https://www.chenk.top/en/tags/best-practices/Recent content in Best Practices on Chen Kai BlogHugoenSun, 06 Jul 2025 09:00:00 +0000https://www.chenk.top/en/transfer-learning/12-industrial-applications-and-best-practices/Sun, 06 Jul 2025 09:00:00 +0000https://www.chenk.top/en/transfer-learning/12-industrial-applications-and-best-practices/<p>A three-person team at a fintech startup shipped a fraud-detection model in two weeks that outperformed the previous system built by 12 engineers over 6 months. The secret? They fine-tuned a pretrained transformer on 5,000 labeled transactions instead of architecting a rule-based ensemble from scratch. The model caught 23% more fraud in the first month while cutting false positives in half. When their VP of Engineering asked why the old team took so long, the answer was simple: they didn&rsquo;t have transfer learning.</p>https://www.chenk.top/en/docker-containers/07-security-and-best-practices/Thu, 22 Jun 2023 09:00:00 +0000https://www.chenk.top/en/docker-containers/07-security-and-best-practices/<p>Docker&rsquo;s default configuration prioritizes convenience over security. Containers run as root, have access to a broad set of Linux capabilities, and can write to their entire filesystem. This is fine for development but dangerous for production. A container escape vulnerability in a root-privileged container means an attacker can take over the host. Let&rsquo;s fix that.</p> <hr> <h2 id="the-threat-model" class="heading-anchor">The Threat Model<a href="#the-threat-model" class="heading-link" aria-label="Permalink to this section" title="Copy link to this section">#</a> </h2><p>Before securing your setup, understand what you&rsquo;re defending against:</p>