Security isn’t about protecting everything from everything. It’s knowing what you’re protecting from what (and what you’re not protecting). That’s why we use threat models.
An analogy: you don’t protect food from the environment; you protect different types of food from different factors of the environment. You might design a heat lamp to protect the freshness of your dinner but a freezer for your ice cream. What you don’t do is design a heat lamp and assume it’ll protect your ice cream also.
Song / Spotify / Jazz
Still have to see Quantic live, maybe one of these days...
https://brauner.github.io/2019/02/12/privileged-containers.html Christian Brauner, maintainer of #LXC fixes a vulnerability that was discovered affecting #runC, the default #Docker container runtime. As a side note I was astonished by the amount of presentations at #FOSDEM this year about running unprivileged a.k.a. rootless containers when #LXC does it since 2013. TIL that #kubernetes and friends run fully privileged containers . Scary shit.
The #Parliament of #Asturias supports the Campaign "Public Money? Public Code!" and votes in favor of publishing all publicly financed software developments under a #FreeSoftware licence: http://www.picahack.org/el-parlamento-asturiano-vota-mayoritariamente-s%C3%AD-al-software-libre (ES) @fsfe #publiccode
In the long run, the Parliament seeks the use, promotion and migration to Free Software and #OpenStandards throughout all public administration's processes.
A decorrer: Hora Ubuntu - Containers LXD @ Sintra - qui 6 dez 2018 18:30 #ubuntupt
Fumbling in the Feediverse
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!