Last week, we hosted a containerd summit for contributors and maintainers. Containerd is a core container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision, snapshot storage for container filesystems and a few other things to make the management of containers robust.
We started off by getting everyone up to speed on the project, roadmap and goals before diving down into specific issues and design of containerd. We had a couple breakout sessions where we discussed blocking issues and feature requests by various members of the community. You can see a summary of the breakout sessions in last week’s development report in the containerd repository and the various presentations below:
We ended the day with discussions around governance and extension model. Watch this video recording to learn more about why and how core contributors are thinking about integrating containerd with other Continue reading
Most engineers focus on purely technical mechanisms for defending against various kinds of cyber attacks, including “the old magic bullet,” the firewall. The game of cannons and walls is over, however, and the cannons have won; those who depend on walls are in for a shocking future. What is the proper response, then? What defenses are there The reality is that just like in physical warfare, the defenses will take some time to develop and articulate.
One very promising line of thinking is that of active defense. While the concept is often attributed to some recent action, active defense has been one form of warfare for many centuries; there are instances of what might be called active defense outlined in the Bible and in Greek histories. But it is only recently, in light of the many wars around Israel, that defense in depth has taken on its modern shape in active defense. What about active defense is so interesting from a network security perspective? It is primarily this: in active defense, the defender seeks to tire an attacker out by remaining mobile, misdirecting the attacker, and using every opportunity to learn about the attacker’s techniques, aims, and resources to reflect Continue reading
That was the question Bruce Schneier and I were asked by Craig Spietzle of the Online Trust Alliance (OTA) during a panel he moderated recently at the RSA conference.
My answer to that question was “an unequivocal yes!” Below is the longer answer. The key lies in accountability.