logo FEDIDEVS

KubeCon | CloudNativeCon North America 2024

drmorr (136)
Nov. 13, 2024

Glad to know I'm not the only person who runs "git commit -m 'something'" on the regular. 😂

0 1 2
Nov. 10, 2024

Interestingly, lots of vuln scanners break on minified Docker images because they rely on OS metadata.

0 0 2
Nov. 9, 2024

On my way to KubeCon! I'm probably spending most of my time in the hallway track/vendor floor, but I'll be live-blogging my experience on here and on BlueSky if you're interested!

Come check out my talk at @Rejekts at 3:10 tomorrow (note the time change!), along with my talk at KubeCon on Thursday at 5:25!

3 1 2
Nov. 14, 2024

Don't forget! My talk with @tgoodwin, called "What if Kubernetes Was a Compiler Target?" is happening later today! Come check it out!

Room 255B @ 5:25pm.

0 2 2
Nov. 10, 2024

E.g., change the package version metadata so that you can't look up vulns for those packages (lmao)

0 0 1
Nov. 10, 2024

Now here's where the malicious compliance comes in: we're going to take advantage of vulns in the vuln scanners, and obfuscate more metadata to break the scanners. 😈

0 0 1
Nov. 10, 2024

Oh no, there's lots of vulns in your Docker image, wat do

0 0 1
Nov. 10, 2024

First talk of @Rejekts is "Malicious Compliance Automated: When You Have 4000 Vulnerabilities and only 24 Hours Before Release" by Duffie Cooley (@mauilion) and Kyle Quest (not sure if they're on here).

3 3 1
Nov. 10, 2024

The GIF game in the opening slides for @Rejekts is strong

2 1 1
Oct. 12, 2024

My demo for the KubeCon talk I'm giving with @tgoodwin is..... like 50% working. Which is better than 0% working, but less good than actually working.

Anyways, I'm gonna be in SLC giving a KubeCon talk in a few weeks, come check out the hopefully-working demo!

3 0 1