It's certainly better than nothing. Hence "probably doesn't matter too much in this context" - but of course it always matters what your threat model is. Your own agents under your control with aligned models and not interacting with attacker data? Should be fine.

But too many people just automatically equate docker with strong secure isolation and... well, it can be, sometimes, depending a hundred other variables. Thus the reminder; to foster conversations like this.

Nitpick, which probably doesn't matter too much in this context but is always good to remember: Docker containers are not security boundaries.

Usually I'd just look at clusters of crashes (those that had similar stack traces) but sometimes when you're running a very small % experiment there's not enough signal so you end up looking at everything. And oh boy was there a lot of noise.

In an app with >billion users you get all kinds of wild stuff.

It doesn't even need to be that complicated. OS asks you your birthday at setup time. Stores it. Later, an app asks whether the user falls into one of the following brackets:

A) under 13 years of age, or B) at least 13 years of age and under 16 years of age, or C) at least 16 years of age and under 18 years of age or D) at least 18 years of age.

that's it. The OS can decide how it wants to implement that, but personally I'd literally just do get_age_bracket_enum(now() - get_user_birthday());

The bill is here: https://leginfo.legislature.ca.gov/faces/billTextClient.xhtm...

The uproar seems to be extremely overblown.

I'm probably missing something, but when I read the California statute I didn't understand it to be anything like "computers enforcing age" - more like, when you create an account it needs to ask your age, and then provide a system API by which apps can ask what bracket the account holder is in. This seems better than the current solution of every app asking independently?

Again, I'm probably missing something but it strikes me as pretty trivial to comply with?