The price of security is eternal paranoia. Vigilance is not enough.
Paraphrased from Len Deighton.
10K Docker images spray live cloud creds across the internet
Docker Hub has quietly become a treasure trove of live cloud keys and credentials, with more than 10,000 public container images exposing sensitive secrets from over 100 companies, including a Fortune 500 firm and a major bank. That's according to security watchers at Canadian cybersecurity firm Flare, which, in its analysis …
-
Thursday 11th December 2025 12:46 GMT Jou (Mxyzptlk)
"rush to adopt"
The most important part of the story. The Propaganda department pushed "important!!!!111!oneeleven!!11!!", the mangament department follows with "Security, audit and clean code less important!", the developers rush. All those secrets should have been used to cause as much damage as possible, and each time leave the card "The Marketing department says what has to be rushed, the management says that security is less important than the rush, so this is the result the companies deserved".
It should include that the management and marketing people are to be held responsible personally.
-
Thursday 11th December 2025 14:12 GMT sabroni
developers' rush to adopt AI
Developers aren't rushing to adopt AI, they're being forced to use it by management. They might like the fact an "AI" can generated some tedious code for them but the idea that most developers are thinking "What this system needs is the ability to get things wrong!" is deluded.
Yes, I'll let it go through the code base and add this new property in the 50 places it's needed. No, I won't link my accurate, tested code with a system that's only unique feature is "making things sound plausible even when wrong".
-
-
Friday 12th December 2025 09:25 GMT Anonymous Coward
Re: developers' rush to adopt AI
A lot of developers feel like they have to. Delivery times for solutions have shrunk massively since the incorporation of AI into development pipelines.
An AI augmented average developer is still not as quick as the best developers out there, but the gap is closing. The typical go to "That's a 12 month project" or "That's a 6 month project" timelines are pretty much dead at this point. They were already on the slide, but AI has accelerated the slide.
-
-
Biting the hand that feeds IT
