I enjoy her series; as well as the “What’s Eating Dan” one. The regular ATK show is okay; it’s still quality content, but the delivery feels too fake for me.

Use a secret manager?

Cert is a secret, add a small agent to your containers that pings your secret manager and gets back the current cert. Then saves / imports it (or whatever is appropriate).

Check out Fez if you haven’t already. Also Tunic does a great job of starting out basic & breaking precedent.

The reality of Texas green energy is so detached from the political rhetoric from politicians… The state making the most wind energy has leaders in the capital demonizing it while the state finances (and citizens) clearly benefit. I wish the voters of Texas paid more attention and called out such obvious gaslighting :(

Our suburbs are the most suburban.

We do have better Indian and Ethiopian food for what that’s worth.

Since the other reply was unhelpful: apps are supposed to have limited privileges and isolation from each other, yes… But the whole point of malware like this is that they figure out ways to break those restrictions and get escalated privileged.

You can get more technical detail from reading the report, in this case it looks like the app does not contain malware, but instead requests an update after install that contains the bad code and then breaks the app limitations and scans for the target banking applications and copies the security certificates.

*Senator

“The goal is to make the town progress by improving the resilience of its inhabitants,”

Sounds a bit like Stardew Valley?

I’d suggest Podman over docker if someone is starting fresh. I like Podman running as rootless, but moving an existing docker to Podman was a pain. Since the initial docker setup was also a pain, I’d rather have only done it once :/

For me the use case of K8s only makes sense with large use cases (in terms of volume of traffic and users). Docker / Podman is sufficient to self-host something small.

The average number of legs per person is less than two…