21 messages
Public "Office Hours" are held every Wednesday at 11:30 PST via Zoom. It's open to everyone. Ask questions related to DevOps & Cloud and get answers!
👉️ https://cpco.io/slack-office-hours
Michaelover 1 year ago
Interesting technique for spreading malicious PyPi packages by posting answers to StackExchange: https://www.bleepingcomputer.com/news/security/stackexchange-abused-to-spread-malicious-pypi-packages-as-answers/
venkataover 1 year ago
Anyone here using github container registry as a OCI repository with helm charts?
Michaelover 1 year ago
Apple is indeed adding a new system prompt reminding users when an app has permission to access their computer’s screen and audio.
This prompt is designed to appear on a weekly basis. The first time you attempt to use the app each week, you’ll see this prompt and have to decide whether to “Continue To Allow” or change the permission settings. The prompt will also appear each time (for each app) when you use that app for the first time after rebooting your Mac.
https://9to5mac.com/2024/08/06/macos-sequoia-screen-recording-privacy-prompt/
This prompt is designed to appear on a weekly basis. The first time you attempt to use the app each week, you’ll see this prompt and have to decide whether to “Continue To Allow” or change the permission settings. The prompt will also appear each time (for each app) when you use that app for the first time after rebooting your Mac.
https://9to5mac.com/2024/08/06/macos-sequoia-screen-recording-privacy-prompt/
E
erikover 1 year ago
@here office hours is starting in 30 minutes! Remember to post your questions here.
Nennaover 1 year ago
Links from today's office hours:
https://www.bbc.com/news/articles/c0k44x6mge3o.amp
https://aws-icons.com/
https://www.linkedin.com/posts/choff_if-you-unfurl-this-thread-and-look-at-the-ugcPost-7226271880163250176-Kgyj?utm_source=share&utm_medium=member_desktop
https://github.com/ynqa/logu
https://www.linkedin.com/posts/natanyellin_new-k8s-feature-coming-soon-the-ability-activity-7224756850796187648-LU5v?utm_source=share&utm_medium=member_desktop
https://news.ycombinator.com/item?id=41127446
https://thenewstack.io/could-ebpf-save-us-from-crowdstrike-style-disasters/
https://helm.sh/docs/topics/registries/#helm-chart-manifest
https://helm.sh/docs/topics/registries/#migrating-from-chart-repos
https://github.com/cloudposse/atmos/blob/main/.github/workflows/test.yml#L119
https://cloud-provider-aws.sigs.k8s.io/service_controller/
https://www.balena.io/
https://github.com/balena-io
https://www.bbc.com/news/articles/c0k44x6mge3o.amp
https://aws-icons.com/
https://www.linkedin.com/posts/choff_if-you-unfurl-this-thread-and-look-at-the-ugcPost-7226271880163250176-Kgyj?utm_source=share&utm_medium=member_desktop
https://github.com/ynqa/logu
https://www.linkedin.com/posts/natanyellin_new-k8s-feature-coming-soon-the-ability-activity-7224756850796187648-LU5v?utm_source=share&utm_medium=member_desktop
https://news.ycombinator.com/item?id=41127446
https://thenewstack.io/could-ebpf-save-us-from-crowdstrike-style-disasters/
https://helm.sh/docs/topics/registries/#helm-chart-manifest
https://helm.sh/docs/topics/registries/#migrating-from-chart-repos
https://github.com/cloudposse/atmos/blob/main/.github/workflows/test.yml#L119
https://cloud-provider-aws.sigs.k8s.io/service_controller/
https://www.balena.io/
https://github.com/balena-io
Jonathan Euniceover 1 year ago
In office hours we talked about the security risks of security checkers (cough, Crowdstrike and its super duper unchecked kernel magic). Discussed eBFP for Linux kernel and whether that was the same, or a risk-reducer because of its limited reach and implicit validation (the consensus). But what does Hacker News bring but news of fixing eBFP kernel vulnerabilities.
E
erikover 1 year ago
@here office hours is starting in 30 minutes! Remember to post your questions here.
Nennaover 1 year ago
Links from today's office hours:
https://www.ft.com/content/3faa79a5-f1a6-4d44-ba92-9b138bae0561
https://docs.github.com/en/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds
https://github.com/actions/attest?tab=readme-ov-file
https://techcrunch.com/2024/08/12/best-hacks-security-research-black-hat-def-con-2024/
https://news.ycombinator.com/item?id=41224286
https://postgres.new/db/1jaxsvndvfam3jr2
https://www.icann.org/en/board-activities-and-meetings/materials/approved-resolutions-special-meeting-of-the-icann-board-29-07-2024-en#section2.a
https://www.infoq.com/news/2024/08/slack-kubernetes-operator-bedroc/?utm_source=email&utm_medium=devops&utm_campaign=newsletter&utm_content=08132024
https://www.bejarano.io/terraform-plan-light/
https://github.com/opentofu/opentofu/issues/1703
http://docs.cloudposse.com/
https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains#Special-Use_Domains
https://www.reddit.com/r/homelab/comments/1eryjrv/psa_zero_click_rce_vulnerability_on_ms_windows/#:~:text=Go%20to%20homelab-,PSA%3A%20Zero%20click%20RCE%20vulnerability%20on%20MS%20Windows%2C%20CVE%20Score,if%20you%20are%20using%20IPv6&text=Microsoft%20has%20released%20a%20patch,consumer%20and%20server)%20are%20affected.
https://github.com/marketplace/actions/gitops-automatic-versioning
https://docs.gitea.com/usage/actions/overview
https://earthly.dev/
https://imgflip.com/i/7oqe8u
https://www.ft.com/content/3faa79a5-f1a6-4d44-ba92-9b138bae0561
https://docs.github.com/en/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds
https://github.com/actions/attest?tab=readme-ov-file
https://techcrunch.com/2024/08/12/best-hacks-security-research-black-hat-def-con-2024/
https://news.ycombinator.com/item?id=41224286
https://postgres.new/db/1jaxsvndvfam3jr2
https://www.icann.org/en/board-activities-and-meetings/materials/approved-resolutions-special-meeting-of-the-icann-board-29-07-2024-en#section2.a
https://www.infoq.com/news/2024/08/slack-kubernetes-operator-bedroc/?utm_source=email&utm_medium=devops&utm_campaign=newsletter&utm_content=08132024
https://www.bejarano.io/terraform-plan-light/
https://github.com/opentofu/opentofu/issues/1703
http://docs.cloudposse.com/
https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains#Special-Use_Domains
https://www.reddit.com/r/homelab/comments/1eryjrv/psa_zero_click_rce_vulnerability_on_ms_windows/#:~:text=Go%20to%20homelab-,PSA%3A%20Zero%20click%20RCE%20vulnerability%20on%20MS%20Windows%2C%20CVE%20Score,if%20you%20are%20using%20IPv6&text=Microsoft%20has%20released%20a%20patch,consumer%20and%20server)%20are%20affected.
https://github.com/marketplace/actions/gitops-automatic-versioning
https://docs.gitea.com/usage/actions/overview
https://earthly.dev/
https://imgflip.com/i/7oqe8u
E
erikover 1 year ago
@here office hours is starting in 30 minutes! Remember to post your questions here.
Nennaover 1 year ago
Links from today's office hours:
https://www.synacktiv.com/en/publications/github-actions-exploitation-dependabot?utm_source=tldrinfosec
https://github.com/container-registry/helm-charts-oci-proxy
https://www.zdnet.com/article/switzerland-now-requires-all-government-software-to-be-open-source/
https://github.com/orgs/community/discussions/18055#discussioncomment-10362166
https://aws.amazon.com/blogs/containers/announcing-karpenter-1-0/
https://aws.amazon.com/about-aws/whats-new/2024/08/amazon-s3-http-403-access-denied-error-messages/
https://ionanalytics.com/insights/mergermarket/hashicorp-ibms-regulatory-scrutiny-could-focus-on-cloud-infrastructure-management-solutions-attorneys/
https://www.thoughtworks.com/radar/tools/summary/opentofu
https://docs.aws.amazon.com/eks/latest/userguide/workloads-add-ons-available-eks.html
https://hamzabouissi.github.io/posts/transform-aws-1/
https://docs.aws.amazon.com/eks/latest/userguide/pod-identities.html
https://joachim8675309.medium.com/devops-concepts-pets-vs-cattle-2380b5aab313
https://x.com/DevopsDiscu/status/1826062764894273551
https://trufflesecurity.com/blog/anyone-can-access-deleted-and-private-repo-data-github
https://www.synacktiv.com/en/publications/github-actions-exploitation-dependabot?utm_source=tldrinfosec
https://github.com/container-registry/helm-charts-oci-proxy
https://www.zdnet.com/article/switzerland-now-requires-all-government-software-to-be-open-source/
https://github.com/orgs/community/discussions/18055#discussioncomment-10362166
https://aws.amazon.com/blogs/containers/announcing-karpenter-1-0/
https://aws.amazon.com/about-aws/whats-new/2024/08/amazon-s3-http-403-access-denied-error-messages/
https://ionanalytics.com/insights/mergermarket/hashicorp-ibms-regulatory-scrutiny-could-focus-on-cloud-infrastructure-management-solutions-attorneys/
https://www.thoughtworks.com/radar/tools/summary/opentofu
https://docs.aws.amazon.com/eks/latest/userguide/workloads-add-ons-available-eks.html
https://hamzabouissi.github.io/posts/transform-aws-1/
https://docs.aws.amazon.com/eks/latest/userguide/pod-identities.html
https://joachim8675309.medium.com/devops-concepts-pets-vs-cattle-2380b5aab313
https://x.com/DevopsDiscu/status/1826062764894273551
https://trufflesecurity.com/blog/anyone-can-access-deleted-and-private-repo-data-github
Tyrone Meijnover 1 year ago
https://github.com/mycarrysun/terraform-aws-policy-actions
Pretty neat idea, should be nice when the VSCode Gods decide that it's your lucky day and TF autocomplete works.
Pretty neat idea, should be nice when the VSCode Gods decide that it's your lucky day and TF autocomplete works.
E
erikover 1 year ago
@here office hours is starting in 30 minutes! Remember to post your questions here.
Nennaover 1 year ago
Links from today's office hours:
https://unit42.paloaltonetworks.com/github-repo-artifacts-leak-tokens/
https://devopsweeklyarchive.com/700/
https://docs.aws.amazon.com/AmazonS3/latest/userguide/ErrorCodeBilling.html
https://aws.amazon.com/about-aws/whats-new/2024/08/amazon-ec2-status-checks-reachability-health-ebs-volume/
https://github.com/ned1313/terrahash
https://www.bleepingcomputer.com/news/security/stackexchange-abused-to-spread-malicious-pypi-packages-as-answers/
https://9to5mac.com/2024/08/06/macos-sequoia-screen-recording-privacy-prompt/
https://joachim8675309.medium.com/devops-concepts-bake-vs-fry-6fedb8d60056
https://developer.hashicorp.com/terraform/cli/commands/providers/lock#specifying-target-platforms
https://www.systeminit.com/blog-open-source/
https://atmos.tools/core-concepts/components/terraform/providers/#provider-configuration-in-terraform
https://github.com/mycarrysun/terraform-aws-policy-actions
https://unit42.paloaltonetworks.com/github-repo-artifacts-leak-tokens/
https://devopsweeklyarchive.com/700/
https://docs.aws.amazon.com/AmazonS3/latest/userguide/ErrorCodeBilling.html
https://aws.amazon.com/about-aws/whats-new/2024/08/amazon-ec2-status-checks-reachability-health-ebs-volume/
https://github.com/ned1313/terrahash
https://www.bleepingcomputer.com/news/security/stackexchange-abused-to-spread-malicious-pypi-packages-as-answers/
https://9to5mac.com/2024/08/06/macos-sequoia-screen-recording-privacy-prompt/
https://joachim8675309.medium.com/devops-concepts-bake-vs-fry-6fedb8d60056
https://developer.hashicorp.com/terraform/cli/commands/providers/lock#specifying-target-platforms
https://www.systeminit.com/blog-open-source/
https://atmos.tools/core-concepts/components/terraform/providers/#provider-configuration-in-terraform
https://github.com/mycarrysun/terraform-aws-policy-actions