Blog

Random insights of our daily work

Category Icon
sigma-star

Our ProtonMail Adventure - A Five Act Drama

In 2021 we switched to ProtonMail and figured the hard way that it is not the right thing for us.

01.07.2022
Category Icon
sigma-star

Summit on a Summit 2022 Edition

After a two years long break the Summit on a Summit was back in early June this year.

13.06.2022
Category Icon
linux

Linux process priorities demystified

Simple questions often have not so simple answers. One example is the question is, what priority does this process have?

02.02.2022
Category Icon
security

Re-exploiting unsquashfs

Squashfs-tools recently fixed a security issue. In this blog post we show how to re-exploit it and how it got mitigated

10.01.2022
Category Icon
sigma-star

Alpine Linux Persistence and Storage Summit 2021

ALPSS was back in 2021 and here's what happened :-)

20.11.2021
Category Icon
security

How security-integration for IT Startups works best

If Startups invest money into security right from the scratch, the costs will be much lower in the end. Why? Read this article!

14.09.2021
Category Icon
open-source

Enhanced Read-Only File System (EROFS) lands in Yocto

The upcoming Yocto 3.4 release will contain a small contribution by us. Over the last two years we learned to love EROFS, so we decided to add support for it to Yocto.

09.09.2021
Category Icon
linux

Docker to the rescue in an unexpected way

Imagine you find yourself in a restricted environment and you need some Linux rootfs that runs on the embedded system you just managed get access to. Of course the CPU architecture of the embedded system is not the same as your workstation. The circumstances are further complicated by the fact that the userspace should offer enough tooling to build a C/C++ application. In such a situation docker can help, but in an unexpected way.

10.08.2021
Category Icon
security

The condemned live longer: Symlink races

In this blog post we will take a closer look at a symlink race vulnerability from 2018 in docker. We think the vulnerability is quite interesting since it is easy to exploit but not so obvious to find while reviewing. Attentive readers may ask themselves whether they’d have noticed the issue while developing or reviewing the affected lines of code.

30.07.2021
Category Icon
sigma-star

Who is sigma star und who is the team

Presenting what sigma star is doing and who is the team of sigma star.

01.06.2021
1 2
Icon with a waving hand

Get in touch

+43 5 9980 400 00

sigma star gmbh
Eduard-Bodem-Gasse 6, 1st floor
6020 Innsbruck | Austria

LinkedIn logo
sigma star gmbh logo