19 min listen
in-toto, with Santiago Torres-Arias
in-toto, with Santiago Torres-Arias
ratings:
Length:
42 minutes
Released:
Mar 30, 2022
Format:
Podcast episode
Description
When is it safe to run software? When is it safe to drink orange juice? Are we a better judge of one or the other? Santiago Torres-Arias is an Assistant Professor at Purdue University, the team lead of the in-toto project, and a contributor to The Update Framework. He joins Craig to talk security in both physical and software supply chains.
Do you have something cool to share? Some questions? Let us know:
web: kubernetespodcast.com
mail: kubernetespodcast@google.com
twitter: @kubernetespod
Chatter of the week
Don’t Forget The Lyrics
Gettin’ Jiggy Wit It
Explained on Genius
Will Smith on Top Gear
The Oscars thing (CW: violence, cuss words that Will Smith didn’t used to have to rap to sell records)
He’s The Greatest Dancer by Sister Sledge; written by Bernard Edwards and Nile Rodgers of Chic
News of the week
New Cisco Intersight Kubernetes features
Red Hat OpenShift v4.10
ChaosNative acquired by Harness
Azure PlayFab launches Thundernetes
Episode 26, with Cyril Tovena and Mark Mandel
Hacker News commentary
Weave GitOps v2022-03
Qumulo for Kubernetes
SpectroCloud raises $40m
Pinterest: 99% to 99.9% SLO, high performance control plane
Uber: Avoiding CPU throttling in a containerized environment
Links from the interview
in-toto
The Update Framework
Purdue University
Elmore Family School of Electrical and Computer Engineering
Purdue Boilermakers
Open Source Software Senior Design Projects
NYU
Tandon School of Engineering
Justin Cappos
PolyPasswordHasher
Episode 155, with Priya Wadhwa
apt-secure for Debian packages
A keysigning and a signed PGP key
Farm to table attestation
Potato tracking
An example of E. coli in lettuce
in-toto record
Project Trebuchet: How SolarWinds is Using Open Source to Secure Their Supply Chain in the Wake of the Sunburst Hack by Trevor Rosen, Solarwinds
Reflections on Trusting Trust by Ken Thompson
Secure Publication of Datadog Agent Integrations with TUF and in-toto
US Executive Order on Improving the Nation’s Cybersecurity
Readout of White House Meeting on Software Security
sigstore
in-toto is the second most used format for sigstore
SPIFFE
SLSA
in-toto moves to incubation in the CNCF
CFSSL
Math rock
Covet: “falkor”
TTNG: +3 Awesomeness Repels Water
Bird of the Year
The kea
Breaking a police car
Santiago Torres-Arias on Twitter and at badhomb.re
Do you have something cool to share? Some questions? Let us know:
web: kubernetespodcast.com
mail: kubernetespodcast@google.com
twitter: @kubernetespod
Chatter of the week
Don’t Forget The Lyrics
Gettin’ Jiggy Wit It
Explained on Genius
Will Smith on Top Gear
The Oscars thing (CW: violence, cuss words that Will Smith didn’t used to have to rap to sell records)
He’s The Greatest Dancer by Sister Sledge; written by Bernard Edwards and Nile Rodgers of Chic
News of the week
New Cisco Intersight Kubernetes features
Red Hat OpenShift v4.10
ChaosNative acquired by Harness
Azure PlayFab launches Thundernetes
Episode 26, with Cyril Tovena and Mark Mandel
Hacker News commentary
Weave GitOps v2022-03
Qumulo for Kubernetes
SpectroCloud raises $40m
Pinterest: 99% to 99.9% SLO, high performance control plane
Uber: Avoiding CPU throttling in a containerized environment
Links from the interview
in-toto
The Update Framework
Purdue University
Elmore Family School of Electrical and Computer Engineering
Purdue Boilermakers
Open Source Software Senior Design Projects
NYU
Tandon School of Engineering
Justin Cappos
PolyPasswordHasher
Episode 155, with Priya Wadhwa
apt-secure for Debian packages
A keysigning and a signed PGP key
Farm to table attestation
Potato tracking
An example of E. coli in lettuce
in-toto record
Project Trebuchet: How SolarWinds is Using Open Source to Secure Their Supply Chain in the Wake of the Sunburst Hack by Trevor Rosen, Solarwinds
Reflections on Trusting Trust by Ken Thompson
Secure Publication of Datadog Agent Integrations with TUF and in-toto
US Executive Order on Improving the Nation’s Cybersecurity
Readout of White House Meeting on Software Security
sigstore
in-toto is the second most used format for sigstore
SPIFFE
SLSA
in-toto moves to incubation in the CNCF
CFSSL
Math rock
Covet: “falkor”
TTNG: +3 Awesomeness Repels Water
Bird of the Year
The kea
Breaking a police car
Santiago Torres-Arias on Twitter and at badhomb.re
Released:
Mar 30, 2022
Format:
Podcast episode
Titles in the series (100)
Skaffold, with Matt Rickard: Matt Rickard from the container tools team at Google Cloud joins Adam and Craig to introduce Skaffold. by Kubernetes Podcast from Google