‘Fasten your seat belts, raise your tray table, and disconnect your Bluetooth headsets from the entertainment unit’

NewsBlur, an RSS news reading app for the web and mobile devices, recently had one of its databases deleted thanks to an insecure default setting that has dogged developers using Docker since 2014.

In a blog post this week, Samuel Clay, founder of NewsBlur, recounted how an unknown vandal deleted a database from his app’s dockerized MongoDB cluster using a “Docker footgun” – something setup in a way that promotes shooting oneself in the foot, so to speak.

The incident happened as Clay was in the process of moving NewsBlur, which relies on PostgreSQL, MongoDB, Redis, Elasticsearch databases currently, to Docker containers in preparation for a redesign. He switched the app’s MongoDB cluster over to the new servers and shut down the original server, intending to delete it after the new setup proved stable.

Source link

Related Articles

Back to top button