Month: October 2018
LightBulbs of Unusual Size: Is this ‘bright-like-the-sun’ big like a planet also a death-star?
I mentioned earlier (when talking about the eye-glass power scrubber) that its getting harder to see and more light is needed. So I did what any sane person would do, I tried to find a replacement for a mercury-sodium-vapour arena lighting with an E26 base on the cheapest electronics site I could find. And here…
O great SHA, protect me from this hack
So I’m building a container. And, well, it fails. The reason? One of the packages has a bad sha256 checksum. This is important so listen up! Many people would either disable the check, or just update the checksum to match what you received. Here I decided to dig into it a bit. The scary message…
Bloomber’s latest: the hack was in the Ethernet connector. Plausible?
You’ve by now seen the most recent Bloomberg article that suggests a “major US telecom” has equipment (again made by SuperMicro) with modifications, this time to the Ethernet. Is this plausible? [I have no information on the story or if it occurred, I’m merely discussing the plausibility]. In a word, yes. First, although the image shows…
The supply chain security risk in action: ESLint
Recently we’ve been focused on the Bloomberg/Supermicro/Amazon/Apple supply chain story. But there are other supply chains which are much more common and distributed, and they have been hacked. Lets talk about the ESLint story. Because it happened. Recently. ESLint is a development tool used in JavaScript & Nodejs. A developer runs it during the build…
When good containers go bad: github issues are the new release notes
The world is getting faster with shorter cycle times. Software releases, once things that celebrated birthdays are now weekly. Emboldened by the seemingly bullet-proof nature of Kubernetes and Helm, and trying to resolve an issue with an errant log message, I update the nginx-controller. Its easy: helm upgrade nginx-ingress stable/nginx-ingress Moments later it is done.…
