This is a little crazy but apparently we don’t have a good way to verify sha256 digests of public images in docker hub. Related thread is here: https://github.com/docker/hub-feedback/issues/1925 and also this stackoverflow is useful: https://stackoverflow.com/questions/57316115/get-manifest-of-a-public-docker-image-hosted-on-docker-hub-using-the-docker-regi . Problems in the nutshell: Publicly displayed digests on docker hub UI do not match those seen when pulling images… Continue reading No good way to verify public image sha256 in docker hub – security concern
Author: taleodor
DevOps, DataOps in 2020 – Tectonic Shift
2020 is a remarkable year because how the things are going in DevOps and DataOps fields. Also let me mention DataOps challenges I listed a year ago here. To see where we are now I remind you of DORA’s State Of DevOps 2019 report (get your copy here if you haven’t done so yet) –… Continue reading DevOps, DataOps in 2020 – Tectonic Shift
My talk at OWASP Ottawa on SSH Security
Gene Kim’s “The Unicorn Project” – my view
“The Unicorn Project” by Gene Kim finally became generally available last week, and I took couple of days while stuck in Toronto to read it. The book describes same events as the DevOps classic – Gene Kim’s “The Phoenix Project”. At least because of that “The Unicorn Project” was a must read in the top… Continue reading Gene Kim’s “The Unicorn Project” – my view
No-frills secret sharing with openssl
Motivation Sometimes we need to share a secret with a colleague, and frequently it’s a hassle to do so securely. Worst options include people simply sending plain-text secrets over email or slack. Better, if this is some sort of encrypted email service like ProtonMail, but still it’s a fairly brittle way if we’re dealing with… Continue reading No-frills secret sharing with openssl
PostgreSQL Fatal – semctl crash and user id
Recently spent over a week in total (maybe 2 days net time) to realize that I was hitting this postgres bug – https://bugs.launchpad.net/ubuntu/+source/postgresql-9.5/+bug/1649877 . Documenting this just in case for the future, as it was pretty non-trivial to find that this was the issue I had. The weird part was that it started happening maybe… Continue reading PostgreSQL Fatal – semctl crash and user id
My 3-minute fire pitch of Reliza @ InvestOttawa
I was giving this pitch yesterday, it was a great atmosphere at Invest Ottawa and ton of positive emotions. Reliza is about bringing and reinforcing common sense into software releases and it’s very exciting to be part of this project! Slide in good quality is here: https://www.slideshare.net/PavelShukhman/reliza-3minute-fire-pitch-one-slide-pavel-shukhman-investottawa
2 nice tools for drawing cloud diagrams
Was looking for something like that for a while, and saw today these 2 nice tools that help create and visualize cloud architectures: 1. cloudcraft.co – more mature and nicer, but AWS only 2. cloudmaker.ai – new, more issues, pros: has unlimited grid on free tier and support for all 3 – Azure, AWS, GCP,… Continue reading 2 nice tools for drawing cloud diagrams
Machine-learning based research on cancer-beating molecules in foods
Very interesting read – https://www.nature.com/articles/s41598-019-45349-y And here is resulting visualization chart of cancer-beating molecules in foods from this research:
YubiKey for SSH on Windows: Complete Walkthrough
Update: Watch my talk at OWASP Ottawa discussing SSH security (gives perspective to this walkthrough). Also if you are looking for a Linux or Chrome OS setup, look here. At Reliza we are switching to using YubiKeys for our SSH authentication which is possible via PGP encryption. This guide is for Windows and using SSH… Continue reading YubiKey for SSH on Windows: Complete Walkthrough