Sep 3, 2018 · 1 min read
The big problems with Docker:
0. Execution of untrustworthy code from random persons
1. Lack of chain-of-custody, end-to-end image verification
these are an obvious recipe for malware, hacking and spying. It was clearly a problem early on, but is has yet (as of 2018) to be adequately addressed.^
The best recommendation for tech professionals: Don’t be lazy. Build all of your own containers locally from a common standard base image and sign them at build time. And that rkt can run insecure Docker images and that it has a better architecture seems like a no-brainer: always try rkt first and use Docker where rkt lacks usability.
^ https://github.com/moby/moby/issues/2700
