fsebugoutzone.org:9999

       Post 9hiexa5f2cIf28Ulua by kylerankin@mastodon.social
 (DIR) More posts by kylerankin@mastodon.social
 (DIR) Post #9hidrj94MWIhQQjae8 by kylerankin@mastodon.social
       2019-04-12T03:45:48Z
       
       1 likes, 2 repeats
       
       This post-mortem of today&#39;s Matrix prod compromise is great for its transparency and cautious response. Also a clear demonstration why dev infrastructure (Jenkins or otherwise) should not be allowed to access prod. #keepemseparated #infosec #devops https://matrix.org/blog/2019/04/11/security-incident/index.html
       
 (DIR) Post #9hiexa5f2cIf28Ulua by kylerankin@mastodon.social
       2019-04-12T03:51:09Z
       
       1 likes, 0 repeats
       
       @kylerankin Takeaway 1: Matrix response to take down prod, rebuild from scratch in relatively short order, is commendable and all orgs should be aim to be able to do the same in similar circumstances.
       
 (DIR) Post #9hiexaQZmr1w50HTVo by kylerankin@mastodon.social
       2019-04-12T03:54:29Z
       
       0 likes, 1 repeats
       
       @kylerankin 2: Many #devops orgs deploy to prod straight from CI. Jenkins is red team gold. Always separate dev/prod completely. Dev access should never lead to prod access.
       
 (DIR) Post #9hipj3Mt0I8IzNpMf2 by kylerankin@mastodon.social
       2019-04-12T04:01:02Z
       
       0 likes, 0 repeats
       
       @kylerankin 2a: One approach is CI signing/shipping code to dev repo, admin logs into prod to trigger prod pkgs sync from dev to prod. Make attacker have to backdoor the code itself.
       
 (DIR) Post #9hipj3aiAtBxgGIPD6 by kylerankin@mastodon.social
       2019-04-12T04:05:54Z
       
       0 likes, 0 repeats
       
       @kylerankin 3: Great early post-mortem given circumstances. Affected servers, what attackers did, what Matrix did, what users should do, timelines, promises of more detail later.
       
 (DIR) Post #9hipj3oXLUFcN8lRlA by maryjane@social.coletivos.org
       2019-04-12T05:59:42Z
       
       0 likes, 0 repeats
       
       @kylerankin it seems it&#39;s still not over. or at least something very strange is going on in matrix website.matrix.org
       
 (DIR) Post #9hjWzGvAg5KDgXqOPY by mathew@mastodon.social
       2019-04-12T14:04:27Z
       
       0 likes, 0 repeats
       
       @maryjane @kylerankin I can&#39;t log in using Riot.im in order to change my password, so I think things are still broken.