:: $10B CVE Scanning market defeated by a keytab in /tmp 🔈

In Linux, files are often used to store credentials and security tokens. Due to the default umask of most distributions [022], many files are readable by default (possibly by accident). Combine both of these into a multi-user system and we end up almost guaranteed credential leaks.

Forget CVE scanning, walk before you run and scan for sensitive world-readable files.

$ ./worldreadable.py /tmp | grep '\.password'
/tmp/secret/oops.password
/tmp/deleteme/key.password

:: Structured outputs at scale 🚀

Chatbots are great but can we do more? This post explores how we can use Structured Outputs and Batch Inference, with the help of Apache NiFi, to generate 1000s of recipes for our new recipe website.

(And other more useful examples like feature extraction of 1000s of articles).