TF Protection against cyber threats #225

New Issue

gosam · 2024-07-26T10:32:17Z

gosam commented

2024-07-26 10:32:17 +00:00

Issue as described here:

https://github.com/threefoldtech/tf_security_reports/issues/3

Solution being worked on here:

https://docs.google.com/document/d/1iZCUQK3ZiGwH0H-Ua6xR7ozyQ9TNE2iLfU4Nx0k6mgM/edit#heading=h.442ls16eaduo

Issue needs to be communicated properly
Plan needs to be confirmed and execution plan created
Further communication on the plan and next steps
Need semi-regular updates of progress

Issue as described here: https://github.com/threefoldtech/tf_security_reports/issues/3 Solution being worked on here: https://docs.google.com/document/d/1iZCUQK3ZiGwH0H-Ua6xR7ozyQ9TNE2iLfU4Nx0k6mgM/edit#heading=h.442ls16eaduo - [ ] Issue needs to be communicated properly - [ ] Plan needs to be confirmed and execution plan created - [ ] Further communication on the plan and next steps - [ ] Need semi-regular updates of progress

gosam added this to the July 22 – Aug 04 project 2024-07-26 10:32:17 +00:00

gosam self-assigned this 2024-07-26 13:16:50 +00:00

scott was assigned by gosam

2024-07-26 13:16:51 +00:00

gosam commented

2024-07-26 14:16:12 +00:00

Will communicate something asap and create something clearer early next week.

gosam commented

2024-07-29 11:25:04 +00:00

Passing this around for feedback:

As pioneers in helping to create a decentralized cloud and Internet, our commitment to ensuring the safety and integrity of our network is paramount.

In response to reports from some farmers about potentially suspicious traffic originating from workloads on their ThreeFold nodes, we are actively working to implement additional measures to keep farmers and users safe. To be clear, we have found no evidence of a security breach of any ThreeFold systems, including Zero OS.

Our goal is build the most secure and capable decentralized cloud on the planet. Keeping all participants safe is an essential part of that goal, and so we are and will be taking steps to enhance our ability to prevent and address any misuse of the network.

Authenticity and the ability to respond to events constructively are crucially important to our team – and we'll share more details soon. Thanks for your support in growing and developing the ThreeFold network and for your understanding and cooperation as we undertake these steps. Together, we will continue to build a resilient, secure, and decentralized future.

Passing this around for feedback: As pioneers in helping to create a decentralized cloud and Internet, our commitment to ensuring the safety and integrity of our network is paramount. In response to reports from some farmers about potentially suspicious traffic originating from workloads on their ThreeFold nodes, we are actively working to implement additional measures to keep farmers and users safe. To be clear, we have found no evidence of a security breach of any ThreeFold systems, including Zero OS. Our goal is build the most secure and capable decentralized cloud on the planet. Keeping all participants safe is an essential part of that goal, and so we are and will be taking steps to enhance our ability to prevent and address any misuse of the network. Authenticity and the ability to respond to events constructively are crucially important to our team – and we'll share more details soon. Thanks for your support in growing and developing the ThreeFold network and for your understanding and cooperation as we undertake these steps. Together, we will continue to build a resilient, secure, and decentralized future.

gosam commented

2024-07-30 08:59:14 +00:00

Has been well-received but there was an exception with one line, so need Scott to re-write.

And the plan still needs to be worked on / agreed upon ...

Has been well-received but there was an exception with one line, so need Scott to re-write. And the plan still needs to be worked on / agreed upon ...

gosam commented

2024-07-31 06:30:37 +00:00

Waiting on a meeting between Thabet and Jan for more information.

gosam commented

2024-08-02 11:07:17 +00:00

Communicated on the community call yesterday evening.

gosam modified the project from July 22 – Aug 04 to Aug 05 – Aug 18

2024-08-02 11:07:23 +00:00

gosam commented

2024-08-09 06:44:13 +00:00

This is to be discussed amongst the development stakeholders next week.

@scott @mik-tf please push for some resolution to this discussion and update the team so it can be communicated. 🙏

This is to be discussed amongst the development stakeholders next week. @scott @mik-tf please push for some resolution to this discussion and update the team so it can be communicated. 🙏

mik-tf modified the project from Aug 05 – Aug 18 to Aug 19 - Sep 01

2024-08-19 15:21:14 +00:00

mik-tf commented

2024-08-19 15:21:55 +00:00

Update

Once it's fixed on the devs/grid side, then we can make a post and explain what happened and how we fixed it

# Update - Once it's fixed on the devs/grid side, then we can make a post and explain what happened and how we fixed it

gosam commented

2024-08-22 07:37:03 +00:00

@mik-tf Got it. How long before it is fixed? Any idea?

gosam commented

2024-08-29 12:55:30 +00:00

@scott @mik-tf Do you feel we need to go into this topic at a deeper level than was described in the 3.15 update?

@scott @mik-tf Do you feel we need to go into this topic at a deeper level than was described in [the 3.15 update](https://forum.threefold.io/t/new-features-in-the-upcoming-3-15-version/4401)?

mik-tf commented

2024-08-30 17:58:17 +00:00

I think we can write a forum post once the 3.15 is released. To explain what was done. I.e. I wouldn't focus too much on communicating the security issues before they are fixed.

👍 1

gosam removed this from the Aug 19 - Sep 01 project 2024-09-02 07:21:26 +00:00

gosam added this to the Sep 30 – Oct 13 project 2024-09-30 15:44:53 +00:00

gosam commented

2024-09-30 15:45:22 +00:00

Let's please update this issue – title and description and current state of things. 🙏