virtualice is a user on octodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
virtualice @CobaltVelvet

That's the part of the containers way I just can't accept:

github.com/kubernetes/ingress/

1. Your ingress controller is a Google managed nginx image you have no guarantee on.
2. It downloads and run a binary from Github.

No hashs, no signatures; Google, GitHub, tini's owner and anyone pwning them could get a root shell in your setup and MITM everything without anyone noticing for some time.

· Web · 6 · 9
L’Auvergnat Breton 🧜‍♂️ @papey@mastodon.papey.fr

@CobaltVelvet wow, wtf.

virtualice @CobaltVelvet

I don't believe Google will ever do that or be pwnd, but I'm not so confident in GitHub's security for instance, and much less in tini's owner.
How many servers can you own with a single GitHub account? Correct answer is "what the fuck".

Haelwenn /ɛlwən/ 🖳 @lanodan_tmp@pouet.it

@CobaltVelvet Is “too many” a good answer too ?

virtualice @CobaltVelvet

@lanodan_tmp no you have to say "what the fuck" out loud

Haelwenn /ɛlwən/ 🖳 @lanodan_tmp@pouet.it

@CobaltVelvet Ok, actually I just done that reading the CVE RSS feed…

:001: Software Archaeologist @dashie@oldbytes.space

@CobaltVelvet google pwned no, but the account used to push containers to the registry may...

octodon.social powered by Mastodon