HackerTrans
TopNewTrendsCommentsPastAskShowJobs

rdegges

no profile record

Submissions

Style Is a Consistent Constraint

stephango.com
3 points·by rdegges·4 месяца назад·0 comments

I Read Cursor's Security Agent Prompts, So You Don't Have To

snyk.io
2 points·by rdegges·4 месяца назад·0 comments

Agent Swarms, like the one Cursor created

mrinal.com
4 points·by rdegges·5 месяцев назад·0 comments

Can the 50-Year-Old Actor Model Rescue Agentic AI?

thenewstack.io
4 points·by rdegges·9 месяцев назад·0 comments

comments

rdegges
·25 дней назад·discuss
:o
rdegges
·25 дней назад·discuss
=0 I stumbled across this post and was thinking that it's interesting to see this topic trending now, since I've done a lot of work on it in the past. Then I clicked through and realized the author is linking to some of my stuff! What a blast from the past.

Anyhow, there are way smarter people than myself who have covered this topic extensively over the years, but I still think that, even in 2026, JWTs are the wrong tools for web auth. They're fine to use for service-to-service stuff, but if you have the option, just use PASETO -- it solves a lot of the issues!
rdegges
·4 месяца назад·discuss
> Yes US citizens that are putting themselves in a situation they shouldn’t have been in to begin with while threatening and provoking a violent reaction.

This is not at all true. Plus, it's inconsequential -- ICE agents have no authority over US citizens except in extremely limited circumstances (https://www.perplexity.ai/search/9f4518c4-8a32-474a-bd92-3f1...), and even if they did, being able to arrest someone, file charges, and work their way through the justice system is the answer... Not killing people on the streets.
rdegges
·4 месяца назад·discuss
Throwaway accounts and more propaganda isn’t proof of anything. I think it’s pretty clear that untrained, unaccountable armed people who have already killed multiple US citizens that they have no jurisdiction over is a real-world worry that people have.

It’s silly to dismiss rational, logic-based worry as “propaganda”.
rdegges
·4 месяца назад·discuss
This is straight up untrue. There are clean bill proposals to fund TSA that Republicans have rejected. https://www.perplexity.ai/search/are-the-proposed-tsa-fundin...
rdegges
·4 месяца назад·discuss
Straight white US citizen male here. This scares the shit out of me. I travel for work all the time, but understanding that we will now have barely trained, and in many cases completely lawless, consequence-free federal officers in direct, high stress, public areas where lots of people are constantly passing through seems like an absolute recipe for tragedy.

This will 100% make me reconsider travel and avoid airports with ICE agents. I think the writing on the wall is clear, nobody is safe.
rdegges
·5 месяцев назад·discuss
This is such a great idea. When I'm building net-new projects, I typically end up working with the AI assistant to build a comprehensive AGENTS.md as the first thing before any work gets done: specify tools, dependencies, architecture requirements, style, etc.

I end up getting way better quality.

The same is true for existing projects, but it always takes a whole lot longer as I'm typically chatting with my AI assistant to figure out what conventions are there that I forgot, etc., before building an AGENTS.md to make future changes simpler.

Love how this takes care of that.
rdegges
·7 месяцев назад·discuss
He also taught me networking in C in the early 2000's! A few years ago I moved from the Bay Area up to Bend, Oregon and ended up running into him in-person at one of the tech meetups.

I was so floored to meet him in person, and as you'd probably imagine, he's super kind and relaxed =D

A++ human being who's contributed so much to our field.
rdegges
·9 месяцев назад·discuss
I believe one of the main differences is that our scanner looks for toxic flows between mcp endpoints regarding how they interact with one another. Unless I'm missing something, the Cisco tool does not support this.

Our research lab discovered this novel threat back in July: https://invariantlabs.ai/blog/toxic-flow-analysis and built the tooling around it. This is an extremely common type of issue that many people don't realize (basically, when you are using multiple MCP servers that individually are safe, but together can cause issues).
rdegges
·9 месяцев назад·discuss
At Snyk, we've been working on this for a while. Here's our flagship open source project consolidating a lot of the MCP risk factors we've discovered over the last year or so into actionable info: https://github.com/invariantlabs-ai/mcp-scan