a tumblelog
Mon 29 Mar 2021

Dropping hashes

There exists an idiom called “dropping a hash” which is widely understood in the security community and not widely understood elsewhere. Somewhat surprisingly, there does not appear to be a canonical explanation. I have dropped hashes before and wrote this up to explain the significance of it to non-specialists.

Source: Dropping hashes: an idiom used to demonstrate provenance of documents, an article by Patrick McKenzie.

VPN over SSH? The SOCKS Proxy

Some resources on the internet might be only accessible from clients with particular IP addresses. For example, suppose you want to download a paper published in a journal purchased by your university. In that case, you have to connect to the journal’s website from a computer with an IP address that belongs to your university. If you are working at home, it is well-known that you may connect to the university’s VPN such that your IP address will be disguised as a campus’s IP address that allows you to download the paper paid by your university. However, it is not always possible to use VPN provided by your school. For instance, some VPN requires special client software, which may not support OS like Linux. Is there any simple alternative solution to VPN? The answer is YES if you can SSH to a server running with a university’s IP address, e.g., a workstation running in your laboratory.

Source: VPN over SSH? The SOCKS Proxy, an article by Cory Chu.

10 Kubernetes Security Context settings you should understand

Securely running workloads in Kubernetes can be difficult. Many different settings impact security throughout the Kubernetes API, requiring significant knowledge to implement correctly. One of the most powerful tools Kubernetes provides in this area are the securityContext settings that every Pod and Container manifest can leverage. In this cheatsheet, we will take a look at the various securityContext settings, explore what they mean and how you should use them.

Source: 10 Kubernetes Security Context settings you should understand, an article by Eric Smalling and Matt Jarvis.