Many world-class companies depend on Windows, so does that mean you think Windows is safe?
An individual does not have the same access to custom tools, and teams of competent people, that ensure their usage of the Linux ecology is secure.
A recent example: I was investigating using CloudFlare Functions, because I think CloudFlare has world-class security and that “serverless” product avoids many security issues I might have with other solutions. Yet one setup step suggested piping in a script from curl to shell (commonly suggested for install steps!). Even worse, https://github.com/cloudflare/wrangler2 is their CLI tool to help development, and Wrangler is based on the node ecology, which is completely insecurable as an individual developer IMHO (trillion dollar companies can probably secure the dev environment). I use a VM to provide some sandboxing, but it still leaves me feeling icky.
echo '# Hmm' > index.md
npx @11ty/eleventy
npx wrangler publish --assets _site/ --name name-of-static-website --latest
When added to the "edge", it means they're (insanely) fast, obliterate cold-start problem (which is killer in chat where you might have not have retry), and as long as what you write can execute between 10-50ms (with ~30s for follow-on queries) it sometimes feels like cheating
The same way Cloudflare "pushes" configuration to their network, they use a similar mechanism to push code to their edge nodes.
They have killer dev tooling too-- https://github.com/cloudflare/wrangler2
You *DON'T* need to think about regions ever-- just deploy to a lot of small regions instantly & it usually "just works" and is fast everywhere.
For extra credit, you also get access to rough-grained location information from each "node" in their network that your users connect to (globally you can get access to rough-grained local timezone, country, city, zipcode, etc): https://blog.cloudflare.com/location-based-personalization-u...
ex. for chat, could so something like to prompt for location info: https://i.imgur.com/0qTt1Qd.gif
Kenton Varda (https://twitter.com/KentonVarda) who was in charge of Protobuf and other projects gave an overview tech talk @ 10:23 speaks to isolates: https://youtu.be/HK04UxENH10?t=625
## Downsides encountered so far
- Not 1-1 replacement, think of your code like a highly-performant service worker (usual suspects: https://developer.mozilla.org/en-US/docs/Web/API/Service_Wor...)
- Many libraries (like Axios for instance) won't work since they call out to Nodejs (this might be a good thing, there are so many web APIs available I was able to write a zero-dependency lib pretty easily) They're adding bespoke support for packages: https://blog.cloudflare.com/node-js-support-cloudflare-worke...
- There's only a tiny of bit of customization for Workers required, however, there's a bit of platform risk
If you haven't tried before, definitely worthy of further examination
Re: security, it seems like a pretty good model.