Later today at THcon, Florent Moriconi, Axel Neergaard, Lucas Georget, Samuel Aubertin and @aurelsec presented what started as an interesting fun student project: modifying a docker client to inject a payload while building a docker container, and then self replicating through CI.

Very interesting. but I have _concerns_ as it creates a *virus*, and is difficult to mitigate.

Maybe publish only when there's a fix? Detection methods?
#malware #ethics #research #thcon #conference

@cryptax blame ken Thomson for his 1984 Turing award inaugural lecture "Reflections on Trusting Trust" we only copied the idea to modern systems !

I guess since 1984, antivirus vendors had the time to think about the problem :)

https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf

@aurelsec lol no, that's a too easy answer, Aurélien, sorry. We're not talking about Ken Thomson's paper, but about Docker CI.