I work at Chainguard, hoping this helps answer your question. Chainguard has free and paid images. You can find all the free images in the Chainguard Images Directory: https://images.chainguard.dev/directory?category=all
I was expecting an answer to my question to then build myself an answer to his original question. I was trying to showcase what Chianguard Images are in a nutshell. But you are right: overly complicated.
What images do you usually use and where do you pull them from? ;-)
Hey, wishing him and you the best. The SED slack community is concerned and willing to give a hand anytime. Keep it up, I am sure he'll get over it in time and with your help.
Of course it does. Maybe I'm misunderstanding you, but you seem to be dismissing time as a security factor, when it is, in fact, the only security factor that counts.
We don't (can't) rely on an encrypted volume being perfectly secure. We rely on it taking an infeasibly long time to crack.
We don't (can't) rely on a weapons vault to be perfectly secure. We rely on it taking enough time to breach that authorities will show up.
And companies don't (can't) rely on their data being perfectly secure. They rely on it taking an infeasibly long time to collect.
Technology like this is useful. I will likely end up using it. But technology like CSLI is useful too, especially when integrated into E911 and the like. And yet, when sensitive "information is detailed, encyclopedic, and effortlessly compiled," it poses other risks.
Data collection. I can see MS collecting all kinds of "metrics" to "improve user experience". That is assuming all processing happens in the phone and not in the cloud in the first place, which the article does not mention.
You already have to trust MS implicitly if you're using Excel though. And imagine how many .xlsx files are flowing through OneDrive already, filled with passwords, PII, SSNs, etc.
Mildly related to the article, but more to the GVFS, I really hope it works for them (especially for those 17 very dissatisfied engineers) but everytime we have tried to add or update a huge, huge repo in Git we have got errors back. Despite trying repack or gc it couldn't be added to Git.
