HackerTrans
TopNewTrendsCommentsPastAskShowJobs

zimbatm

no profile record

comments

zimbatm
·mese scorso·discuss
Another aspect is access control.

CLIs live in the same namespace as the agent, so any secrets the CLI needs access to, the agent can also exfiltrate. And access control is lightly gated by the agent's tool call policy.

For an enterprise-level deployment, it becomes quickly desirable to have a centralized MCP backbone, on which each MCP is attached to. A place you can attach policies to, log activity, and reason about access control.
zimbatm
·2 mesi fa·discuss
Maybe. This phenomenon of security holes being found closely to each other was also common before LLMs. People attention gets directed to a place and typically more issues are getting found.
zimbatm
·2 mesi fa·discuss
Is there actual evidence coming from the Bun project itself?

Otherwise it's just FUD.
zimbatm
·3 mesi fa·discuss
This is how keychains should be designed. Never return the secret, but mint a new token, or sign a request.

We need this also for normal usage like development environments. Or when invoking a command on a remote server.

Are you going to add support for services that don't support OIDC or this going to be a known limitation?
zimbatm
·5 mesi fa·discuss
Isn't the point of OpenClaw that the agent can modify itself?
zimbatm
·7 mesi fa·discuss
Thanks! Playing with packaging automation is actually quite fun.
zimbatm
·7 mesi fa·discuss
Just added it to our inventory. For those of you using Nix:

    nix run github:numtide/llm-agents.nix#mistral-vibe
The repo is updated daily.
zimbatm
·10 mesi fa·discuss
Gerrit is doing this with NoteDB. Backups are just one git clone away.

See https://gerrit-review.googlesource.com/Documentation/note-db...
zimbatm
·8 anni fa·discuss
Why? Because the W3C is a factory the never stops churning out specs.

It's quite telling that even Microsoft was not able to keep-up with the complexity and decided to piggy-back on the biggest investor.

If we want less mono-culture, the first thing to do is to bring the complexity down to something manageable.
zimbatm
·8 anni fa·discuss
The main reason to use `curl | bash` is because it's installed almost everywhere. Everything else can be bootstrapped from that.

If there was a standard `curlbash <URL> <SHA256>` program that was installed everywhere it would allow to work around all of these issues.
zimbatm
·8 anni fa·discuss
How compatible are the various ZFS forks?

Is it possible to create ZFS volume on macOS and mount it on Linux, FreeBSD and Illumos all the same?

I'm asking because we are still missing a good cross-platform filesystem with modern journaling and snapshotting.
zimbatm
·12 anni fa·discuss
Andreessen hits a point when he says what foreign government knew full well that they where spied upon. We have to remember that those revelations are for the public. Given how easy it was for Snowden to acquire these documents it's not far fetched to think that the other groups of power already had access to them. And they are collaborating with the US anyways. Politicians cry outrage to calm down the public. As if they where the victims. Funny how they never talk about what counter-measures could be applied. Shouldn't it be our countries responsibility to ensure that the Internet is not bugged at least in the realm of the country ?