Twitter | Search | |
Tim Allclair
Kubernetes Security
75
Tweets
454
Following
922
Followers
Tweets
Tim Allclair 22h
We crammed a brief history of security (spoiler: CVE-2018-1002105 wasn't the first!), some big new features, and a few gnarly open issues into this 30-minute talk!
Reply Retweet Like
Tim Allclair Dec 17
¿Achievement Unlocked? Kubernetes CVE-2018-1002105 highlighted in my favorite security podcast - Episode #523 @ 34:45
Reply Retweet Like
Tim Allclair Dec 14
It was fun thinking up the attack paths for my talk, "Recent Advancements in Container Isolation". Check it out for a retrospective from the future!
Reply Retweet Like
Tim Allclair Dec 10
Here are the slides from and my talk: " Security through the ages". We've come a long way, but we're not done yet!
Reply Retweet Like
Tim Allclair Dec 5
In case you missed it, the recording of my KubeCon Shanghai 2018 talk "Layers of Isolation in " is now available.
Reply Retweet Like
Tim Allclair retweeted
Kubernetes Oct 10
Day 3️⃣ of our *5 Days of * series is now live, covering "Kubernetes v1.12: Introducing RuntimeClass" from 🔗
Reply Retweet Like
Tim Allclair Oct 12
Replying to @sszuecs @kubernetesio
I'm not sure. I think that could be implemented independently of RuntimeClass.
Reply Retweet Like
Tim Allclair Oct 1
Are you excited about security? Do you think container isolation is awesome? We're hiring!
Reply Retweet Like
Tim Allclair retweeted
Tim Pepper Sep 27
Busy day, but this happened Great work from a great open source community!
Reply Retweet Like
Tim Allclair Sep 26
I'll be speaking about "Recent Advancements in Container Isolation" at Seattle! DM me with topics you'd like to see covered.
Reply Retweet Like
Tim Allclair Sep 25
Take 2: I wrote a bookmarklet to navigate from a package on github to its godoc
Reply Retweet Like
Tim Allclair Sep 25
Replying to @ahmetb
Oh yeah, thanks for pointing that out. No code snippet functionality on twitter :(
Reply Retweet Like
Tim Allclair Sep 11
Replying to @riskybusiness
Cloud native ecosystem security, "serverless", and challenges of the hosted open source model.
Reply Retweet Like
Tim Allclair Sep 11
This looks oddly familiar...
Reply Retweet Like
Tim Allclair Jul 24
I'm excited to see long-term vision taking shape. So much awesome stuff is now built a layer up, with portability across clouds AND on-premise deployments.
Reply Retweet Like
Tim Allclair Jul 9
Woohoo! Inbox 0 for incoming PRs for the first time in waaay too long (sorry if you were blocked on me!)
Reply Retweet Like
Tim Allclair Jul 5
Nice list of GitHub organization hardening advice in 's postmortem. 2fa is a must if GitHub is in your supply chain!
Reply Retweet Like
Tim Allclair Jun 1
Replying to @rektide
Nothing wrong with attaching a git repo to a container, I just don't think gitRepo volumes are the right way to do it.
Reply Retweet Like
Tim Allclair Jun 1
Replying to @rektide
1) Kubelet calls git as root in the host namespaces, so lots of vulnerabilities. 2) InitContainers are basically designed for initializing volumes, we don't need a special volume type to copy in data.
Reply Retweet Like
Tim Allclair May 30
Another reminder to avoid GitRepo volumes in :
Reply Retweet Like