I am a Developer Advocate for Security in Mobile Apps and APIs at approov.io.
Another passion is the Elixir programming language that was designed to be concurrent, distributed and fault tolerant.
Location
Scotland
Education
Self teached Developer
Work
Developer Advocate for Mobile and API Security at approov.io
With containers the security of what is running inside of them may have declined because Developers are now tasked with something that shouldn't be for them to do... at least in a professional level.
Infrastructure is not for developers, but for DevOps, thus the later ones should be the ones creating the Container Stack to be used across development and production.
Trying to be the jack of all ends up in being the Jack of none and in the end Security is sacrificed, because no one can be the master of all.
NOTE:
Thanks for the link, but please next time put (pdf) so that we know we are opening a potential dangerous target... don't trust blindly in PDF's.
Striving to become a master Go/Cloud developer; Father ๐จโ๐งโ๐ฆ; ๐ค/((Full Stack Web|Unity3D) + Developer)/g; Science supporter ๐ฉโ๐ฌ; https://coder.today
I agree, me as a Dev I rely on the devops to do those stuff for me and fix/consult if I did a mistake. I happen to know few more things because I have a passion for these sort of things (cloud, docker..) but is not my call to decide in the end.
PDF's can harm the browser? I presume some attacks can happen if opened by a full-capable reader, but I think the browser is limited, or not?
I am a Developer Advocate for Security in Mobile Apps and APIs at approov.io.
Another passion is the Elixir programming language that was designed to be concurrent, distributed and fault tolerant.
Location
Scotland
Education
Self teached Developer
Work
Developer Advocate for Mobile and API Security at approov.io
Well any site you visit can exploit vulnerabilities in the browser to compromise your computer. So always suspect of sites that keep spinning after all content have been loaded.
With containers the security of what is running inside of them may have declined because Developers are now tasked with something that shouldn't be for them to do... at least in a professional level.
Infrastructure is not for developers, but for DevOps, thus the later ones should be the ones creating the Container Stack to be used across development and production.
Trying to be the jack of all ends up in being the Jack of none and in the end Security is sacrificed, because no one can be the master of all.
NOTE:
Thanks for the link, but please next time put (pdf) so that we know we are opening a potential dangerous target... don't trust blindly in PDF's.
I agree, me as a Dev I rely on the devops to do those stuff for me and fix/consult if I did a mistake. I happen to know few more things because I have a passion for these sort of things (cloud, docker..) but is not my call to decide in the end.
PDF's can harm the browser? I presume some attacks can happen if opened by a full-capable reader, but I think the browser is limited, or not?
Well any site you visit can exploit vulnerabilities in the browser to compromise your computer. So always suspect of sites that keep spinning after all content have been loaded.
Regarding PDF's exploits see this article