Someone watching Silicon Valley could be forgiven for coming away with the impression that most software developers spend 90% of their time screwing around waiting for solutions to unexpected bullshit interruptions…

So yeah, pretty accurate.

Oof. I’m anxious that folks are going to get the wrong idea here.

While OCI does provide security benefits, it is not a part of a healthly security architecture.

If you see containers advertised on a security architecture diagram, be alarmed.

If a malicious user gets terminal access inside a container, it is nice that there’s a decent chance that they won’t get further.

But OCI was not designed to prevent malicious actors from escaping containers.

It is not safe to assume that a malicious actor inside a container will be unable to break out.

Don’t get me wrong, your point stands: Security loves it when we use containers.

I just wish folks would stop treating containers as “load bearing” in their security plans.

Yeah. Warning - uninvited poetic waxing on feature flags and leadership choices, incoming…

We all agree we inevitably do some live testing at our customers risk, because no test environment is perfect.

With feature flags, we’re able to negotiate how many of our customers to test on, at a time.

But some of us prefer to forgo feature flags and risk our entire customer base on every change. It saves money, at least for a little while.

I’m not exactly fun at executive leadership meetings, but somehow I keep getting invited to them. Heh.

Asking questions like that can cause hiring managers like myself to have no choice but to offer you higher pay grades, because that question is a strong signal of experience.