cR0w Jun 18
Looks like today's theme is
Show threadBilly O'NealJun 18
@cR0w @catsalad can I have more patching of systems hosting arbitrary users from the internet in exchange for less patching of my build docker containers with no inbound network access that live for 10 minutes? 😅
Show threadcR0w Jun 18
@malwareminigun @catsalad deal
Show threadBilly O'NealJun 18
@cR0w @catsalad brb telling the compliance people at work “but @crow said…”
Show threadcR0w Jun 18
@malwareminigun @catsalad @crow Be sure to record that conversation. 😆
Show threadCatSalad🐈🥗 (D.Burch) 
@cR0w @malwareminigun @crow This shirt, but with cR0w
Jun 18 at 6:04pmWeb
Show threadcR0w Jun 18
@catsalad @malwareminigun It's like the Ron Swanson permission slip.
Show threadJim FlanaganJun 18
@catsalad @cR0w @malwareminigun @crow Do we care what Infosec says? Are we caring about that?
Show threadBilly O'NealJun 18

@jimfl @catsalad @cR0w I can assure you that our compliance folks VERY MUCH care about that. And have automated scanners that look at our container registries and scream at us if any tag isn't patched.

(To be clear, I agree with this behavior by default. I just wish there was a distinction between 'build lab' containers and 'web serving' containers because those are very different threat environments)

Show threadcR0w Jun 18
@malwareminigun @jimfl @catsalad INFOSEC says they are not different. Everything must be patched. Now. Do it. What are you waiting for? Go patch.
Show threadBilly O'NealJun 18
@cR0w @jimfl @catsalad But INFOSEC also says 'we want reproducible builds' . I make one group happy I just piss the other one off
Show threadcR0w Jun 18
@malwareminigun @jimfl @catsalad For real, the struggle is legit.
Show threadDatalineJun 19
@catsalad @cR0w @malwareminigun @crow bro where can i get this shirt