Containers Gone Wild – CF053

Posted on by

This week Christian and Jim dive into the “doomsday” (dramatic much?) cyber event of 2019 — escaping Docker containers! Formally known as CVE-2019-5736, we dive deep on the technical research undertaken by Dragon Sector to take advantage of Linux namespaces in order to reveal the larger discovery and exploit and what it means for the industry. We cover it from the average guy angle as well, and include discussions on use cases for classic virtualization strategies compared to containerization. We leave some food for thought for next time on how machine learning techniques are impairing methodologies for scientific validation of original research.

Audio Only
1x
Apple PodcastsGoogle PodcastsPlayer EmbedShareLeave a ReviewListen in a New WindowDownloadSoundCloudStitcherSubscribe on AndroidSubscribe via RSSSpotifyAudioboomSpreakerOther Options

Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future!   Christian Johnson will bring fresh and relevant topics to the show based on the current work he does.

Support the Average Guy: https://www.patreon.com/theaverageguy

WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at http://theAverageGuy.tv/subscribe

You can contact us via email at jim@theaverageguy.tv

Full show notes and video at http://theAverageGuy.tv/cf053

Podcast, Cyber Frontiers, AI, Kai-Fu Lee, Robots, Super Bowl, Machine Learning

RedHat CVE Report Summary:

https://access.redhat.com/security/cve/cve-2019-5736

Original Research by Authors of Exploit Used to Guide Show Conversation:

https://blog.dragonsector.pl/2019/02/cve-2019-5736-escape-from-docker-and.html

An Industry Security Summary on the Exploit:

https://www.tenable.com/blog/cve-2019-5736-exploits-the-common-runc-container-binary-to-escape-to-host

The media loved using “doomsday” to characterize this incident. Somehow we missed that terminology for Spectre and Meltdown?:

https://www.theregister.co.uk/2019/02/11/docker_container_flaw/

The machine learning challenge of our time… food for thought!:

https://futurism.com/machine-learning-crisis-science

 

Contact Christian: christian@theaverageguy.tv

Contact the show at jim@theaverageguy.tv

Music courtesy of Ryan King. Check out the Die Hard Cafe band and other original works at:
http://diehardcafe.bandcamp.com/http://cokehabitgo.tumblr.com/tagged/my-music