On Sat, 4 May 2024 08:09:28 +0200 Maciej Nasinski <nasinski.mac...@gmail.com> wrote:
> What do you think about promoting containers? Containers have an attack surface too, have user experience problems (how's Docker on Windows?) and may bring in more third-party code than what you're trying to protect against (whole operating system images!). Even Firejail and Bubblewrap, containers specifically designed to sandbox untrusted code, have bugs in their setup or implementation every now and then. Still, you are welcome to run third-party code in a virtual machine or a container. It may be not everyone's favourite trade-off, but is a net increase in security over running untrusted code directly. Feel free to search for a point on the Pareto optimal line between security and convenience that you'll be comfortable with: https://xkcd.com/2044/ > Nowadays, containers are more accessible, with GitHub codespaces > being more affordable (mostly free for students and the educational > sector). The GitHub-isation of the development process is kind of a vulnerability too, or at the very least has a cost. I'm a few handshakes away from several people who have been disappeared from GitHub and couldn't get their accounts back. Microsoft is too big to have real tech support [*], so once you fall foul of their AI moderation systems, you'll have to be a Hacker News celebrity to attract attention of a human on the inside. I've got an ageing ThinkPad that I cannot afford to replace. It can process all the data I've been gathering during my PhD and then some, least squares, inverse problems, you name it, all while playing music and having Quake I open. But the moment I try to launch Codespaces, it downloads more bytes of JavaScript than the whole Quake I installation takes in size, and then the browser overheats the laptop. Maybe programming other people's computers in the browser is the future, but then you need a fancy laptop and maybe a friend in Microsoft just to be admitted into that future. A solution for some, but not for all. -- Best regards, Ivan [*] https://danluu.com/diseconomies-scale/ ______________________________________________ R-package-devel@r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-package-devel
