back to article Big Blue's big blunder: IBM accidentally hands over root access to its data science servers

IBM left private keys to the Docker host environment in its Data Science Experience service inside freely available containers. This potentially granted the cloud service's users root access to the underlying container-hosting machines – and potentially to other machines in Big Blue's Spark computing cluster. Effectively, Big …

  1. Blotto Silver badge


    "I think that IBM already HAD (recently let go in resource actions) some amazing infosec people"

    1. Anonymous Coward
      Anonymous Coward

      Re: FTFY

      How could this not be entitled "IBM's Dockers Pulled Down Around Ankles?"

      (If that makes no sense, see

  2. Anonymous Coward
    Anonymous Coward

    I didn't know people still used Swarm. #Kubernetes4eva

  3. ecofeco Silver badge


    Oh FFS.

    Big Blew indeed.

  4. Pascal Monett Silver badge

    "Had the flaw been exploited"

    Um, sorry but how can they be sure it hasn't ? If the only way to be sure is to re-image the servers, then it sounds like they won't really have any way to be sure.

    Also ; two weeks ?!? Why wasn't shutting everything down immediately until the issue was corrected not an option ? It's not like this environment is heavily used by . . oh, I get it. Non-critical, maybe even a let-it-run-so-we-see-if-anyone-tries-something test. Okay, as long as no personal data is lost, I'm fine with that.

    1. Richard 12 Silver badge

      Re: "Had the flaw been exploited"

      Two weeks is easily long enough for a miscreant to take complete control of IBM's systems.

      However, it's possible that they changed the locks immediately, and only took the old keys out fron under the flowerpot two weeks later.

      Why is it so hard to learn not to leave the keys outside?

  5. Anonymous Coward
    Anonymous Coward

    The Cloud..

    Other peoples computers you have no control over, nor guarantee of data security

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like