I currently work as a DevOps and I am trying to move my carrer into #infosec
Hello from planet earth! 🚀
| blog | https://jesusortega.dev |
Let's try this:
Hello. My name is Bear. (Seriously, it's my legal last name.) I'm an #InformationTechnology pro with around 30 years of experience spanning a broad range of categories. My most recent job titles include System Administrator, Desktop Administrator, and IT Administrator. I've worked at MIT, Harvard Business Publishing, IBM, and VMware.
I've been unemployed for over a year in this awful tech job market. Hire me. Seriously. I’m worth it.
DM me for my PDF resume.
Ok people interested in #photography and #cybersecurity hear me out.
Make all the cameras have a standard where you can upload your pgp private key. So that every photo is signed with it (if we can add the timestamp to the signature itself can be very helpful) so that way photographers can show ownership of photos.
As an added bonus, maybe by the photos being signed we can stop such photos to be used in the pool of AI.
I am sure I’m not the first one ever to think of this, I just thought it was cool.
What do you guys think?
I think a LOT of people are missing the fact that we got LUCKY with this malicious backdoor.
The backdoor was created by an Insider Threat - by a developer / maintainer of various linux packages. The backdoor was apparently pushed back on March 8th (I believe) and MADE IT PAST all QA checks.
Let me state that again. Any quality assurance, security checks, etc., failed to catch this.
This was so far upstream, it had already gotten into the major Linux distributions. It made it into Debian pre-release, Fedora rolling, OpenSUSE rolling, Kali rolling, etc.
This is an example of Supply Chain Security that CISOs love to talk and freak out about. This is an example of an Insider Threat that is the boogey man of corporate infosec.
A couple more weeks, and it would have been in many major distributions without any of us knowing about it.
The ONLY reason we know about it is because @AndresFreundTec got curious about login issues and some benchmarking checks that had nothing to do with security and ran the issue down and stumbled upon a nasty mess that was trying to remain hidden.
It was luck.
That's it. We got lucky this time.
So this begs the question. Did the malicious insider backdoor anything else? Are they working with anyone else who might have access to other upstream packages? If the QA checks failed to find this specific backdoor by this specific malicious actor, what other intentional backdoors have they missed?
And before anyone goes and blames Linux (as a platform or as a concept), if this had happened (if it HAS happened!!!) in Windows, Apple, iOS, etc.... we would not (or will not) know about it. It was only because all these systems are open source that Andres was able to go back and look through the code himself.
Massive props and kudos and all the thank yours to Andres, those who helped him, to all the Linux teams jumping on this to fix it, and to all the folks on high alert just before this Easter weekend.
I imagine (hope) that once this gets cleaned up, there will be many fruitful discussions around why this passed all checks and what can be changed to prevent it from happening again.
(I also hope they run down any and all packages this person had the signing key for....)
all the wayToday I realized that I restored the wrong backup on the DB.
Less than 20 items were missing but I will get them back manually.
My coworkers and boss were really nice about it. Today is a lesson.
take on hard projects
Permalink: https://wizardzines.com/comics/take-on-hard-projects/
JesusO.
Artair Geal 
HcInfosec
nixCraft 🐧
Tinker ☀️
Book
Julia's Reruns Bot