People

Why data scientists shouldn’t need to know Kubernetes
I 100% agree with this. At most, a data scientist should be able to make a working Dockerfile that needs hardening and careful inspection.

Facebook aware of Instagram’s harmful effect on teenage girls, leak reveals
Facebook isn’t a good company rarely that acts in the best interests of its users. They have a market cap over $1 trillion and their stock is still soaring to new heights. We should be actively encouraging people to delete Facebook affiliated tools from their lives.

Management platform for Infrastructure as Code Automation and Collaboration
See how env0 automates and simplifies the provisioning of cloud deployments for Terraform, Terragrunt and GitOps workflows. Variables and Secrets granularity, Full CLI support, integration with OPA, Dynamic RBAC and quality of life features. Free Demo SPONSORED

Pay Transparency Is Coming, and Employers Are Terrified
A great reckoning is coming. Us knowing each others’ salaries is a good thing.

Some of the most iconic 9/11 news coverage is lost. Blame Adobe Flash
Flash strikes history.

Anonymous leaks gigabytes of data from alt-right web host Epik
Play stupid games, win stupid prizes.

Process

UN Breach Highlights Escalation of Cyber Threats
“Hackers have been inside the United Nations network for months. According to a report from Bloomberg, stolen credentials of a UN employee were sold on the Dark Web for as little as $1,000. The report claims that Russian-speaking cybercriminals sold access to the UN systems for months—from April through August of 2021.”

Creating Chaos to Achieve Reliability
How can creating chaos achieve better reliability? Chaos and reliability might seem mutually exclusive, but through the use of Chaos Engineering, SREs can bring about meaningful changes to system resiliency. SPONSORED

PHP maintains an enormous lead in server-side programming languages
Wordpress is a great example of a PHP-based CMS. Drupal is another example. PHP is a great language for server-side programming and is widely used still.

The passwordless future is here for your Microsoft account
You have to download the Microsoft Authenticator app.

Tech industry braces for skyrocketing rare earth prices
If you don’t know much about rare earths, I suggest you spend some time investigating the market.

Tools

CVE-2021-25741: Symlink Exchange Can Allow Host Filesystem Access · Issue #104980 · kubernetes/kubernetes
“A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem. This issue has been rated High (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), and assigned CVE-2021-25741.”

Learn about leveraging the right type of AWS IAM policy mechanisms to build the responsibility separation between the “central” team and the individual “development” team. SPONSORED

Crossplane is now a CNCF Incubating project
Congrats to the Crossplane team!

CNCF Promotes GitOps Tool Flux to Incubated Status Congrats to the Flux team!

Results of Kubernetes Adoption Survey Show it’s Everywhere
“94% of survey participants are using Kubernetes in production.” I don’t think it’s that high industry wide but, that’s still a lot of K8s.

StackRox Office Hours (E3): Kubernetes Network Policies
“An important step in securing Kubernetes is reducing the attack surface by enabling network policies. But it’s easy to make mistakes in building those YAML files.” This was a fun episode.

Linux 5.15 Delivers Many Features With New NTFS Driver, In-Kernel SMB3 Server, New Hardware
What a time to be alive. An in-kernel SMB3 server AND an NTFS driver. 1998 me is blown away.

WTF? Microsoft makes fixing deadly OMIGOD flaws on Azure your job
“Customers must update vulnerable extensions for their Cloud and On-Premises deployments as the updates become available per schedule outlined in table below.” Microsoft should be smarter than this.

Certs Magic with Walid Shaari

kube-vip/kube-vip
“Kubernetes Control Plane Virtual IP and Load-Balancer”

roshan8/slo-tracker
“A tool to track SLA, SLO and Error budgets”

DevOps’ish Tweet of the Week

🌈 Andrew Bennett ☄️ (@TheRealBnut) on Twitter: “It is decided. Instead of internal wikis/confluence/etc, big business will now hire bards who wander from team to team to teach the lore.”

Want more? Be sure to check out the notes from this week’s issue to see what didn’t make it to the newsletter but are still worth your time.