[…] THE OFFERINGS AND CROWDSTRIKE TOOLS ARE NOT FAULT-TOLERANT AND ARE NOT DESIGNED OR INTENDED FOR USE IN ANY HAZARDOUS ENVIRONMENT REQUIRING FAIL-SAFE PERFORMANCE OR OPERATION. NEITHER THE OFFERINGS NOR CROWDSTRIKE TOOLS ARE FOR USE IN THE OPERATION OF AIRCRAFT NAVIGATION, NUCLEAR FACILITIES, COMMUNICATION SYSTEMS, WEAPONS SYSTEMS, DIRECT OR INDIRECT LIFE-SUPPORT SYSTEMS, AIR TRAFFIC CONTROL, OR ANY APPLICATION OR INSTALLATION WHERE FAILURE COULD RESULT IN DEATH, SEVERE PHYSICAL INJURY, OR PROPERTY DAMAGE. […]
It’s about safety, but truly ironic how it mentions aircraft-related twice, and communication systems (very broad).
It certainly doesn’t impose confidence in the overall stability. But it’s also general ToS-speak, and may only be noteworthy now, after the fact.
That’s just covering up, like a disclaimer that your software is intended to only be used on 29ᵗʰ of February. You don’t expect anyone to follow that rule, but you expect the court to rule that the user is at fault.
Luckily, it doesn’t always work that way, but we will see how it turns out this time
Lawful Masses with Leonard French covered this yesterday. He is a copyright attorney. He starts the video with the opinion that the ToS wouldn’t protect CrowdStrike.
I don’t think the ToS is very useful without legal analysis.
As an example, let’s imagine CrowdStrike had lots and lots of documentation to show that they knew a failure would cause deaths for certain customers. Now, if someone at CrowdStrike intentionally pushed updates with the criminal intent to cause death, I think it likely someone at CrowdStrike would be criminally convicted for this decision if proven in court.
Though, it does look like this is understood in the comment.
But it’s also general ToS-speak, and may only be noteworthy now, after the fact.
edit: To be clear, this example is absolutely not what happened, it’s just an example to try to demonstrate the ToS isn’t helpful by itself. It really probably should be reviewed by lawyers. Like is there any responsibility for CrowdStrike to terminate their contract if they knew their customers were in violation? Did CrowdStrike have normal testing and development practices? Does responsibility fall on those who deployed it? etc.
CrowdStrike ToS, section 8.6 Disclaimer
It’s about safety, but truly ironic how it mentions aircraft-related twice, and communication systems (very broad).
It certainly doesn’t impose confidence in the overall stability. But it’s also general ToS-speak, and may only be noteworthy now, after the fact.
Weren’t the issues at airports because of the ticketing and scheduling systems going down, not anything with aircraft?
Yes, I think so.
That’s just covering up, like a disclaimer that your software is intended to only be used on 29ᵗʰ of February. You don’t expect anyone to follow that rule, but you expect the court to rule that the user is at fault.
Luckily, it doesn’t always work that way, but we will see how it turns out this time
Lawful Masses with Leonard French covered this yesterday. He is a copyright attorney. He starts the video with the opinion that the ToS wouldn’t protect CrowdStrike.
I’m pretty sure if a client pays for use in any of that they’ll shut up and take the money. Pretty ethical.
I don’t think the ToS is very useful without legal analysis.
As an example, let’s imagine CrowdStrike had lots and lots of documentation to show that they knew a failure would cause deaths for certain customers. Now, if someone at CrowdStrike intentionally pushed updates with the criminal intent to cause death, I think it likely someone at CrowdStrike would be criminally convicted for this decision if proven in court.
Though, it does look like this is understood in the comment.
edit: To be clear, this example is absolutely not what happened, it’s just an example to try to demonstrate the ToS isn’t helpful by itself. It really probably should be reviewed by lawyers. Like is there any responsibility for CrowdStrike to terminate their contract if they knew their customers were in violation? Did CrowdStrike have normal testing and development practices? Does responsibility fall on those who deployed it? etc.