Archive - Bomfather

Tracking Shell Scripts (and Python, Perl, etc) with eBPF is Hard

Interpreted languages are painfull to monitor with eBPF, if you want any guarantees

22 hrs ago • Neil Naveen

Making Pigs Fly (AKA Getting the Verifier To Approve eBPF Code)

Your eBPF code may work on your system, but the verifier won't let it work anywhere else.

Dec 10 • Neil Naveen

Upbit was hacked $37M Solana. How could we have hacked and protected it?

Upbit was hacked and lost $37M of Solana. Here's how it could have happened and how we could have defend it with eBPF and LSM.

Dec 1 • Nathan Naveen

November 2025

How we managed to secure $25K in GCP credits without a VC

We didn't know it was possible to get GCP credits without a VC

Nov 26 • Nathan Naveen

Securing Runtime of the L2 Base Ethereum Nodes

Nov 13 • Neil Naveen

Breakdown of New RunC vulnerabilities CVE-2025-31133, CVE-2025-52565, and CVE‑2025‑52881

I recommend reading the actual exploit https://seclists.org/oss-sec/2025/q4/161. It’s mind-blowing, how complex and how many jumps it takes actually to…

Nov 9 • Neil Naveen

October 2025

L2 Base Node Builds are Insecure

The docker builds for L2 base/node are full of holes

Oct 30 • Nathan Naveen

Stopping kill signals against your eBPF programs

Death has never been fun, let's avoid it (with eBPF)

Oct 29 • Neil Naveen

GitHub’s ubuntu-latest Runners Have 1,681 Packages and 9 HIGH-Severity Vulnerabilities

We build our platform in Go and C. Our production containers are stripped down to exactly what we need. Removing unnecessary packages and minimizing the…

Oct 26 • Nathan Naveen

How We Secured Our eBPF from eBPF

This blog post is one in a series about how we secure our eBPF agent from malicious users who try to overwrite or destroy it.

Oct 26 • Nathan Naveen

We're Replacing Our Kubernetes Ingress Stack with Cloudflare Tunnels, Here's Why

Why we're moving from NGINX/Ingress + Load Balancers to Cloudflare Tunnels: simpler ops, better security, global performance, and lower cost.

Oct 26 • Neil Naveen

Attacking and Securing eBPF Maps

BPF Maps aren't really that secure against users with admin permissions

Oct 26 • Neil Naveen

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts