Category: all
Lessons learned: COPY . and geometric size progression
So another day and another ‘registry out of space’. I wrote earlier about the crappy experience increasing this size (and GKE is still on 1.10 so I can’t use the 1.11+ resize mechanism!!!) Vowing not to repeat the ‘that can’t be the right method’ that I pioneered in that post, I decided to dig a…
Pytosquatting, Supply Chain Risk, and the Slovak National Security Bureau
So most of you will have the Slovak ‘NBU’ on your RSS speed-dial, but I found I was a bit behind on my reading of it. As I was catching up, skcsirt-sa-20170909-pypi caught my eye. In a nutshell, its around a phenomena called ‘typo-squatting’. In this case, Python-package name squatting (called pytosquatting). So there is…
Software supply chain risk management robots
It finally happened to you. A developer used ‘import A’. A pulled in B, B pulled in C, D. D pulled in E… and somewhere along that chain evil lurked. Now all your bits are belong to l33t hackerz. So like all things in life its time to over-react after the fact (something about…
My webinar today on surprises in cloud security migration
On of the things that people felt was controversial about my message was “end-point security is no longer a thing”. I’m saying this from the standpoint of: Instances are short-lived (hours/days, not months/years) Instances are dynamically scaling in and out Cloud native applications (usually) run a single-process per instance/container, no space for another (you could…
The return of the bike thief: spoiler, the lock held, but my hands were cold
Came out last night and… some nibble marks on the lock, and my gloves are gone from the glove compartment. So it was a very thumb-numbing ride in this am @ 2 degrees! But… the lock held, which is the important part. Rot in hell thief. I stopped carrying the ‘massive chain’ since it was…
