I had the privilege of being able to talk about what you can do to improve your Azure account security and improve the security posture of your workloads running on Azure as part of Microsoft For Startups’ Highway to a 100 Unicorns - Scale Up Thursdays webinar series. You can catch the video on demand by registering over at https://aka.ms/secgen. The slides are available on SpeakerDeck as well on my Talks section.

I recently published couple of articles elsewhere: How to Increase Container Security and Ward Off Threats - Adobe Tech Blog 5 OpenSource tools for container security - OpenSource.com Scanning Docker Images for Vulnerabilities with Aqua Microscanner - previously, on my blog Do give them a read.

I first spent weeks arguing on a bugzilla that the security policy of requiring the root password for changing the timezone and adding a new wireless network was moronic and wrong. I think the wireless network thing finally did get fixed, but the timezone never did - it still asks for the admin password. So here’s a plea: if you have anything to do with security in a distro, and think that my kids (replace “my kids” with “sales people on the road” if you think your main customers are businesses) need to have the root password to access some wireless network, or to be able to print out a paper, or to change the date-and-time settings, please just kill yourself now.

I’ve used find extensively and always wanted to writeup a nice post on this, but the linked post trumps my effort! Copy pasted from his blog, as the person’s allowed to do so. Also, as a general note - before using exec with the actual command, do preview it! ` —————————————————————————————— remove empty directories —————————————————————————————— find . -depth -type d -empty -exec rmdir ` —————————————————————————————— change various file attributes ——————————————————————————————

Forum post @ Unreal IRCD We found out that the Unreal3.2.8.1.tar.gz file on our mirrors has been replaced quite a while ago with a version with a backdoor (trojan) in it. This backdoor allows a person to execute ANY command with the privileges of the user running the ircd. The backdoor can be executed regardless of any user restrictions (so even if you have passworded server or hub that doesn’t allow any users in).

First up, if you haven’t read my previous post, go read it!

Now, after you’ve read the post, you people can get an idea as to how pissed off and frustrated I was. The following day, ie, Tuesday, I was determined to finish off the work come no matter what! So armed with my Cheque book, 2 pens(yeah, 2, just in case any one ran out of ink!). Left my Office at 5.45pm this day, as I’d decided to goto the Adyar branch. First up had to goto ATM as I had absolutely no cash. Thankfully, ICICI ATM is just opposite to the bus stop. After collecting the cash, I was wondering if I’d be as lucky as the previous day(well, in terms of gettings Share autos, you know!) and just as I was thinking about it a share auto comes along, but it was empty! Nevertheless I stop the auto, and tell him him “Adyar-ICICI Bank”.