Kontain is a stealth mode, VC funded cloud infrastructure startup led by successful serial entrepreneurs. This internship opportunity is perfect for a grad or upper level undergrad student who is focused on operating systems, virtualization, security, and cloud workload operation. At a minimum, you'll get to work on an amazing applied computer science product, learn with some extremely skilled systems software engineers, strengthen your resume, and make some money. Even better, it could inspire or extend your thesis/dissertation work, or lead to more projects and full time employment with Kontain.
Kontain's solution isolates microservices by encapsulating every container instance in its own private virtual machine. (This by no means is the full scope of Kontain's product, but for purposes of this internship, this is the relevant feature.) This isolation mitigates the risk of an ill-behaving container harming other containers running on a shared OS kernel. People who understand virtual machines easily understand how and why Kontain provides this benefit. We can explain this in a whitepaper as well. But it is not easy to demonstrate because all known vulnerabilities where Kontain would shine are already fixed!
For example, Kontain mitigates the infamous Meltdown exploit, but Intel silicon and OS kernels shipped in the past couple years have patched the bug that enabled Meltdown, so it's hard to find a machine on which to demonstrate this. Similarly, all well known security exploits of Docker have also been mitigated. There are undoubtedly other exploits out there, and there will be more in the future—which why our solution is vital— but the exploits of the future are unknown.
To demonstrate the security isolation benefits of our platform, we want to find a past successful exploit of standard Docker-style containers that, had Kontain been used instead, wouldn't have succeeded. Then, we'd like to build a side-by side demo showing (a) an unpatched version of Docker being hacked, and (b) the invulnerability of Kontain's version of the container.
This internship project is to (1) find that exploit (e.g. by searching https://us-cert.gov/ and other places), then (2) build the demo. Bonus points for inventing a new exploit that meets our criteria in lieu of part (1). Our public Github repo is at https://github.com/kontainapp/km-releases
We have other projects for interns, and are also hiring full-time, so this need not be a one-time, short term engagement. We're looking forward to working with you!
Please reach out to Mark Davis at firstname.lastname@example.org if interested in applying