|
|
|
|
|
|
by richbell
1302 days ago
|
|
|
I agree. People tend to search for variations of "$application docker" to see if there's an existing image they can reuse. People also tend to associate search engine ranking with credibility (a big reason why ads disguised as results taking the top places is unethical, but I digress), which means that a threat actor could easily get people to use a malicious image if they write a blog post or guide and boost it with SEO. Unless you have access to unambiguously official images, like from Red Hat, most images are "random". There are tons of popular non-official images maintained by random organizations or people (e.g., bitnami, LinuxServer) that you just have to trust. |
|
|