If the base of their site was served from an auto updated base, there's no reason why it couldn't be pretty much as secure as a platform.
Say it's a frontend over a Docker image that gets updated upstream for security issues, and the server has a Cron job that keeps it up to date.
Why couldn't that work?
I know there's some centralisation around the Docker image, but that could be open source or provided by someone like Mozilla or Apache or WordPress who we can trust.
And there's no reason why the user couldn't choose from a whole ecosystem of image providers with a simple enough UI
>served from an auto updated base, there's no reason why it couldn't be pretty much as secure as a platform. [...] Docker image that gets updated upstream for security issues [...] Why couldn't that work?
The update process itself acts as an attack vector. Even the techies like programmers can get pwned with trusted repositories that suddenly became untrusted.[0][1][2]
A decentralized server appliance of powerful sophistication that requires updates will require a baseline level of technical expertise. So far, even the less sophisticated hardware like wifi cameras and Nest devices are leaving unwitting homeowners exposed to criminals and unwanted spying.[3][4]
Say it's a frontend over a Docker image that gets updated upstream for security issues, and the server has a Cron job that keeps it up to date.
Why couldn't that work?
I know there's some centralisation around the Docker image, but that could be open source or provided by someone like Mozilla or Apache or WordPress who we can trust.
And there's no reason why the user couldn't choose from a whole ecosystem of image providers with a simple enough UI