Hacker News new | comments | show | ask | jobs | submit login

The headline is misleading. It's not "the modern containerization trend" that is the root cause of this. I expected to read about something about container breakout or the difference between container confinement and VM confinement.

Instead, it turns out that it's the "store model" (Docker Hub in this case) and malware injection into that store that the article is really talking about.

The article also seems to talk about misconfigured systems permitting some level of admin access to everyone. That's not really a new "container" class of vulnerability though; it's the equivalent of leaving root ssh open with a weak password or similar.




Even that isn't quite it - this is not a case of people accidentally downloading and running malicious containers.

People are leaving kubernetes/docker/whatever open to the world, and attackers are instructing their servers to download and run these containers.

The complaint is that Docker Hub is hosting the attack code for the attackers. They could have hosted it on their own custom registry server if they wanted. (But why bother if you can just host it on Docker Hub.) In the same vein, they could use GitHub to host their attack code. Or they could put in in an S3 bucket...




Applications are open for YC Winter 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: