Falco founder: Kubernetes security has to do better than “don’t worry – OH MY GOD”
It’s almost a year since Sysdig’s behavioral activity monitoring tool Falco entered the sandbox of the Cloud Native Computing Foundation (CNCF). We talked to the company’s new chief open source advocate Kris Nova and co-founder Loris Degioanni to check in about the project’s progress and talk about the state of Kubernetes security and open source licensing in general.
Falco was first introduced to the public back in May 2016. It’s no secret that security wasn’t exactly a top priority when Kubernetes was developed, so Falco was set up to tackle some of the challenges the orchestrator introduced to the modern infrastructure stack.
Moving the project into the CNCF in October 2018 was the logical next step for Degioanni. “In order to be cloud-native and to actually be placed as a part of the stack of the next generation of infrastructures, you want to be part of the CNCF nowadays.”
But the foundation has strict rules on what projects must do to make it to the next stage, so the first months in the sandbox were mostly spent setting up processes and work on Falco’s own infrastructure. With Nova, who spent quite some time on the Kubernetes project, now on board, this trajectory is likely to continue.
Australian not-for-profit's encryption solution to privacy breaches
One of the main aspects of addressing or curing the privacy breach epidemic is to gain back control and management over personal data. Where we see the aspect of giving back consumer some control, all of the control, and the accountability for their personal data that's stored on digital space, and what we developed is a set of tools that allows an entire economy of consumers, businesses and marketers to interact in harmony and in a way move the world to a more privacy aware interaction.
Open source breach and attack simulation tool Infection Monkey gets new features
Guardicore, a leader in internal data center and cloud security, unveiled new capabilities for its Infection Monkey that make it the industry’s first Zero Trust assessment tool.
Patch now: 1,300 Harbor cloud registries open to attack [Ed: What they mean by “open to attack” is “needs patching”. Typical ZDNet.]
KMyMoney 5.0.7 released
The KMyMoney development team today announces the immediate availability of version 5.0.7 of its open source Personal Finance Manager. This release becomes necessary due to the new regulations of the PSD2 which affects the online banking availability for German users. To make KMyMoney compatible with them, especially the Strong Customer Authentication part, KMyMoney had to be adapted to updated APIs of the Gwenhywfar and AqBanking libraries which provide the banking protocol implementations. KMyMoney now requires a Gwenhywfar minimum version of 4.99.16 and an AqBanking version of 5.99.32. Also in KDE right now: Roman Gilg: Political activism in KDE [Ed: Gilg is wrong. Climate change is science. It is not politics. AstroTurfing by oil giants tried for decades to warp it into a partisan 'political identity issue'.]
Lennart Talks Up systemd's SD-Boot + Boot Loader Specification
In addition to announcing systemd-homed for better user home directories, Lennart Poettering also used this year's All Systems Go conference to drum up support for systemd's boot efforts around SD-Boot and the Boot Loader Specification. systemd-boot/sd-boot is systemd's UEFI boot manager formerly known as Gummiboot. SD-Boot continues picking up new functionality and at least optional usage by more distributions. The Systemd Boot Loader Specification (also known as the FreeDesktop.org Boot Loader Specification) meanwhile is trying to assist use-cases around dual/multi-boot operating system setups and related use-cases with drop-in file handling, standardized configuration files and the like.
today's howtos
Games Leftovers
