=0 I stumbled across this post and was thinking that it's interesting to see this topic trending now, since I've done a lot of work on it in the past. Then I clicked through and realized the author is linking to some of my stuff! What a blast from the past.
Anyhow, there are way smarter people than myself who have covered this topic extensively over the years, but I still think that, even in 2026, JWTs are the wrong tools for web auth. They're fine to use for service-to-service stuff, but if you have the option, just use PASETO -- it solves a lot of the issues!
> Yes US citizens that are putting themselves in a situation they shouldn’t have been in to begin with while threatening and provoking a violent reaction.
This is not at all true. Plus, it's inconsequential -- ICE agents have no authority over US citizens except in extremely limited circumstances (https://www.perplexity.ai/search/9f4518c4-8a32-474a-bd92-3f1...), and even if they did, being able to arrest someone, file charges, and work their way through the justice system is the answer... Not killing people on the streets.
Throwaway accounts and more propaganda isn’t proof of anything. I think it’s pretty clear that untrained, unaccountable armed people who have already killed multiple US citizens that they have no jurisdiction over is a real-world worry that people have.
It’s silly to dismiss rational, logic-based worry as “propaganda”.
Straight white US citizen male here. This scares the shit out of me. I travel for work all the time, but understanding that we will now have barely trained, and in many cases completely lawless, consequence-free federal officers in direct, high stress, public areas where lots of people are constantly passing through seems like an absolute recipe for tragedy.
This will 100% make me reconsider travel and avoid airports with ICE agents. I think the writing on the wall is clear, nobody is safe.
This is such a great idea. When I'm building net-new projects, I typically end up working with the AI assistant to build a comprehensive AGENTS.md as the first thing before any work gets done: specify tools, dependencies, architecture requirements, style, etc.
I end up getting way better quality.
The same is true for existing projects, but it always takes a whole lot longer as I'm typically chatting with my AI assistant to figure out what conventions are there that I forgot, etc., before building an AGENTS.md to make future changes simpler.
He also taught me networking in C in the early 2000's! A few years ago I moved from the Bay Area up to Bend, Oregon and ended up running into him in-person at one of the tech meetups.
I was so floored to meet him in person, and as you'd probably imagine, he's super kind and relaxed =D
A++ human being who's contributed so much to our field.
I believe one of the main differences is that our scanner looks for toxic flows between mcp endpoints regarding how they interact with one another. Unless I'm missing something, the Cisco tool does not support this.
Our research lab discovered this novel threat back in July: https://invariantlabs.ai/blog/toxic-flow-analysis and built the tooling around it. This is an extremely common type of issue that many people don't realize (basically, when you are using multiple MCP servers that individually are safe, but together can cause issues).
At Snyk, we've been working on this for a while. Here's our flagship open source project consolidating a lot of the MCP risk factors we've discovered over the last year or so into actionable info: https://github.com/invariantlabs-ai/mcp-scan
I have a decently-sized homelab and I've been renting out unused disk space. I actually allocated 20TB of disk space (RAID 1) and have been renting the space out via the Storj network (https://www.storj.io).
If you haven't heard of it, Storj is essentially a distributed S3 that's been around for many years now, and the way it works is that various people run Storj nodes while the Storj company runs a proxy server that breaks files up into small encrypted chunks and stores them across N peers for redundancy.
In my case, I back up my family photos/videos/documents to a Synology NAS, and my NAS is backed up to Storj. So when I run a Storj node with part of my disk space, the payments they give me essentially cover my own backups. I'm not making a ton of money or anything, but it's enough to pay for my own backups and that's a great deal.
If you're looking to do what the OP is talking about in a simple way, this is by far the best way I've found to do it.