Mark Manning
@antitree.com
Process isolationist, k8s hacker, ᴎo-prem pusher, syscall denier, container liberator
🔸Chainguard - Product Security
🔸Rochester 2600, IOIOIO Security
🔸Former: Snowflake, NCC Group, Hackerspace starter, BSidesROC Founder
🔸Chainguard - Product Security
🔸Rochester 2600, IOIOIO Security
🔸Former: Snowflake, NCC Group, Hackerspace starter, BSidesROC Founder
I subscribed to get text alerts for Claude's status on outages... This was a mistake. How many 8's is the uptime on this thing?
February 3, 2026 at 8:23 PM
I subscribed to get text alerts for Claude's status on outages... This was a mistake. How many 8's is the uptime on this thing?
Reposted by Mark Manning
Notepad++ versions and update mechanisms have been compromised since September. Please update to 8.9.1 wherever you have this tool. It's unclear what malicious versions of the tool might do. I Recommend activating incident response for affected hosts.
notepad-plus-plus.or...
notepad-plus-plus.or...
February 2, 2026 at 4:43 PM
Notepad++ versions and update mechanisms have been compromised since September. Please update to 8.9.1 wherever you have this tool. It's unclear what malicious versions of the tool might do. I Recommend activating incident response for affected hosts.
notepad-plus-plus.or...
notepad-plus-plus.or...
All ya'll installing openclaw.ai on your real systems are wild. It's a cool demo of the future but ...
a woman is standing in front of a door and saying stop it
ALT: a woman is standing in front of a door and saying stop it
media.tenor.com
February 1, 2026 at 4:27 PM
All ya'll installing openclaw.ai on your real systems are wild. It's a cool demo of the future but ...
Reposted by Mark Manning
The schedule for BSides Reykjavik 2026 is live at cfp.bsidesreykjavik.com/2026/schedule/ Other details at bsidesreykjavik.com. Remember tickets are still available both for the workshops and the conference.
https://cfp.bsidesreykjavik.com/2026/schedule/
[1m2026[0m
Get different formats:
curl https://cfp.bsidesreykjavik.com/2026/schedule/\?format=table (default)
curl https://cfp.bsidesreykjavik.com/2026/schedule/\?format=list
[33m2026-03-...
cfp.bsidesreykjavik.com
February 1, 2026 at 3:01 PM
The schedule for BSides Reykjavik 2026 is live at cfp.bsidesreykjavik.com/2026/schedule/ Other details at bsidesreykjavik.com. Remember tickets are still available both for the workshops and the conference.
This rush to repurpose sandbox technologies to become "AI agent boxes" is great to see. Kata is an obvious option... but layering in k8s to agentic workers is going to require another layer that needs hardening.
I'm interested to see where the industry goes
katacontainers.io/blog/Kata-Co...
I'm interested to see where the industry goes
katacontainers.io/blog/Kata-Co...
Kata Containers
Kata Containers is an open source container runtime, building lightweight virtual machines that seamlessly plug into the containers ecosystem.
katacontainers.io
January 31, 2026 at 12:45 PM
This rush to repurpose sandbox technologies to become "AI agent boxes" is great to see. Kata is an obvious option... but layering in k8s to agentic workers is going to require another layer that needs hardening.
I'm interested to see where the industry goes
katacontainers.io/blog/Kata-Co...
I'm interested to see where the industry goes
katacontainers.io/blog/Kata-Co...
How are those "I don't care about privacy, I have nothing to hide" folks doing in 2026?
January 24, 2026 at 1:03 AM
How are those "I don't care about privacy, I have nothing to hide" folks doing in 2026?
See you next week at #DistrictCon. Hoping to see some familiar faces. Otherwise here's some good conversation starters that always work on me:
* "We don't know each other but... hi."
* "Would you like a beer?"
* "Any ideas how to get rid of a body?"
* "We don't know each other but... hi."
* "Would you like a beer?"
* "Any ideas how to get rid of a body?"
January 16, 2026 at 10:19 PM
See you next week at #DistrictCon. Hoping to see some familiar faces. Otherwise here's some good conversation starters that always work on me:
* "We don't know each other but... hi."
* "Would you like a beer?"
* "Any ideas how to get rid of a body?"
* "We don't know each other but... hi."
* "Would you like a beer?"
* "Any ideas how to get rid of a body?"
Reposted by Mark Manning
If 2025 was the year of vibe coding, 2026 will be the year of vibe maintenance and security.
January 3, 2026 at 4:47 PM
If 2025 was the year of vibe coding, 2026 will be the year of vibe maintenance and security.
Just started my plans for torcamp. Looking forward to another year of insane hacker adventures in nature
December 30, 2025 at 5:13 PM
Just started my plans for torcamp. Looking forward to another year of insane hacker adventures in nature
As a fan of trying to secure the things that are obviously insecure, GPUs are right up there. Fun write up on how they approach this from a client OS perspective security.googleblog.com/2025/12/furt...
Further Hardening Android GPUs
Posted by Liz Prucka, Hamzeh Zawawy, Rishika Hooda, Android Security and Privacy Team Last year, Google's Android Red Team partnered with...
security.googleblog.com
December 29, 2025 at 10:53 PM
As a fan of trying to secure the things that are obviously insecure, GPUs are right up there. Fun write up on how they approach this from a client OS perspective security.googleblog.com/2025/12/furt...
Shout out to the poor engineers at Anthropic that have to support the launch of a half dozen new product features announced today.
I've seen this movie before. Hackers with free time + under reviewed features...🍿
I've seen this movie before. Hackers with free time + under reviewed features...🍿
December 24, 2025 at 12:17 AM
Shout out to the poor engineers at Anthropic that have to support the launch of a half dozen new product features announced today.
I've seen this movie before. Hackers with free time + under reviewed features...🍿
I've seen this movie before. Hackers with free time + under reviewed features...🍿
Does anyone else in snow country regularly exchange pictures of snow with friends and families to show how much in their yard?
Do they have a name? Snow-fies? Snow-tographs?
This is what we need to be discussing!
Do they have a name? Snow-fies? Snow-tographs?
This is what we need to be discussing!
December 23, 2025 at 4:30 PM
Does anyone else in snow country regularly exchange pictures of snow with friends and families to show how much in their yard?
Do they have a name? Snow-fies? Snow-tographs?
This is what we need to be discussing!
Do they have a name? Snow-fies? Snow-tographs?
This is what we need to be discussing!
All the AI in the world and Google's cameras still think snow is someone walking
December 11, 2025 at 2:17 AM
All the AI in the world and Google's cameras still think snow is someone walking
lInKsTrAiN | Interface Selection
Snark.rochester2600.com
December 6, 2025 at 12:14 AM
Anyone complaining that genAI image used as page filler are inaccurate or cringe, should be shown the Microsoft Office clip art gallery from the early 2000's
November 26, 2025 at 9:45 PM
Anyone complaining that genAI image used as page filler are inaccurate or cringe, should be shown the Microsoft Office clip art gallery from the early 2000's
I'm a sucker for books that support my belief that we're all doing infosec poorly or just for the sake of infosec. This has been an interesting read so far
November 26, 2025 at 7:19 PM
I'm a sucker for books that support my belief that we're all doing infosec poorly or just for the sake of infosec. This has been an interesting read so far
Uh oh. Check your GCP Cloud Run jobs.
November 21, 2025 at 10:09 PM
Uh oh. Check your GCP Cloud Run jobs.
Districtcon tickets acquired
November 16, 2025 at 5:02 PM
Districtcon tickets acquired
Reposted by Mark Manning
I saw a tragically AI-generated version of this poster, so I have recreated a 100% human-made version for all your protest sign needs.
October 18, 2025 at 4:00 PM
I saw a tragically AI-generated version of this poster, so I have recreated a 100% human-made version for all your protest sign needs.
Serious question: how do people buy cars without spending weeks at it? Do you roll into dealerships and just yeet the cash at them?
October 13, 2025 at 7:26 PM
Serious question: how do people buy cars without spending weeks at it? Do you roll into dealerships and just yeet the cash at them?
Took me 3 hours to finally agree that kubernetes will do anything for Node Autoscaling based on available resources ... But it won't do THAT.
October 10, 2025 at 5:09 AM
Took me 3 hours to finally agree that kubernetes will do anything for Node Autoscaling based on available resources ... But it won't do THAT.
This was 2600 meeting last night. It's getting overwhelming when you look closely
October 4, 2025 at 4:40 PM
This was 2600 meeting last night. It's getting overwhelming when you look closely
I have ChatGPT instrumenting Claude so I can failover when it hits its rate limits. And I feel like that's what you're _supposed_ to do.
2025 is wild.
2025 is wild.
September 28, 2025 at 4:11 AM
I have ChatGPT instrumenting Claude so I can failover when it hits its rate limits. And I feel like that's what you're _supposed_ to do.
2025 is wild.
2025 is wild.
Reposted by Mark Manning
Very late on getting this video out the door, but a teeny weeny showcase of the recent Docker for Desktop on Windows & MacOS container escape, CVE-2025-9074 -- proof of concept was included so a simple demo of arbitrary file write & file read on the host: youtu.be/dTqxNc1MVLE
September 3, 2025 at 1:05 PM
Very late on getting this video out the door, but a teeny weeny showcase of the recent Docker for Desktop on Windows & MacOS container escape, CVE-2025-9074 -- proof of concept was included so a simple demo of arbitrary file write & file read on the host: youtu.be/dTqxNc1MVLE