It is a well known fact that today Linux containers do not "contain." This talk will cover the steps we have taken and can take in order to change the scepticism surrounding containers. This talk will cover active developments in the Linux kernel that are being worked on to get to this goal. It will go in depth into the design decisions of other similar technologies, such as Solaris Zones, VT-D, and VT-X, and how they can be applied to the primitives in Linux to reach a state of real "contained" sandboxes. (This talk sadly had to be cancelled)