alt Hacker NewsI didn't say run in an air-gapped VM... Just as a means to better isolate the workloads I have running (some less trusted than others). Network connectivity and the associated vulnerabilities obviously remain.
I didn't say run in an air-gapped VM... Just as a means to better isolate the workloads I have running (some less trusted than others). Network connectivity and the associated vulnerabilities obviously remain.
No argument against VMs - just that they have a different risk profile and a different set of trade-offs than containers. They're not a silver bullet, but if they're working for you, then go for it.