Tuesday, July 2, 2024
Latest:
Computer NetworksNETWORKS

in-toto, with Santiago Torres-Arias

When is it safe to run software? When is it safe to drink orange juice? Are we a better judge of one or the other? Santiago Torres-Arias (https://twitter.com/torresariass) is an Assistant Professor at Purdue University, the team lead of the in-toto (https://in-toto.io/) project, and a contributor to The Update Framework (https://theupdateframework.io/) . He joins Craig (https://kubernetespodcast.com/about) to talk security in both physical and software supply chains.

Do you have something cool to share? Some questions? Let us know:

• web: kubernetespodcast.com (https://kubernetespodcast.com)

• mail: kubernetespodcast@google.com (mailto:kubernetespodcast@google.com)

• twitter: @kubernetespod (https://twitter.com/kubernetespod)
Chatter of the week

• Don’t Forget The Lyrics (https://en.wikipedia.org/wiki/Don%27t_Forget_the_Lyrics!_(American_game_show))

• Gettin’ Jiggy Wit It (https://www.youtube.com/watch?v=3JcmQONgXJM)

• Explained on Genius (https://genius.com/Will-smith-gettin-jiggy-wit-it-lyrics)

• Will Smith on Top Gear (https://www.reddit.com/r/TopGear/comments/5zkcs3/my_alltime_favorite_moment_clarkson_destroys_big/)

• The Oscars thing (https://www.youtube.com/watch?v=myjEoDypUD8) (CW: violence, cuss words that Will Smith didn’t used to have to rap to sell records)

• He’s The Greatest Dancer (https://www.youtube.com/watch?v=NDN5PD00CpQ) by Sister Sledge; written by Bernard Edwards and Nile Rodgers of Chic
News of the week

• New Cisco Intersight Kubernetes features (https://blogs.cisco.com/datacenter/cisco-accelerates-hybrid-cloud-operations-with-innovations-from-intersight-hyperflex-and-ucs-x-series?oid=pstcsm028767)

• Red Hat OpenShift v4.10 (https://cloud.redhat.com/blog/introducing-red-hat-openshift-4.10)

• ChaosNative acquired by Harness (https://harness.io/blog/news/chaosnative-is-joining-harness/)

• Azure PlayFab launches Thundernetes (https://playfab.github.io/thundernetes/)

• Episode 26, with Cyril Tovena and Mark Mandel (https://kubernetespodcast.com/episode/026-agones/)

• Hacker News commentary (https://news.ycombinator.com/item?id=30811847)

• Weave GitOps v2022-03 (https://www.weave.works/blog/march-release-2022-03-trusted-delivery)

• Qumulo for Kubernetes (https://qumulo.com/blog/qumulo-for-kubernetes/)

• SpectroCloud raises $40m (https://www.spectrocloud.com/news/spectro-cloud-closes-40m-series-b-round/)

• Pinterest: 99% to 99.9% SLO, high performance control plane (https://medium.com/pinterest-engineering/99-to-99-9-slo-high-performance-kubernetes-control-plane-at-pinterest-894bc8a964f9)

• Uber: Avoiding CPU throttling in a containerized environment (https://eng.uber.com/avoiding-cpu-throttling-in-a-containerized-environment/)
Links from the interview

• in-toto (https://in-toto.io/)

• The Update Framework (https://theupdateframework.io/)

• Purdue University (https://purdue.edu/)

• Elmore Family School of Electrical and Computer Engineering (https://engineering.purdue.edu/ECE)

• Purdue Boilermakers (https://en.wikipedia.org/wiki/Purdue_Boilermakers)

• Open Source Software Senior Design Projects (https://engineering.purdue.edu/ECE/Academics/Undergraduates/UGO/CourseInfo/courseInfo?courseid=783&show=true&type=undergrad)

• NYU (https://nyu.edu)

• Tandon School of Engineering (https://engineering.nyu.edu/)

• Justin Cappos (https://engineering.nyu.edu/faculty/justin-cappos)

• PolyPasswordHasher (https://pph.io/)

• Episode 155, with Priya Wadhwa (https://kubernetespodcast.com/episode/155-software-supply-chain-security/)

• apt-secure for Debian packages (https://wiki.debian.org/SecureApt)

• A keysigning (https://web.archive.org/web/20061208190156/http://www.keysigning.org/event/lca2006) and a signed PGP key (https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9AE9B6E4DBF5ED67)

• Farm to table attestation (https://dl.acm.org/doi/10.5555/3361338.3361435)

• Potato tracking (http://www.luckysod.co.nz/farmcode.html)

• An example of E. coli in lettuce (https://www.cdc.gov/ecoli/2018/o157h7-11-18/index.html)

• in-toto record (https://in-toto.readthedocs.io/en/latest/command-line-tools/in-toto-record.html)

• Project Trebuchet: How SolarWinds is Using Open Source to Secure Their Supply Chain in the Wake of the Sunburst Hack (https://www.youtube.com/watch?v=1-tMRxqMwTQ) by Trevor Rosen, Solarwinds

• Reflections on Trusting Trust (https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf) by Ken Thompso…

source

cisco academie

You May Also Like

Vwar S9 Ultra 3 Smart Watch Quick Overview: 4G Android System AMOLED Curved Screen Rotating Camera

HUAWEI PRICES UPDATE HUAWEI Y61,NOVA 10 SE,NOVA 11,NOVA 11i,Nova 11Pro,Mate 50 Pro,P60,Mate X3

Part 3: Adding DHCP Server

Alice AUSTIN