Outlining this as precision versus using 100s of thousands on chainguard, seems like 2 extremes pitted against eachother, when hardened images is largely free now: https://hub.docker.com/hardened-images/catalog
- Each agent runs in a dedicated microVM
- agents can build and run Docker containers inside the MicroVM
- no access to the host Docker daemon
- network isolation with allow and deny lists
- available for macOs and windows (linux support coming)
great idea! I went with Ollama because I found set up to be slightly easier. But technically both should offer the same experience and altogether - hosting both in Docker is very logical. That will be the next iteration of my write up!
Remember interviewing for a security role at Phillip Morris who owns the IQOS e-cigaret brand. They bragged about how the device phoned home every time it could get a bluetooth or wifi connection, to inform of consumption amount and patterns - so they could proactively send users more nicotine.
He dramatically revealed that they were no longer selling tobacco, but rather "Nicotine as a service"
Needless to say, I decided not to work for a merchant of death
"We find that women’s relative earnings and employment increase by
4.4% and 2.9% respectively following the birth of the manager’s first daughter. These effects are driven by an increase in managers’ propensity to replace male workers by hiring
women with comparable education, hours worked, and earnings."
For oss projects with heavy pulls, the (free) dsos programme removes all rate limits on their public images, the intention was never to impact projects, but rather mega corporations using hub as free hosting:
