CrowdStrike – a company that advertises itself as stopping breaches using “AI-native cybersecurity” – recently failed to deliver in a spectacular fashion.
One of its faulty updates (for Windows) caused a massive global outage across different industries and services, including hospitals and airports.
This latest poster child for “single point of failure,” and why IT systems should not be centralized to the degree they are, now apparently sees making false copyright claims, thus abusing the DMCA, as one way of damage control.
The recipient of the takedown attempt is a parody site, ClownStrike. Created by IT consultant David Senk, clownstrike.lol went online on July 24, in the wake of the embarrassing and costly (damages are said to run into billions) episode caused by CrowdStrike.
But despite ostensibly having more pressing issues to deal with, a week later Cloudflare (that hosted the parody site) sent Senk a DMCA notice issued on behalf of CrowdStrike by CSC Digital Brand Services.
CrowdStrike wanted its logo, which is seen “fading into a cartoon clown” on Senk’s site removed, and threatened that otherwise the site would be shut down, writes Ars Technica.
But the site is clearly a parody one, which would protect Senk’s display of the logo as fair use under the DMCA. However, this story has two “bad guys” – in addition to CrowdStrike, there’s Cloudflare.
When Senk contested the takedown notice on fair use grounds, Cloudflare ignored it, and then sent him another email reiterating the copyright infringement accusations – and then, again ignored the site creator’s counterclaim.
Senk has switched to a server in Finland, where he feels companies are “less susceptible to DMCA takedown requests.”
Now the site also features the CSC logo (with a clown wig). And it’s been updated with Senk’s thoughts on corporate cyberbullies, Cloudflare’s “hilariously ineffective” system of countering copyright notices, and other rant-worthy topics.
Ars Technica suggests that ClownStrike may have simply got caught up in as many as 500 notices CrowdStrike has been sending left and right these days to ensure “proactive fraud management activities (…) to help prevent bad actors from exploiting current events.”
Senk’s description of this statement? “Typical corporate bullshit (taking) zero accountability.”
That doesn’t sound as fun.