| Tweetovi |
|
Eric Chiang
@erchiang
|
9 h |
|
pab's the best just for putting up with the jokes
|
||
|
|
||
|
Eric Chiang
@erchiang
|
10 h |
|
Making this joke is basically a significant portion of our team meetings twitter.com/IanColdwater/s…
|
||
|
|
||
| Eric Chiang proslijedio/la je tweet | ||
|
foone
@Foone
|
31. sij |
|
I like the ones you can set on crushed ice, so you can have minikubes
|
||
|
|
||
|
Eric Chiang
@erchiang
|
31. sij |
|
I clearly need to get this ice machine (via @__weeks__)
kold-draft.com/products/gt350… pic.twitter.com/ynpHuMktBl
|
||
|
|
||
| Eric Chiang proslijedio/la je tweet | ||
|
Elie Bursztein
@elie
|
30. sij |
|
Say hello to OpenSK: a fully open-source security key implementation - security.googleblog.com/2020/01/say-he… #FIDO
|
||
|
|
||
| Eric Chiang proslijedio/la je tweet | ||
|
bletchley punk
@alicegoldfuss
|
29. sij |
|
when insta models get you to buy makeup they’re called influencers, but when tech bros get you to buy kubernetes they’re called thoughtleaders 🤔🤔🤔
|
||
|
|
||
| Eric Chiang proslijedio/la je tweet | ||
|
Dmitry Vyukov
@dvyukov
|
21. sij |
|
Week has passed...
If you said 20+ you were right. 30 on dashboard (open+pending)
syzkaller.appspot.com/upstream#open
My local instance has 70(!):
gist.githubusercontent.com/dvyukov/80548b…
All reachable by unpriv users
That's not all. To find more we need to fix these first, otherwise it just keep crashing twitter.com/dvyukov/status…
|
||
|
|
||
|
Eric Chiang
@erchiang
|
17. sij |
|
Funner fact: I'm an idiot, but there's still no better group than the @coreos alumni. Congrats again, Stephen!
|
||
|
|
||
| Eric Chiang proslijedio/la je tweet | ||
|
Stephen "PEAK :bash_fire:" Augustus
@stephenaugustus
|
17. sij |
|
Completely over the moon to announce that I'll be serving as a Program Co-Chair for #KubeCon / #CloudNativeCon, along with @ccaramanolis, starting at KubeCon Shanghai 2020.
This community and the people in it mean the world to me, so I'm truly humbled by the opportunity!
|
||
|
|
||
|
Eric Chiang
@erchiang
|
17. sij |
|
If you're looking for who to bribe to get a kubecon talk accepted, look no further.
|
||
|
|
||
|
Eric Chiang
@erchiang
|
17. sij |
|
Shout out to @stephenaugustus who's been kill it lately and is going to be a program co-chair for #kubecon 2020 events.linuxfoundation.org/kubecon-cloudn…
|
||
|
|
||
| Eric Chiang proslijedio/la je tweet | ||
|
Maya Kaczorowski
@MayaKaczorowski
|
15. sij |
|
Today is my last day @googlecloud. It's been real. Encrypting all the things, securing the containers, kicking ass and taking names.
I'll miss the intelligent and kind people, the huge impact, the crazy scale, and the tacos 🌮.
Will share more on what's next when I'm ready 😊 pic.twitter.com/IXgg3QK1hl
|
||
|
|
||
| Eric Chiang proslijedio/la je tweet | ||
|
Maya Kaczorowski
@MayaKaczorowski
|
14. sij |
|
Excited to see the launch of the new Kubernetes bug bounty!!!
kubernetes.io/blog/2020/01/1… pic.twitter.com/OR12XAQmVx
|
||
|
|
||
|
Eric Chiang
@erchiang
|
13. sij |
|
There are a handful of apps that need operators (e.g. databases). For the rest, please, please provide an option to deploy from static manifests. If a component requests permissions to create RBAC cluster roles and bindings, how can a security reviewer reasonably assess that?
|
||
|
|
||
|
Eric Chiang
@erchiang
|
13. sij |
|
Things learned last week: Kubernetes operators are a huge pain for security reviews. You basically have to reverse engineer the app to figure out what holes it'll open in your cluster.
|
||
|
|
||
|
Eric Chiang
@erchiang
|
8. sij |
|
Back in my day, all we had was ABAC.
|
||
|
|
||
|
Eric Chiang
@erchiang
|
7. sij |
|
Writing's so much easier when I get to include a code block every few sentences too 😛
|
||
|
|
||
|
Eric Chiang
@erchiang
|
6. sij |
|
Wrote something personal, but figured I'd post it here. Hovering around 1000 followers, I don't want to give anyone the impression that I've got everything figured out. "Keep it Simple, Stupid" ericchiang.github.io/post/kiss/
|
||
|
|
||
| Eric Chiang proslijedio/la je tweet | ||
|
Tim Allclair
@tallclair
|
2. sij |
|
Linux user namespaces do a lot more than just remapping user & group IDs. This is the best overview I've seen: man7.org/conf/meetup/un…
|
||
|
|
||
|
Eric Chiang
@erchiang
|
2. sij |
|
Also, if you've ever wondered what my team does, I gave a talk at the Linux Security Summit last year about some of the problems we tackle, and how we go about solving them.
youtube.com/watch?v=Qqp_pb…
|
||
|
|
||