Security and Leftovers

posted by Roy Schestowitz on Sep 13, 2022

• The Way Forward for K8s Security: Eliminate Standing Privileges - Container Journal

  If you have worked in cloud computing, DevOps or related fields in recent years, you’ve no doubt come across Kubernetes. One of the earliest and most popular open source container orchestration systems, Kubernetes, also known as K8s, enables development teams to group containers that make up an application into logical units for easy administration (stylistic) and discovery in cloud environments. There are other container orchestrators out there—Nomad from HashiCorp, Red Hat’s OpenShift, Helios and Azure Container Instances are all popular alternatives. But there are just as many variations on what amount to Kubernetes-specific management services, such as Google Kubernetes Engine (Kubernetes originated as a Google project), Amazon Elastic Kubernetes Service and Azure Kubernetes Service.

  Obviously, there is a lot of demand out there for container orchestration, and there are a lot of different ways to take advantage of what K8s has to offer. Check out the case study section of the Kubernetes website, and you will see accolades from all areas of the developer community.

• FBI Seizes Stolen Cryptocurrencies - Schneier on Security

  The Wall Street Journal is reporting that the FBI has recovered over $30 million in cryptocurrency stolen by North Korean hackers earlier this year. It’s only a fraction of the $540 million stolen, but it’s something.

• SUSE Rancher and Komodor - Continuous Kubernetes Reliability | SUSE Communities

  With 96% of organizations either using or evaluating Kubernetes and over 7 million developers using Kubernetes around the world, according to a recent CNCF report, it’s safe to say that Kubernetes is eating up the world and has become the de-facto orchestrating system of cloud-native applications.

  The benefits of adopting K8s are obvious in terms of efficiency, agility, and scalability. However, despite the project’s maturity, the industry is still developing the knowledge-base, best practices, and tools required to manage day-to-day K8s operations.

• [OpenBSD]-current has moved to 7.2

  For those unfamiliar with the process: this is not the 7.2 release, but is part of the standard build-up to the release.

• Ed25519 Deep Dive Addendum - 2022-09-11

  As an application developer, you have likely connected to GitHub or an SSH server with an SSH Key. To do this successfully without anyone else impersonating you, a Digital Signature Algorithm (DSA) is used to authenticate you. Several DSAs can be used to authenticate over SSH; Ed25519 is a great option and not only for SSH keys. In A Deep dive into Ed25519 Signatures, I suggest the Ed25519 algorithm is modern, fast, small, misuse-resistant, and secure option for signing data; I also included an exercise in creating Ed25519 keys, signing data and verifying signatures.

• [Old] A Deep dive into Ed25519 Signatures - 2022-03-06

  Digital Signature Algorithms (DSAs) underpin modern technology enabling phone calls, emails, operating system updates, and payments to process securely. Every DSA is built upon one way functions, which is easy to perform one way but hard to reverse. Ed25519 is one such DSA and in this article I'll show how to use it.

• Your 'Forgotten' Blockchain Account Needing Reactivation? It's a Scam

  Scammers are using 'forgotten' cryptocurrency accounts as bait for stealing the identities of the gullible and dishonest. You have been warned.

  I have never put any money into bitcoin or other cryptocurrencies.

• Crypto Agility and Post Quantum - 2022-08-24

  At DEF CON 30 "Crypto Agility" and "Post Quantum" buzz words were repeated in several villages. I heard it around the Privacy and Crypto village and Soatok heard about it at the Quantum village. If you are an application developer, keep reading, these words are for you!