Can you take the time to write your methods? I’d be interested in reading it

What does this protect you from that you’re exposed to by running a well-crafted rootless container on a system with SELinux or similar?

Generally kernel level attacks and neighbor performance impacts on the security side.

On the functional side without a kernel per guest you can't allow kernel access for stuff like eBPF, networking, nested virtualization and lots of important features.

Here is a good blog from docker explaining how even the best container is not as safe as a MicroVM https://www.docker.com/blog/containers-are-not-vms/

theoretically you can get to fairly complete security via containers + a gVisor setup but at the expense of a ton of syscall performance and disabling lots of features (which is a 100% valid approach for many usecases).

Well, isn’t division just substractive addition?

Seriously. The hypocrisy is staggering!

I met a traveller from an antique land, Who said: “Two vast and trunkless legs of stone Stand in the desert. Near them, on the sand, Half sunk, a shattered visage lies, whose frown, And wrinkled lip, and sneer of cold command, Tell that its sculptor well those passions read Which yet survive, stamped on these lifeless things, The hand that mocked them and the heart that fed; And on the pedestal these words appear: "My name is Ozymandias, king of kings: Look on my works, ye Mighty, and despair!" Nothing beside remains. Round the decay Of that colossal wreck, boundless and bare, The lone and level sands stretch far away.

- Percy Bysshe Shelley

I take that more as a rumination on the futility of vanity and self-aggrandizing rather than "ruling the world " which in the modern day comes down to politics. Yes, there is considerable overlap with ego, but there's more to that topic than pure self-worship.

I agree with your overall sentiment, but there are a few areas that the public clouds excel at despite this: geoscale and startups.

The seller should be banned under the Namecheap TOS. Furthermore, Namecheap should offer this buyer assistance and credit towards a future purchase of a domain as a good will gesture.

Your level-headed and reasonable position clearly indicates you are not Namecheap management material.

Where is the tldr? Anyone familiar…what does this do and why do we care about it being standards based?

This is a “standard” SDK for feature flags, allowing you to avoid vendor lock-in.

i.e., using feature flag SaaS ABC but want to try out XYZ? if you’re using ABC’s own DDK, refactor your codebase.

I appreciate that you can use the OpenFeature SDK with environment variables, and move into a SaaS (or custom) solution when you’re ready.

and the use of "we" to somehow give the impression that this person speaks for everyone

He has 100% been coached by their legal counsel to distance himself from this as this is likely going to court soon (being it’s likely very illegal). That’s why he repeats “we’ve never clawed back” twice…the chilling effect intended had a real effect, at a crucial time for the company, the likely motivation being to defraud investors who may have otherwise been more careful in their support if internal malfeasance around data set sourcing practices were revealed.

I hope ex-employees sue and don’t contact him personally. The damage is done. Don’t be dumb folks.