846 --> 00:11:30.330
Chris Feeney: other people know as bios.

135
00:11:30.600 --> 00:11:32.730
Chris Feeney: and so you may require some

136
00:11:33.181 --> 00:11:41.620
Chris Feeney: depending on your hardware. HP, Lenovo, lg, whatever they all different sort of how to get into the bios or the boot menu, and then you can pick

137
00:11:41.670 --> 00:11:42.870
Chris Feeney: an alternate

138
00:11:43.160 --> 00:11:46.650
Chris Feeney: option to boot from. So that's

139
00:11:47.066 --> 00:11:52.050
Chris Feeney: probably the easiest way to get get to that. But there are some caveats.

140
00:11:52.300 --> 00:11:53.849
Andy Whiteside: Chris, what does Bio stand for.

141
00:11:55.070 --> 00:11:56.310
Chris Feeney: Oh, man's.

142
00:11:56.630 --> 00:11:57.310
Andy Whiteside: Base basic.

143
00:11:57.310 --> 00:12:00.690
Chris Feeney: Basic interrupt. Damn it! Sorry.

144
00:12:00.690 --> 00:12:05.296
Andy Whiteside: I think it's basic input operating system or basic operating system.

145
00:12:05.680 --> 00:12:06.090
Chris Feeney: And on.

146
00:12:06.090 --> 00:12:08.190
Andy Whiteside: It's machine code to get you

147
00:12:08.300 --> 00:12:12.149
Andy Whiteside: to the boot files of the operating system so that the kernel can take over.

148
00:12:12.680 --> 00:12:13.420
Andy Whiteside: Try it.

149
00:12:13.630 --> 00:12:16.469
Andy Whiteside: And what you're talking about. The Bios configuration screens.

150
00:12:17.050 --> 00:12:20.606
Chris Feeney: Right. So I've got a laptop here on my left that

151
00:12:20.960 --> 00:12:23.040
Chris Feeney: I've got 2 different laptops, one

152
00:12:23.909 --> 00:12:28.940
Chris Feeney: I can boot directly to USB, because I've got it set to to do that in the in the boot order.

153
00:12:29.459 --> 00:12:35.160
Chris Feeney: The other one. I don't. It boots directly to the hard drive. But if I want to boot to USB, I just kind of go and

154
00:12:35.630 --> 00:12:43.030
Chris Feeney: yeah hit the escape key, or or whatever F. 10. And then I get the boot menu, and I can choose to boot to a Ud pocket. So.

155
00:12:43.460 --> 00:12:48.219
Chris Feeney: But you can change that if you have bios access, and you can

156
00:12:48.250 --> 00:12:50.560
Chris Feeney: do that. So that's 1 way you can kind of

157
00:12:50.610 --> 00:12:57.310
Chris Feeney: recover, at least get a machine operational, and then you can come back in this particular situation. The the fix

158
00:12:57.750 --> 00:12:59.590
Chris Feeney: for Bsad might be.

159
00:13:00.070 --> 00:13:06.440
Chris Feeney: you know, very specific, or who knows? It might need to be reimaged or something. But.

160
00:13:08.010 --> 00:13:14.320
Andy Whiteside: Yeah, I'm I'm curious. Maybe you know, what what did they do to fix this? Because you're in a you're in a situation where you can't

161
00:13:14.480 --> 00:13:18.520
Andy Whiteside: boot. So therefore you can't phone home. Did they have to?

162
00:13:18.830 --> 00:13:20.630
Andy Whiteside: How did they get the software patch

163
00:13:20.920 --> 00:13:26.280
Andy Whiteside: out to fix the problem? If you couldn't actually start the car and drive it to the dealership.

164
00:13:27.500 --> 00:13:37.790
Chris Feeney: Oh, I my general understanding is in the case of of cross strike. Is that the fix is to remove what was put on there that's causing the blue screen of death.

165
00:13:38.396 --> 00:13:41.659
Chris Feeney: But to do that you have to be able to get

166
00:13:41.930 --> 00:13:45.110
Chris Feeney: to what's called safe mode or recovery mode

167
00:13:45.729 --> 00:13:59.979
Chris Feeney: command line essentially, and then go through and follow some instructions. But one of the other challenges that people are seeing is that if you have the bitlocker disk encryption puts. Then you have to know the bit locker key.

168
00:14:01.050 --> 00:14:04.629
Chris Feeney: And that could be different, for every machine.

169
00:14:04.840 --> 00:14:08.220
Chris Feeney: which would probably be the right best practice.

170
00:14:08.240 --> 00:14:12.569
Chris Feeney: or some corporations may have the same Bitlocker key for all their machines.

171
00:14:12.990 --> 00:14:14.720
Chris Feeney: For convenience sake

172
00:14:14.900 --> 00:14:16.210
Chris Feeney: it all depends.

173
00:14:16.490 --> 00:14:19.447
Chris Feeney: but that can throw wrinkle in it.

174
00:14:20.130 --> 00:14:23.769
Andy Whiteside: Of these machines were virtual, and they could be snapshoted back before the patch.

175
00:14:24.370 --> 00:14:37.206
Chris Feeney: Read some stuff. And certainly I know Scott. Manchester. Put out a note about Cloud, PC. And and going back and rolling back to a a snapshot, so that certainly is an approach where that could that could definitely occur.

176
00:14:37.824 --> 00:14:44.839
Andy Whiteside: Did he also put something in about? You know, non persistent vms and just rebooting them back to where they started.

177
00:14:45.450 --> 00:14:54.072
Chris Feeney: I didn't read that necessarily. There may be others that have chimed in but certainly, you know, this kind of goes back to the persistent non persistence.

178
00:14:54.370 --> 00:15:01.690
Andy Whiteside: Yeah, what? What I'm getting at that response. Chris, is windows 365 is not the answer to everything. If you know the truth.

179
00:15:01.710 --> 00:15:06.049
Andy Whiteside: If you don't know the truth, people can make you feel like it's the answer to every problem.

180
00:15:07.560 --> 00:15:08.500
Chris Feeney: Yeah. Well.

181
00:15:08.610 --> 00:15:09.770
Chris Feeney: a different

182
00:15:10.390 --> 00:15:14.070
Chris Feeney: product in the cloud for Microsoft than Abd

183
00:15:14.560 --> 00:15:17.079
Chris Feeney: everything has its pros and cons.

184
00:15:17.080 --> 00:15:19.829
Andy Whiteside: My my answer to this problem is not more, Microsoft.

185
00:15:21.830 --> 00:15:23.370
Andy Whiteside: certainly not on the endpoint. That's.

186
00:15:23.370 --> 00:15:25.390
Chris Feeney: What is your answer, Andy?

187
00:15:25.390 --> 00:15:28.879
Andy Whiteside: My answer is, don't get in a don't drive your car to meet the Uber.

188
00:15:30.630 --> 00:15:32.715
Chris Feeney: You've used that analogy before.

189
00:15:33.550 --> 00:15:39.570
Andy Whiteside: Take a bike down the street or walk, but don't. Don't get in your car to go meet Uber, or don't take an uber to meet an Uber.

190
00:15:40.700 --> 00:15:44.470
Chris Feeney: Yeah, that would seem very interesting. And we've talked about it before. I mean.

191
00:15:46.583 --> 00:15:56.140
Chris Feeney: but yeah, so the the options that are laid out here in a Dr. Scenario, which is obviously what you're dealing with globally and and many cases

192
00:15:56.778 --> 00:16:01.439
Chris Feeney: agile certainly has the ability to try to boot to our ud pocket.

193
00:16:03.000 --> 00:16:10.550
Chris Feeney: and the other option is highlighted. There is kind of booting and actually installing Igel on the device

194
00:16:10.560 --> 00:16:12.619
Chris Feeney: which would in theory

195
00:16:12.830 --> 00:16:16.930
Chris Feeney: blow away the operating system on the device.

196
00:16:17.566 --> 00:16:22.570
Chris Feeney: Or I think actually, now I read it more. He's referring to

197
00:16:24.060 --> 00:16:30.319
Chris Feeney: booting to the OS Creator to then install the OS on a second USB. Stick

198
00:16:32.140 --> 00:16:34.719
Chris Feeney: kind of like a ud pocket. Now.

199
00:16:35.120 --> 00:16:38.850
Chris Feeney: that would be an extreme sort of scenario in the sense that

200
00:16:38.940 --> 00:16:51.349
Chris Feeney: if it's not a Ud pocket, an actual unique pocket has a serial, lies number on it. That that is is very specific to be able to unplug that device and plug it into other ones.

201
00:16:51.990 --> 00:17:00.110
Chris Feeney: Creating a Ud pocket on a separate USB stick could be done. But it's it's only going to be isolated to that, to the 1st machine that boots up.

202
00:17:00.450 --> 00:17:04.109
Chris Feeney: And that's it. Yeah, it's not portable. So

203
00:17:04.290 --> 00:17:11.480
Chris Feeney: but if you're in a tight spot, that may be your only option until you can get the original hard drive fixed, or whatever.

204
00:17:11.480 --> 00:17:13.280
Andy Whiteside: Well, let me let me say what you just said differently.

205
00:17:13.410 --> 00:17:17.850
Andy Whiteside: OS Creator, create another USB drive great! Get a ud pocket

206
00:17:17.890 --> 00:17:21.040
Andy Whiteside: that'll get you through this gap, this space and time.

207
00:17:21.069 --> 00:17:27.790
Andy Whiteside: then come up with a strategy on how you're going to mitigate windows, Microsoft windows which I love.

208
00:17:28.220 --> 00:17:29.869
Andy Whiteside: You're going to mitigate it

209
00:17:30.080 --> 00:17:33.119
Andy Whiteside: where it needs to be mitigated, and use it where it needs to be used.

210
00:17:34.990 --> 00:17:38.800
Chris Feeney: Definitely. We've talked many times over about just endpoint strategy

211
00:17:38.990 --> 00:17:42.190
Chris Feeney: and pros and cons of

212
00:17:44.930 --> 00:17:47.259
Chris Feeney: using igl, sometimes you just

213
00:17:47.340 --> 00:17:55.979
Chris Feeney: you. You seen a browser. Sometimes you need a browser and a a desktop of sorts, a virtual desktop but from a.

214
00:17:55.980 --> 00:18:00.640
Andy Whiteside: In my dream world. You've got a a resilient platform like a nutanix

215
00:18:01.146 --> 00:18:29.679
Andy Whiteside: with windows vms on it desktops and app servers that boot back to a gold image that presents, not delivers, but presents it down to a Linux based endpoint and and all that is a read only read, only read only operating systems all the way up through that. And, Chris, the only thing you would need at that point is limited rights for the end users that are using the system. And some type of lightweight antivirus.

216
00:18:29.710 --> 00:18:35.690
Andy Whiteside: malware detecting software is all you would need in that scenario versus

217
00:18:35.910 --> 00:18:38.679
Andy Whiteside: a big, massive product like restaurant

218
00:18:39.370 --> 00:18:40.040
Andy Whiteside: boot.

219
00:18:40.240 --> 00:18:40.870
Chris Feeney: Yeah.

220
00:18:43.020 --> 00:18:44.890
Chris Feeney: that's all it takes. But yeah.

221
00:18:44.890 --> 00:18:51.819
Andy Whiteside: People default to installing big, heavy, bloated, amazingly capable windows on everything.

222
00:18:52.200 --> 00:18:57.760
Andy Whiteside: because it's the path of least resistance. And it's the easiest thing to do, because it's what you've always done.

223
00:18:58.460 --> 00:19:01.340
Andy Whiteside: But someday we're gonna figure out

224
00:19:01.500 --> 00:19:03.350
Andy Whiteside: that we can't keep doing that

225
00:19:04.170 --> 00:19:07.939
Andy Whiteside: because there's too many bad actors out there, or too many incompetent

226
00:19:08.570 --> 00:19:09.969
Andy Whiteside: technology companies that have.

227
00:19:10.356 --> 00:19:11.130
Chris Feeney: Have access?

228
00:19:11.900 --> 00:19:12.520
Andy Whiteside: Here.

229
00:19:12.890 --> 00:19:13.570
Chris Feeney: Yeah.

230
00:19:14.220 --> 00:19:15.530
Chris Feeney: I will say.

231
00:19:16.543 --> 00:19:18.490
Chris Feeney: Justin, we

232
00:19:18.810 --> 00:19:25.540
Chris Feeney: to the folks that are dealing with on the front lines, I mean, I I know our our thoughts go with you, I mean is not easy.

233
00:19:25.800 --> 00:19:29.719
Chris Feeney: Given the instructions that that are there to try to recover.

234
00:19:29.770 --> 00:19:31.219
Chris Feeney: There's there's

235
00:19:31.970 --> 00:19:36.689
Chris Feeney: I I've seen some details about maybe how to automate some stuff. We're talking about physical endpoints.

236
00:19:37.610 --> 00:19:41.040
Andy Whiteside: But but, Chris, I'm gonna pull an Andy on you.

237
00:19:41.420 --> 00:19:44.650
Andy Whiteside: Those are the same people that are protecting that turf and won't

238
00:19:44.670 --> 00:19:47.239
Andy Whiteside: work with their companies to find smarter, better ways.

239
00:19:48.100 --> 00:19:51.500
Chris Feeney: That could be very true. I know you've dealt with it personally. So

240
00:19:53.590 --> 00:19:54.430
Chris Feeney: yeah.

241
00:19:54.600 --> 00:19:55.540
Chris Feeney: so.

242
00:19:56.060 --> 00:19:57.079
Chris Feeney: And they're there.

243
00:19:57.080 --> 00:20:00.510
Andy Whiteside: Historically, there have been reasons why, from a user experience.

244
00:20:00.520 --> 00:20:02.159
Andy Whiteside: But for the most part

245
00:20:02.360 --> 00:20:03.849
Andy Whiteside: those things are gone.

246
00:20:04.340 --> 00:20:10.420
Andy Whiteside: And you really can have a good user experience, if not great user experience and mitigate windows on the endpoint.

247
00:20:11.860 --> 00:20:14.030
Chris Feeney: Yeah. And I think that's a, we've talked about this.

248
00:20:14.670 --> 00:20:23.999
Chris Feeney: We've now on podcast. 97, I guarantee you, we've had this same topic conversation about user experience, running Linux on IGO Linux on the endpoint

249
00:20:25.110 --> 00:20:33.170
Chris Feeney: in 50 of those episodes easily. And so this is not necessarily a new topic for us. But it's really

250
00:20:33.320 --> 00:20:34.130
Chris Feeney: just.

251
00:20:34.680 --> 00:20:37.909
Chris Feeney: you know, the the understanding. What's possible.

252
00:20:38.443 --> 00:20:43.650
Chris Feeney: And what user experience, you know, can be, can I mean just

253
00:20:43.970 --> 00:20:45.790
Chris Feeney: for me? I've tried to.

254
00:20:46.060 --> 00:20:50.810
Chris Feeney: you know. Let me like that I've talked about before we presented at one of your

255
00:20:51.160 --> 00:20:57.100
Chris Feeney: kickoffs a couple years ago, and I made I wanted to make sure I did it from my agile device, and

256
00:20:57.430 --> 00:21:06.089
Chris Feeney: I just used the edge browser and logged into the browser and pulled up teams and just used that to present everything from the browser, and it worked flawlessly.

257
00:21:06.150 --> 00:21:07.179
Chris Feeney: Yeah, so

258
00:21:07.530 --> 00:21:09.340
Chris Feeney: and there.

259
00:21:09.750 --> 00:21:12.700
Chris Feeney: excellent. It was a great user experience, generally speaking.

260
00:21:13.295 --> 00:21:16.030
Chris Feeney: No, no hiccups. So it doesn't.

261
00:21:17.040 --> 00:21:21.150
Chris Feeney: That's, I think people understand, need to understand. And that's what.

262
00:21:21.150 --> 00:21:33.619
Andy Whiteside: That was, that was a little bit of an extreme use case for that person that sits down at their desk, either at the Home Office, the remote office or in the headquarters every day. It's not an extreme use case anymore. It can just work.

263
00:21:34.510 --> 00:21:35.430
Chris Feeney: Absolutely.

264
00:21:35.880 --> 00:21:36.720
Chris Feeney: so.

265
00:21:38.810 --> 00:21:42.879
Andy Whiteside: So, Chris, I think we've covered it here. I've you know, said my piece. You said your piece.

266
00:21:43.430 --> 00:21:48.339
Andy Whiteside: i i i just want the world to know that it's it's it's okay to run windows on servers.

267
00:21:49.261 --> 00:22:15.949
Andy Whiteside: Ideally, you're running server core and not full blown windows that would get rid of a lot of security risk right there run windows on endpoints makes sense when it's the right use case. I'm I've got 1, 2, 3 laptops running windows around me right now, and one all, and run running, Lin Running Linux. But on any given day I'd grab one of those laptops, and I jump on airplane. I travel and go do what I do. Could I make Igel work for that? Yes. Is it the right thing for that power user? Probably not.

268
00:22:16.199 --> 00:22:23.670
Andy Whiteside: But is the one that sits on my desk all day, or the one that sits on the airline terminal counter. The right thing to run windows on? Probably not.

269
00:22:25.370 --> 00:22:27.699
Chris Feeney: I think it. You know it comes down to.

270
00:22:27.910 --> 00:22:30.519
Chris Feeney: What do you need that thing to do? And

271
00:22:32.390 --> 00:22:36.469
Chris Feeney: is that for me? Walking around the airport, seeing a lot of these display boards.

272
00:22:36.940 --> 00:22:40.789
Chris Feeney: you know. I mean, that's that's a very we've actually got a

273
00:22:40.940 --> 00:22:48.409
Chris Feeney: press release back in June with lg, talking about that specific use case display boards, you know.

274
00:22:48.410 --> 00:22:53.240
Andy Whiteside: Display boards are clearly a much older operating system that have their own set of challenges.

275
00:22:54.190 --> 00:22:56.899
Chris Feeney: Yeah, I mean, so they.

276
00:22:57.060 --> 00:22:58.130
Chris Feeney: I mean

277
00:22:58.170 --> 00:23:06.029
Chris Feeney: users, not generally interacting with the board. It's just there. I mean, you can put whatever. So that's just a simple scenario where

278
00:23:06.110 --> 00:23:07.140
Chris Feeney: you know.

279
00:23:07.450 --> 00:23:11.679
Chris Feeney: Obviously keep it up and running. You can put information about what's happening

280
00:23:12.141 --> 00:23:15.960
Chris Feeney: but I mean to walk around and see these messages.

281
00:23:16.420 --> 00:23:17.730
Chris Feeney: I mean it.

282
00:23:18.260 --> 00:23:25.579
Chris Feeney: It's and then to understand that it's not isolated, that one particular location. It's happening globally, really kind of think from a

283
00:23:25.760 --> 00:23:26.700
Chris Feeney: wow.

284
00:23:27.090 --> 00:23:28.390
Chris Feeney: I didn't realize.

285
00:23:28.450 --> 00:23:32.910
Chris Feeney: you know personally how many machines were out there running windows. You know.

286
00:23:32.910 --> 00:23:40.550
Andy Whiteside: About how silly this is. But the the a bad actor could be a 14 year old kid in his basement, or could be a a foreign government could literally

287
00:23:40.780 --> 00:23:41.620
Andy Whiteside: hack

288
00:23:42.121 --> 00:23:53.030
Andy Whiteside: a company like American Airlines' kiosk terminals, running windows and just change the flight numbers around all over the country and have an economic impact on the United States or America.

289
00:23:54.660 --> 00:23:58.990
Chris Feeney: It's that that kind of scenario could certainly play out potentially. So.

290
00:23:58.990 --> 00:24:00.269
Andy Whiteside: It'd be super easy.

291
00:24:02.470 --> 00:24:14.410
Andy Whiteside: Yeah, Chris. Thank you for the time covering this. Always good to chat about this one this one. If you're a golfer, was teed up so high and so perfectly to talk about and guess what

292
00:24:14.470 --> 00:24:18.729
Andy Whiteside: it happens every day in some organization.

293
00:24:19.430 --> 00:24:21.939
Andy Whiteside: it's always the right time to be having this.

294
00:24:22.040 --> 00:24:25.899
Andy Whiteside: Why are you running windows in places you don't need to run windows, conversations.

295
00:24:29.180 --> 00:24:30.629
Chris Feeney: Awesome. Well, I appreciate.

296
00:24:30.830 --> 00:24:31.930
Andy Whiteside: Any party, thoughts.

297
00:24:32.750 --> 00:24:42.479
Chris Feeney: No, I said, not necessarily a new topic for us, but certainly a top of mind, and and we'll see where the conversation goes from here. So.

298
00:24:42.710 --> 00:24:49.460
Andy Whiteside: It'll be interesting to keep an eye on this one. See what happens, number one to crowd strike! I I bet they recover. I bet in in 3 years. This is.

299
00:24:50.480 --> 00:25:07.530
Andy Whiteside: you know, it's a meme, probably a meme already, but in 3 years this is a drop in the bucket, and if you're smart you bought Crowdstrike when it hit the bottom of the stock market value and and goes back up. It's good company. They just made a mistake, and the the power and beauty of windows allowed it to be just, exponentially impactful.

300
00:25:09.950 --> 00:25:10.650
Chris Feeney: Green.

301
00:25:11.470 --> 00:25:15.820
Andy Whiteside: Alright, sir, I look forward to seeing you later this afternoon when you come in the office, and we'll do this again in 2 weeks.

302
00:25:15.820 --> 00:25:17.620
Chris Feeney: Alrighty! Take care! Thanks.