This actually happened to me. The seats had moved and glovebox was open one morning. Then a second break-in a few days later, and this one damaged the door panel near the lock. I left the doors unlocked for a couple of weeks after, to decrease the break-in damage -- there was never anything of value in the vehicle.
Unfortunately that is not what they proposed. To stretch the automotive analogy too far, you could say: if you invite a carjacker in, their seatbelt is not going to stop them from carjacking you.
Virtual machines are still the best design and has been for something like 20 years
Containers are good, as long as they all share the same purpose (read: same application, no multi-tenant)
We all know that multi-users systems (and thus, containers) have a very wide attack surface, while VM attack surface is very limited ..
This is why I am totally convinced that:
- redhat and friends are a terrible idea (licencing forces collocation which reduces segmentation)
- per-instance pricing (read: cloud public, but not only that) are terrible: for the same reason. Paying per consumed CPU/ram is sane, paying per VM unit is damageful
I agree with the general sentiment. I treat anything running arbitrary machine code as if it has full access to a machine. I don't know where you get "run your services as root" from that, though. The principle of least privilege doesn't just apply to running malicious code, but running buggy code whose attack surface is exposed to evil-doers.
That said, running every process in its own micro VM is looking more attractive by the minute.