Upgrade to Pro — share decks privately, control downloads, hide ads and more …

[PyCon US 2026 Packaging Summit LT] Sharing mal...

Avatar for Joongi Kim Joongi Kim
May 15, 2026
Programming
14
0

[PyCon US 2026 Packaging Summit LT] Sharing malware scanning results of PyPI from multiple providers

Avatar for Joongi Kim

Joongi Kim

May 15, 2026

More Decks by Joongi Kim

See All by Joongi Kim
[PyCon US 2026 Packaging Summit LT] More Variant, More Diversity for AI Accelerators
Avatar for Joongi Kim achimnol
0
11
[PyCon KR 2025] AI 시대를 위한 Python 패키징
Avatar for Joongi Kim achimnol
0
39
[PyCon US 2025 Lightning Talk] My 10 Years with PyCon KR
Avatar for Joongi Kim achimnol
0
23
[PyCon KR 2024] 엔터프라이즈 공급을 위한 파이썬 엔지니어링
Avatar for Joongi Kim achimnol
0
46
[PyCon KR 2024] 파이콘과 나의 10년 돌아보기
Avatar for Joongi Kim achimnol
0
28
[PyCon APAC 2023] Improving Debuggability of Complex Asyncio Applications
Avatar for Joongi Kim achimnol
0
260
[PyCon KR 2023] Improving debuggability of complex asyncio applications
Avatar for Joongi Kim achimnol
0
220
[PyCon US 2023] Improving debuggability of complex asyncio applications
Avatar for Joongi Kim achimnol
0
460
[PyCon JP] Modernizing development workflows for a 7-year old 74K LoC Python project using Pantsbuild
Avatar for Joongi Kim achimnol
1
2.6k

Other Decks in Programming

See All in Programming
ふにゃっとしない名前の付け方 〜哲学で茹で上げる、コシのあるソフトウェア設計〜
Avatar for akshimo shimomura
0
110
AI-DLC Deep Dive
Avatar for yuukiyo yuukiyo
9
5.6k
Kubernetesを使わない環境にもCloud Nativeなデプロイを実現する / Enabling Cloud Native deployments without the complexity of Kubernetes
Avatar for linyows linyows
3
330
Symfony AI in Action - SymfonyLive Berlin 2026
Avatar for Christopher Hertel chr_hertel
1
130
ローカルLLMでどこまでコードが書けるか / How much code can be written on a local LLM
Avatar for Naoki Kishida kishida
2
320
属人化しないコード品質の作り方_2026.04.07.pdf
Avatar for Masaki Murano muraaano
0
320
サークル参加から学ぶ、小さな事業の回し方
Avatar for yuzneri yuzneri
0
150
Kingdom of the Machine
Avatar for yui-knk yui_knk
2
1.4k
The Past, Present, and Future of Enterprise Java
Avatar for ivargrimstad ivargrimstad
0
200
過去のレビュー知見をSkillsで資産化した話
Avatar for PKSHA Technology(パークシャテクノロジー) pkshadeck
PRO
1
1.6k
Programming with a DJ Controller — not vibe coding
Avatar for seki at druby.org m_seki
3
790
when storing skills in S3 file
Avatar for watany watany
3
1.4k

Featured

See All Featured
Raft: Consensus for Rubyists
Avatar for Patrick Van Stee vanstee
141
7.4k
Exploring anti-patterns in Rails
Avatar for Elle Meredith aemeredith
3
350
Claude Code どこまでも/ Claude Code Everywhere
Avatar for nwiizo nwiizo
65
55k
The Spectacular Lies of Maps
Avatar for Per Axbom axbom
PRO
1
740
How to audit for AI Accessibility on your Front & Back End
Avatar for davetheseo davetheseo
0
360
Large-scale JavaScript Application Architecture
Avatar for Addy Osmani addyosmani
515
110k
BBQ
Avatar for Matthew Crist matthewcrist
89
10k
A Soul's Torment
Avatar for Nat Ma seathinner
6
2.8k
What does AI have to do with Human Rights?
Avatar for Per Axbom axbom
PRO
1
2.1k
Embracing the Ebb and Flow
Avatar for Simon Collison colly
88
5k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
Avatar for soudai sone soudai
PRO
199
73k
HU Berlin: Industrial-Strength Natural Language Processing with spaCy and Prodigy
Avatar for Ines Montani inesmontani
PRO
0
370

Transcript

  1. Sharing Malware Scan Results of PyPI from Multiple Providers Daehyun

    Sung, Joongi Kim @ Lablup Inc.

  2. • My company Lablup offers Reservoir , a private mirror

    service to air gapped AI cluster customers. PyPI, Ubuntu, CentOS, CRAN • According to the security compliances and regulations, we are often requested to have security/malware scanning of the artifacts before delivery. The delivery is usually done via hard-disks brought by our FDE. • Devliery frequency: once per month We are combining access to Korea's local mirrors by Kakao Corp. Our Operation

  3. • Size Growth The sheer volume of PyPI artifacts 40

    TB in total now (doubled since 2024) https://pypi.org/stats/ We (and our customers) are running out of disks! Current Status: Increasing Size

  4. • Monthly malware scanning by Lablup Ahnlab V3 (a Korean

    antivirus solution) ClamAV • Observation Recent rapid increase of supply chain attacks Recent days: copy-fail, dirty-frag, nginx-rift, ... The same happening in PyPI, too Current Status: Increasing Malware

  5. • Registering Lablup as a malware scan result provider...? •

    Cooldown periods in the PyPI server side or pip client side Core dev, Donghee Na, has applied a custom company-wise cooldown proxy to his company. How to protect other users? Things to consider Structured skipping Urgent redistributions (e.g., responses to CVEs) (Discussed during Mike Fiedler's talk) Towards Trustworthy PyPI

  6. • Annotating each package with public scan results e.g., "This

    package was validated by a scan at 2025-06-01 by one or more scanning providers." Need to discuss/decide which metadata to include. Make it available through index APIs so that automated mirroring tools can decide whether to include/exclude the flagged packages. Example: Google Assured Open Source SW (Java, Python packages) https://cloud.google.com/security/products/assured-open-source-software https://docs.cloud.google.com/security-command-center/docs/aoss-supported-packages- premium How to balance open-source freedom to register new packages vs. providing trustworthy/validated packages? Towards Trustworthy PyPI Mirroring

  7. Q&A / Discussion Lablup Inc. Backend.AI Backend.AI GitHub Backend.AI Cloud

    https://www.lablup.com https://www.backend.ai https://github.com/lablup/backend.ai https://cloud.backend.ai Daehyun Sung dhsung lablup.com Joongi Kim joongi lablup.com