House Committee Calls On CrowdStrike CEO To Testify On Global Outage (theverge.com) 76
According to the Washington Post (paywalled), the House Homeland Security Committee has called on the CrowdStrike CEO to testify over the major outage that brought flights, hospital procedures, and broadcasters to a halt on Friday. The outage was caused by a defective software update from the company that primarily affected computers runnings Windows, resulting in system crashes and "blue screen of death" errors. From the report: Republican leaders of the House Homeland Security Committee demanded that CrowdStrike CEO George Kurtz commit by Wednesday to appearing on Capitol Hill to explain how the outages occurred and what "mitigation steps" the company is taking to prevent future episodes. [...] Reps. Mark Green (R-Tenn.) and Andrew R. Garbarino (R-N.Y.), chairs of the Homeland Security Committee and its cybersecurity subcommittee, respectively, wrote in their letter that the outages "must serve as a broader warning about the national security risks associated with network dependency. Protecting our critical infrastructure requires us to learn from this incident and ensure that it does not happen again," the lawmakers wrote. CrowdStrike spokesperson Kirsten Speas said in an emailed statement Monday that the company is "actively in contact" with the relevant congressional committees and that "engagement timelines may be disclosed at Members' discretion," but declined to say whether Kurtz will testify.
The committee is one of several looking into the incident, with members of the House Oversight Committee and House Energy and Commerce Committee separately requesting briefings from CrowdStrike. But the effort by Homeland Security Committee leaders marks the first time the company is being publicly summoned to testify about its role in the disruptions. CrowdStrike has risen to prominence as a major security provider partly by identifying malicious online campaigns by foreign actors, but the outages have heightened concern in Washington that international adversaries could look to exploit future incidents. "Malicious cyber actors backed by nation-states, such as China and Russia, are watching our response to this incident closely," Green and Garbarino wrote. The outages, which disrupted agencies at the federal and state level, are also raising questions about how much businesses and government officials alike have come to rely on Microsoft products for their daily operations.
The committee is one of several looking into the incident, with members of the House Oversight Committee and House Energy and Commerce Committee separately requesting briefings from CrowdStrike. But the effort by Homeland Security Committee leaders marks the first time the company is being publicly summoned to testify about its role in the disruptions. CrowdStrike has risen to prominence as a major security provider partly by identifying malicious online campaigns by foreign actors, but the outages have heightened concern in Washington that international adversaries could look to exploit future incidents. "Malicious cyber actors backed by nation-states, such as China and Russia, are watching our response to this incident closely," Green and Garbarino wrote. The outages, which disrupted agencies at the federal and state level, are also raising questions about how much businesses and government officials alike have come to rely on Microsoft products for their daily operations.
Ooh, another two hours of political grandstanding! (Score:5, Insightful)
I'm sure that this will be SUPER helpful to resolve the problem, just like the congressional hearings were against Facebook were a few years ago.
Crowdstrike will probably need to make a few well timed "campaign donations" to help smooth things over, though.
Re:Ooh, another two hours of political grandstandi (Score:5, Insightful)
I can't wait to see the confused faces. No one at the hearing will understand anything about the technology.
Re: Ooh, another two hours of political grandstand (Score:2)
Re: (Score:3)
I can't wait to see the confused faces. No one at the hearing will understand anything about the technology.
No one at the hearing cares about anything other than political intimidation and influence. Just another election year fundraiser.
Re: Ooh, another two hours of political grandstand (Score:2)
When someone is hauled in for a congressional hearing, it means the person will publically pilloried. It also means Congress won't take any legal action.
Re: (Score:2)
I've been thinking about that, in this case what would the crime be? Did they violate some sort of security law or some type of gross negligence to the management?
I imagine there is a US Attorney or two sorting that out now.
Re: (Score:2)
Probably no crminal issues...but likely a bunch of civil issues. Even if you can show gross negligence (probable given that it was reported by someone testing on Debian a month ago), I don't think that's going to be criminal.
Re: (Score:2)
I think you're right but I suppose the next question is should it be and I guess what "it" is, that's a tough one.
Re: (Score:3)
Re: (Score:2)
What's the problem and the resolution and why wouldn't these hearings have some part to play in that? Why not define those otherwise we're just spinning wheels.
I personally want to see these people grilled a little bit even if it's from politicians. Don't we want these people to answer questions and not just press releases and softball SV podcasts?
Who else is gonna do it?
Re: (Score:3)
It's a legal minefield for Crowdstrike. Lawful Masses covered it yesterday on YouTube. There is a lot of liability, and their "no warranty" EULA isn't going to protect them from negligence claims. The CEO will have to be very careful to avoid admitting anything that might harm them in the inevitable lawsuits.
The short version is that negligence claims can't be blocked by simply saying "there is no warranty, use at your own risk". There are specific tests for negligence, to do with if the actions of the comp
Re: (Score:3)
The bigger question is what do you sue for. The biggest costs were incurred by companies without business continuity strategies. We often talk about how Delta is still sorting the mess out but and still cancelling flights, but the reality most businesses were operating again in some capacity by Friday afternoon. That will benchmark this discussion.
It's like suing someone who caused your flat tire for costs incurred due to not having a spare or a tire repair kit.
It's a private business (Score:1)
Why is the government involved in the affairs of private industry. Are we shifting towards Communism? *clutches pearls*
Re: (Score:3)
We need corporate growth and corporate profits: That is, until it fucks-up everybody's day. Won''t someone please think of the Big Macs that weren't sold and the spyware that couldn't surveil?
Ah, yes, punishing a corporation must be Communism and must be stopped: I, for one, welcome our totalitarian, oligopolistic overlords. All jesting aside, it is the purpose of government to prevent failures of private systems. It is their job to regulate businesses to provide a stable and predictable service.
Re: (Score:3)
Why is the government involved in the affairs of private industry. Are we shifting towards Communism? *clutches pearls*
When the affairs of private industry affect national operations such as air travel and hospitals, the government gets involved. Since no one, that we know of, has been fired for this screw up, this is the next best thing to put people in the hot seat.
Re: (Score:2)
Re: It's a private business (Score:1)
Why does everyone feel that someone must be fired for fuck-ups? I guess everyone that calls for firings has never fucked up before...
Re: (Score:3)
Indeed. It doesn't make any sense to fire anyone over this. The results were catastrophic, sure, but unless there was some but from what we know about the issue, it was only a matter of time before something like this happened. There is no single person responsible here. Hell, there isn't even a single organization responsible here! (Microsoft's team missed this as well.)
Even if there was a single person at fault, unless there was some ill-intent or serious negligence, what good could come from firing th
Re: (Score:3)
Regulation is not the same thing as Communism. It isn't even a step towards Communism. They are completely different things.
If the government was claiming ownership of Crowdstrike, so that it would no longer be a private business, THAT might be a step towards Communism (which has the distinguishing characteristic of government ownership of the means of production). Whereas regulation, (especially of monopolies, and sometimes including breaking up monopolies into smaller businesses) is fully compatible wi
Re: (Score:2)
I think Poe's law should be considered here. I read the GPs comments as sarcasm.
Re: (Score:2)
So did I, but we live in unusually absurd times. Reading the post again, it seems more like parody, but that's a distinction without a difference. Parody, like sarcasm, is dead.
For goodness sake, we have people that seriously believe that TCF is secretly still the President and that Obama, Hilary, Biden, and others were tried for treason and hanged at Guantanamo Bay and the reason we still see them alive is because they've variously been replaced by clones, body doubles, and androids. If you question this
Re: (Score:2)
If the government was claiming ownership of Crowdstrike, so that it would no longer be a private business, THAT might be a step towards Communism
Or the prudent actions of a true patriot in a world of cyber warfare.
(which has the distinguishing characteristic of government ownership of the means of production).
Fascism is about government (state) ownership of the industrial base and state intervention into all layers through a centralized autocratic system.
Communism is for the common ownership of the means of production. Which does not necessarily mean a government ownership. And ideally that the means of production is collectively managed by the workers, rather than remotely controlled by the equivalent of managers that do not represent the work
What network? (Score:2)
"must serve as a broader warning about the national security risks associated with network dependency."
The only network involved was the networks used to distribute this bit of garbage...
To err is human. To really screw up, use a computer and to to make it an utter cockup... network them.
Re: (Score:2)
Shhh.... If you help them figure out that their argument is bogus ahead of time, we might miss out on another "Series Of Tubes" style speech from our congresscritters. That one gave us memes for years!
Re: (Score:2)
Oh!!! Oh!!!
Can I mod this up?
What About Microsoft? (Score:5, Insightful)
Seems Microsoft's CEO should be there to explain why their OS is completely dependent on a 3rd party offering and they didn't even have a workaround. It was only many hours later that they offered, "MAYBE restarting 15 times will let your boot. Maybe. We're just hearing from some users that it might work."
Re:What About Microsoft? (Score:5, Insightful)
Re:What About Microsoft? (Score:4, Interesting)
Re: (Score:2)
So what? Is it actually done? Windows has plenty of mechanisms which provide similar security. Software can trigger a system restore point for example prior to putting out an update which can also be automatically rolled to without requiring bitlocker keys. Pro editions can also create volume snapshots.
Linux isn't a defence. It literally went down last month for the same reason. Here's a Redhat advisory of a boot time kernel panic caused by Crowdstrike https://access.redhat.com/solu... [redhat.com] Recovery would be pre
Re: (Score:2)
So what? Is it actually done? Windows has plenty of mechanisms which provide similar security. Software can trigger a system restore point for example prior to putting out an update which can also be automatically rolled to without requiring bitlocker keys.
Except that this failure prevented booting the system to the point where one could roll back, sure.
Re: (Score:2)
Rolling back is only an option if you have something to roll back to. Windows updates provide a roll back point. Software can use a windows API to create a restore point to roll back to before doing something critical like applying an update like this. Bonus points you don't even need a bitlocker key to use the roll back function from the recovery screen.
But the brains that rolled out a broken update that killed windows machines were also the brains who didn't set a restore point. Microsoft can't fix stupid
Re: (Score:2)
"But the brains that rolled out a broken update"
my understanding is that this was a definitions update, who checks/tests for every definition update? it seems not even crowd strike though they probably should.
Re: (Score:3)
> Seems Microsoft's CEO should be there to explain why their OS is completely dependent on a 3rd party offering
Because DOJ told them to foster independent software development for windows to allow customer choice. Primarily by avoiding bundling of useful system level things like this.
And those customers chose to use windows servers, and crowdstrike falcon software.
Re: (Score:2)
What I want to know from Microsoft is not any of what you said, although one thing was close. If Clownstroke's representative can't tell us why their software sometimes worked on the fifteenth try, then I am adamant about wanting to know from Microsoft's what the answer to the same question might possibly be.
Re: (Score:2)
Clownstroke
Hahaha, excellent! I hope you do not mind if I borrow that one.
Re: (Score:2)
That's my best so far for sure :D Enjoy.
Re: (Score:2)
Now that they've had some time to think about it, their response is as follows:
Many companies made the case that anti-virus, anti-malware software should be a core function of the operating system, so a few years ago we created Windows Defender. It works. Brilliantly. But, the EU forced us to let Crowdstrike continue to operate in competition with our own product, since they did antivirus on our platform before we did. As such, we weren't able to implement the necessary security and stability updates that w
Re: (Score:2)
Seems Microsoft's CEO should be there to explain why their OS is completely dependent on a 3rd party offering and they didn't even have a workaround.
My windows installation didn't go down, and I don't use CrowdStrike either. What makes you say that the OS is dependent on a 3rd party offering?
Why would they provide a workaround for a 3rd party software run as administrator that broke your system? They already provide you endless recovery options, both user initiated, and published a workaround for a 3rd party software which they didn't have to.
This is like blaming a building fire on the council because the firetruck was stuck in traffic.
Nothing will come out of it (Score:5, Interesting)
On a personal note, I'd like Crowdstrike to fry as I hate the idea of what they do and how companies and universities just gobble up the shit they hear from CS salespersons without taking issues like this into account. My personal experience with Crowdstrike was when my SQL Server cluster was to have CS installed on it. I fought tooth and nail against it because the only ports that were open on the server were RDP and 1433 for SQL Server and the server was already receiving automated Microsoft patches, but I lost that battle and CS was installed nevertheless. And that cluster was down for 11 hours last Friday.
Re: (Score:2)
My university uses Windows Defender. I'm not aware of a single service going down last week.
Windows Defender is not the opposite of CrowdStrike. Where I work we also use Windows Defender as the primary antivirus solution. All of our company laptops went down due to CrowdStrike. The latter does more/different things and in many organisations works along side Defender. A friend works for a competitor of ours (we're both Fortune 500 lackies). Their computers use McAfee as the primary solution with Windows Defender disabled. But unlike me she wasn't on holidays so her computer was out of action until
Blame the operator (Score:3)
I can already see how the CEO will put the blame on "operator error", and promise "it will not happen again", then it is back to BAU.
Re: (Score:1)
MicroShit already claimed that the EU was at fault. Clownstroke can do the same.
Re: (Score:2)
Re: (Score:1)
No, they do not. The problem is that Windows is lacking sensible APIs. With those, they could have nicely complied with the entirely sensible EU requirements and still prevent what happened. But the mess that Microsoft created with Windows cannot do that. At the same time, crap like Cludsource is needed on Windows because overall system security sucks so badly.
Re: (Score:1)
The problem is that Windows is lacking sensible APIs. .
Stop. Just stop. You're spewing ignorant garbage. Which means some other mouth-breathers will sweep it up and go spread it elsewhere.
The OS does not run in ring 0. It therefore cannot present magical API's to do magical things. Quit spewing garbage.
Ignorance is *not* a super power.
Re: (Score:1)
The OS does not run in ring 0.
What? Yes it does, you drooling moron. [wikipedia.org] What the fuck do you think the kernel is? Just how fucking stupid are you?
Quit spewing garbage. Ignorance is *not* a super power.
Re: (Score:2)
Yes it does, you drooling moron.
Kernel != OS... For an Oompa-Loompa you sure shout a lot. Especially when you're clueless.
Re: (Score:2)
Different than you, I have actual knowledge of how an OS kernel (!) works and of how to attach filters and the like that run in user-space.
You should look up the Dunning-Kruger Effect. You seem to be a far left-side case.
Re: (Score:2)
No, they do not. The problem is that Windows is lacking sensible APIs.
No they don't They provide the same sensible APIs Linux does. It's called eBPF. Incidentally here's a notification from Redhat detailing how Crowdstrike (which uses eBPF) caused boot time kernel panics on Linux https://access.redhat.com/solu... [redhat.com]
Now please stop talking shit.
Re: (Score:2)
As usual, you have no insight.
Here, you are comparing Apples and Oranges. On Linux, you do not need the Coudsource crap at all. On windows, you do need it or something like it because Windows security sucks so badly. And that makes all the difference. Obviously, bad software exists for Linux as well.
Re: (Score:2)
MS claimed EU forced them to provide kernel level access to clowns like Crowdstrike.
This is NOT true.
The EU forced MS to provide the same level of access to internals that their own AV software was using. This is in line with ensuring that AV offerings can be competitive. MS chose to open up the same access to Crowdstrike as their AV had, rather than eat their own dogfood, so to speak.
Re: (Score:2)
Indeed. Funny how almost all the MS apologist here lie.
Re: (Score:2)
And I dont think you understand the term dogfooding as it applies to software. It means using your own products internally. Here we are talking about client systems so where is the question of dogfooding. And Microsoft does use its o
Re: (Score:2)
Again, you did not say the same thing, and the EU did NOT force MS to make that decision.
MS could have implemented safe API's for AV software to use, rather than the kernel level access they provided.
And I dont think you understand the term dogfooding as it applies to software. It means using your own products internally. Here we are talking about client systems so where is the question of dogfooding.
I don't think you have comprehended what I and others have said.
If MS had implemented safe API's for AV to use, it would then update its own AV software to use those same API's. IE: dogfooding. Using the API's it provides for others for its own competing product.
The EU came down on MS because they were NOT dogf
Re: Blame the operator (Score:1)
If MS had implemented safe API's for AV to use, it would then update its own AV software to use those same API's
This is the way it always has worked since the very beginning. This was all hashed out 17 years ago. https://web.archive.org/web/20... [archive.org] And it turned out, as I mentioned earlier, that mechanisms like patchguard can't protect against everything. Apple is currently working on the assumption that their code can't possibly have any bugs, thus no kernel access is necessary. Needless to say, that assumption has been proven wrong many times.
Re: (Score:2)
If MS had implemented safe API's for AV to use, it would then update its own AV software to use those same API's
This is the way it always has worked since the very beginning.
Patchguard enforces restrictions on what structures drivers can and cannot modify. It does not move the AV system into userspace by means of providing it a safe API for the areas needed by AV.
That also says nothing about whether or not modern versions of MS's Defender Antivirus adhere to the same rules (ex. Patchguard / Kernel Patch Protection) as they require 3rd parties to use. Hint: they don't, which is why the EU forced them to equalize the playing field. This was the quote I was addressing:
MS claimed EU forced them to provide kernel level access to clowns like Crowdstrike.
Which is fal
Re: (Score:1)
Patchguard enforces restrictions on what structures drivers can and cannot modify. It does not move the AV system into userspace by means of providing it a safe API for the areas needed by AV.
I didn't say otherwise, but also there's more to it than that.
That also says nothing about whether or not modern versions of MS's Defender Antivirus adhere to the same rules (ex. Patchguard / Kernel Patch Protection) as they require 3rd parties to use. Hint: they don't, which is why the EU forced them to equalize the playing field. This was the quote I was addressing:
If you read the link I provided, they specifically call out that the APIs defender uses aren't anything special that Microsoft reserved for themselves.
Show me where that post from 17 years ago documents MS using the same access levels for Defender
No problem:
A Very Brief Discussion on Bypassing Patchguard
As mentioned before, Skape and Skywing wrote Bypassing PatchGuard on Windows x64, and published it on Uninformed. I enjoyed reading the paper and can tell you I was incredibly impressed with the evidence of reverse engineering implicit in the work. Let me give you a brief quote from it:
The real purpose of this document, though, is to illustrate that it is impossible to securely protect regions of code and data through the use of a system that involves monitoring said regions at a privilege level that is equal to the level at which third-party code is capable of running.
The key thing to extract from this is an assumption in the whole paper – if you can load kernel mode code, then you can find ways to bypass Patchguard. That is a very important if! This still leaves a lot of positive protection by Patchguard for protecting from non-kernel code – the scenario we looked at above for example. What would really strengthen it though is if you had a way to disallow any kernel mode code that wasn’t developed by a Trusted partner wait a minute! That’s what Kernel Mode Code Signing does!
Microsoft – You are a 3rd-Party Too !
Now, if I am a core kernel architect (which I am NOT), then I don’t want other folks messing with my kernel for all the reasons discussed. And frankly, that applies to those teams in other part of Microsoft as much as it does to third parties. (I’m a developer at heart – I just know they don’t love my code as much as I do and won’t respect the beauty of my design trade offs.) That’s why, once I had defined interfaces, I’d be demanding everybody use them. That’s also why my boss would be backing me up on that (if I was a core architect, which I am NOT). So, I decided to check.
I went to the Host Security product team and asked them if they got to hook the kernel – they did not. They said that the x64 version of their product for Windows Vista would use the defined interfaces, just like any 3rd-party security product. They said they’d have to re-implement certain aspects from the way things were previously done. [UPDATE: Some folks have taken this last statement to imply that the Microsoft product was previously hooking the kernel. This is not the case, as I've went back and re-confirmed. To deliver an x64 product, the team has made changes in terms of recompiling and utilizing a x64 based detection engine, but no changes were necessary with respect hooking the kernel. ~Jeff]
Next, I went to the Windows Firewall product team and asked them if they got to hook the kernel. The said no. A new Windows Filtering Platform (aka defined interfaces) had been introduced for Vista, which they would be using just like everyone else.
Emphasis in bold is mine.
in the past few years as it had offered AV vendors prior to the EU mandate - it has nothing to do with that.
On the contrary, it has everything to do with it. What you're talking about with these APIs is in fact part of the EU mandate:
https://news.microsoft.com/dow... [microsoft.com]
Specifically note paragraph 42. That blog post I linked earlier, by the way, was in fact written after
Re: (Score:2)
I honestly appreciate the length to which you've gone to clarify this situation. Thank you. I'll concede - I have hardly any actual experience with how MS has implemented any of that stuff. I'm just going by what TFA and a link or two deep got me.
That said, even based on what you've provided, this statement (from "ghoul") still seems incorrect, on multiple levels:
MS claimed EU forced them to provide kernel level access to clowns like Crowdstrike. Which is true. So now instead of just MS patches taking your system down any tom, dick and harry who convinced your PHB to install their software with kernel access can take down your system.
Going by this info, I take it that MS provides and (attempts to) enforce use of API's for this purpose, but they're not entirely safe nor entirely
George Kurtz has a history with Windows (Score:5, Interesting)
In 2010, McAfee quarantined svchost.exe rendering Windows unbootable. The CTO of McAfee at the time was... George Kurtz, CEO and co-founder of CrowdStrike.
Re: (Score:2)
Re:George Kurtz has a history with Windows (Score:5, Interesting)
Hello,
To be fair, he had just been newly appointed to the CTO position at McAfee, Inc,, and was responsible for GRC activities.
I would imagine that after his experience with the bad DAT 5958 rollout at McAfee, he would have made sure that CrowdStrike had a robust set of processes in place to ensure that this never happened again. That's part of what makes this so interesting: CrowdStrike must have had all sorts of controls in place to ensure that only a detection update which had passed through numerous quality gating procedures was released. Such processes are usually highly automated because they run 7x24x365, so you have all sorts of signalling and telemetry coming back at you to make sure all the tests are passed and everything's okay before you release.
What I'm thinking is that maybe this was going on, but there was failure in the alerting mechanism(s) and the update was pushed to production; think of it as being like an alarm light that didn't flash because its lamp bulb was burnt-out.
I will point out that this is all very speculative by me. I do not know personally know Mr. Kurtz, I was at McAfee from 1989-1995, and have worked at a competitor for the last 18 years. But during the past 35 years, every antivirus/antimalware/internet security/EPP/EDR/{insert marketing term du jour} company has put out a bad update at some time or another. None of us are immune to doing that, and they will happen again in the future.
Everyone in the industry is talking amongst themselves about what happened, and wondering if their own systems are vulnerable to such a problem, but it is difficult to check your systems if you don't know what you are checking them for. There has been all sorts of guessing about what happened, but until CrowdStrike releases their post mortem incident report with an analysis showing the root cause, that's exactly what it all is: guesswork, especially my comments.
Until then, the only thing I can really do is hope that CrowdStrike and their customers get their systems up and running as quickly as possible.
Regards,
Aryeh Goretsky
Exactly - make this a teachable moment (Score:2)
Everyone in the industry is talking amongst themselves about what happened, and wondering if their own systems are vulnerable to such a problem, but it is difficult to check your systems if you don't know what you are checking them for.
Instead of political grandstanding, I hope we handle this situation the same way the FAA handles plane crashes: Investigate thoroughly, determine the cause of the accident, then publish an industry bulletin to notify everyone of what caused the accident and what must be done
Re: (Score:2)
But what's the industry equivalent of the FAA?
Re: (Score:2)
That's part of what makes this so interesting: CrowdStrike must have had all sorts of controls in place to ensure that only a detection update which had passed through numerous quality gating procedures was released.
That's not a believable claim, given that this is not their first time pushing releases that cause machines to become unusable.
Everyone in the industry is talking amongst themselves about what happened, and wondering if their own systems are vulnerable to such a problem
Of course they are. Statistically nobody has a sufficiently robust architecture to survive faults like these, with failover for every critical system and delayed updates to the failover servers so that they remain in a known good state. They are dependent on updates to those systems to protect them so that they can run on inadequately secured networks without being wholly vulnerable
Udemy (Score:2)
Re: (Score:2)
At this point all tech CEOs should pool togeteher and buy Udemy subscriptions for all Congressmen and Senators.
You can lead a whore to class, but you can't make them pay attention.
(I have far more respect for actual prostitutes than these money-sucking leeches who have sold out our entire society from the infrastructure to the decorations.)
You can't educate the fat, dumb, and happy. They are too busy passing notes... in this case, on which stocks to trade.
House GOP? (Score:2)
Comer: Sir, please expand upon how Kamala Harris was able to infiltrate all of these computers and cause chaos worldwide?
CEO: Uh, that's not what happened.
Comer: If you do not answer my question, I will be forced to hold you in contempt of Congress! How were Kamala Harris and Joe Biden able to use your services to attack the free world?
New York Times: House Committee Investigates Harris/Biden Attack On Free World
They pointed out the main problem... (Score:2)
The outages, which disrupted agencies at the federal and state level, are also raising questions about how much businesses and government officials alike have come to rely on Microsoft products for their daily operations.
They don't rely on them, they just accept the extremely broken functionality they 1/2 provide.
Imagine... (Score:2)
...if it was a Chinese company that had caused this.