Will JavaScript type annotations kill TypeScript?
The creators of Svelte and Turbo 8 both dropped TS recently saying that "it's not worth it".
Yes: If JavaScript gets type annotations then there's no reason for TypeScript to exist.
No: TypeScript remains the best language for structuring large enterprise applications.
TBD: The existing user base and its corpensource owner means that TypeScript isn’t likely to reach EOL without a putting up a fight.
I hope they both die. I mean, if you really need strong types in the browser then you could leverage WASM and use a real programming language.
I don’t know and I don’t care.
Kubernetes / Security

The New Stack Context: Operators Can Be a Security Hazard

Alcide's Gadi Naor explains his worries about operators, a framework used to manage complex applications on Kubernetes and other security-related topics.
Jul 31st, 2020 1:37pm by
Featued image for: The New Stack Context: Operators Can Be a Security Hazard

A few years back, Kubernetes was in full development and many of its basic concepts were still evolving, so security was not a huge priority. But as K8s deployments have moved into production, more attention is being focused in securing Kubernetes and its workloads. Gadi Naor has been following Kubernetes security from the start. Alcide, the company Naor founded and now serves as CTO, offers an end-to-end Kubernetes security platform.

For this week’s episode of The New Stack Context podcast, we speak with Naor about a variety of Kubernetes security-related topics. Last week, Naor hosted a Kubernetes security webinar for the Cloud Native Computing Foundation, which in addition to offering many helpful hints, discussed in detail the spate of recent vulnerabilities found in Kubernetes. And for The New Stack, he wrote about the problem of configuration drift in Kubernetes, and why it can’t be solved simply through continuous integration tools.

TNS editorial and marketing director Libby Clark hosted this episode, alongside TNS senior editor Richard MacManus, and TNS managing editor Joab Jackson.

Episode 128: Operators Can Be a Security Hazard

One of the most surprising parts of the conversation was when Naor had explained his worries about operators, a framework increasingly used to manage complex applications on Kubernetes:

If someone is basically building an operator to deploy a single instance of an application, that’s a wrong use for an operator. You would be way better using Helm charts or customized resources and push stuff to a cluster. Operators run normally as extremely privileged components, from an audit perspective, which means they become a weak link inside your cluster. I try to scan it in [continuous integration] but it means nothing to all the tools because it’s very vendor-specific, irresponsibly-vendor specific. You end up running with something that actually weakens your Kubernetes security posture. So at the end of the day, it makes a lot of sense to create an operator [for Prometheus] because it automates a lot of the wiring of your monitoring systems. And it does that very elegantly. But you have security vendors, which I will not name, that use the operator to deploy a single instance, and is abusing this notion [of an operator].

Other topics discussed include:

  • The growing time it takes to disclose new vulnerabilities.
  • Vulnerabilities in the control plane versus those on the node.
  • Vulnerability management in self-managed Kubernetes vs. managed Kubernetes.
  • Why Kubernetes Operators are a security risk.
  •  Configuration drift in Kubernetes.
  • The importance of continuous delivery for Kubernetes security.
  • Why a managed platform may catch a security error that most roll-your-own distributions would miss.
  • The motivation for starting Alcide.

Then, later in the show, we take a look at some of The New Stack‘s top posts from the week:

At this time, The New Stack does not allow comments directly on this website. We invite all readers who wish to discuss a story to visit us on Twitter or Facebook. We also welcome your news tips and feedback via email:

Group Created with Sketch.
TNS owner Insight Partners is an investor in: The New Stack.
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.