Chef-sugar stands its grounds against ICE contract (opens in new tab)

(github.com)

7 pointsthiefmeister6y ago7 comments

7 comments

They have some update. (looks like they are backtracking their original statement.)

https://blog.chef.io/2019/09/23/an-important-update-from-che...

Chef's official stance remains unchanged. Their blogpost: https://blog.chef.io/2019/09/19/chefs-position-on-customer-e...

pnako6y ago

> For context, we began working with DHS-ICE during the previous administration

That should have been Chef's only response, really. (That, and they still need to explain how a former developer somehow managed to break something.)

LIV26y ago

The most depressing part is that people will only care about what ICE are doing until the next election

pnako6y ago

> Earlier today, a former Chef employee removed several Ruby Gems, impacting production systems for a number of our customers.

That's some horrendous infosec. Why would ICE or anyone use this? Can't Chef use, err, Chef or something like that to remove all credentials as soon as employees leave the organization?

mwarkentin6y ago

It was his own gem, hosted under his own account, not Chef's. It's apparently just relied on by almost the entire Chef ecosystem, including Chef's own systems.

thiefmeisterOP6y ago

Quite rare to find projects standing its own ground .

1 more reply

j / k navigate · click thread line to collapse

7 comments

thiefmeisterOP6y ago

They have some update. (looks like they are backtracking their original statement.)

https://blog.chef.io/2019/09/23/an-important-update-from-che...

montypythonxxx6y ago

Chef's official stance remains unchanged. Their blogpost: https://blog.chef.io/2019/09/19/chefs-position-on-customer-e...

pnako6y ago

> For context, we began working with DHS-ICE during the previous administration

That should have been Chef's only response, really. (That, and they still need to explain how a former developer somehow managed to break something.)

LIV26y ago

The most depressing part is that people will only care about what ICE are doing until the next election

pnako6y ago

> Earlier today, a former Chef employee removed several Ruby Gems, impacting production systems for a number of our customers.

That's some horrendous infosec. Why would ICE or anyone use this? Can't Chef use, err, Chef or something like that to remove all credentials as soon as employees leave the organization?

mwarkentin6y ago

It was his own gem, hosted under his own account, not Chef's. It's apparently just relied on by almost the entire Chef ecosystem, including Chef's own systems.

thiefmeisterOP6y ago

Quite rare to find projects standing its own ground .

1 more reply

j / k navigate · click thread line to collapse