Comment by nunez
17 hours ago
Tbf, Docker had a similar start. “Just download this image from Docker Hub! What can go wrong?!”
Industry caught on quick though.
17 hours ago
Tbf, Docker had a similar start. “Just download this image from Docker Hub! What can go wrong?!”
Industry caught on quick though.
True, but the Docker attack surface is limited to a malicious actor distributing malicious images. (Bad enough in itself, I agree.)
Unreliable, unpredictable AI agents (and their parent companies) with system-wide permissions are a new kind of threat IMO.
And still a lot of people will give broad permissions to docker container, use network host, not use rootless containers etc... The principle of least privilege is very very rarely applied in my experience.