>served from an auto updated base, there's no reason why it couldn't be pretty much as secure as a platform. [...] Docker image that gets updated upstream for security issues [...] Why couldn't that work?
The update process itself acts as an attack vector. Even the techies like programmers can get pwned with trusted repositories that suddenly became untrusted.[0][1][2]
A decentralized server appliance of powerful sophistication that requires updates will require a baseline level of technical expertise. So far, even the less sophisticated hardware like wifi cameras and Nest devices are leaving unwitting homeowners exposed to criminals and unwanted spying.[3][4]