Stream: shipit

Topic: 122: Linux distros


view this post on Zulip Jerod Santo (Sep 20 2024 at 17:01):

:link: https://shipit.show/122

uBlue is trying to build the world's best Linux experience for developers and gamers. Jorge Castro joins Justin & Autumn to tell us how it's going.

view this post on Zulip AJ Kerrigan (Sep 20 2024 at 17:23):

I know which episode is jumping to the front of my queue. Fun topic, and Jorge rocks :thumbs_up:

view this post on Zulip Maarten Hazewinkel (Sep 23 2024 at 07:19):

On the outro topic of being able to extract some keys from a Yubikey, I don't think that it really invalidates the current Yubikey (the 'vulnerable' ones) as a good security measure.

Firstly, as I understand it, the process is quite involved, since you need both the normal login credentials and the physical key to do it, as well as a bunch of specialised equipment.
The security model for something like a Yubikey is based on using something that you can secure like a physical item so that it cannot be hacked remotely. This is still true.

I heard about this on a security podcast (https://risky.biz) and both I and they agree that it's a very interesting and cool technical demonstration, but very hard to make practical us of.
Also, they came back to it a week later after realising that if you need to steal the physical key anyway, why not use that directly instead of extracting the cryptographic key. If you want to cover your tracks, just leave a defective Yubikey of the same model behind and the user will almost certainly assume that it's just broken for some reason.

view this post on Zulip Andrew O'Brien (Sep 23 2024 at 12:18):

I want pictures of Justin’s travel Kube

view this post on Zulip Justin Garrison (Sep 25 2024 at 15:20):

The build log with pictures is at justingarrison.com/cubernetes

view this post on Zulip Andrew O'Brien (Sep 25 2024 at 16:11):

Oh nice! Now I think I remember seeing this a couple years ago.

view this post on Zulip René (Sep 25 2024 at 18:11):

I really like the idea of the OS only providing the very basics to have a running system, just like containers.

Once my fedora fails me, I will definitely switch over to bluefin.

view this post on Zulip Justin Garrison (Oct 07 2024 at 01:49):

You’d probably love talos (what I work on) for Kubernetes. I’m so spoiled to have the OS be completely API defined and integrated with k8s


Last updated: Dec 12 2024 at 15:17 UTC