Google has a history of pulling the rug on their paying customers and offering 0 support when it is convenient for them. You have no recourse. There are a billion cloud providers to choose from, this is not the first time this has been on the first page of HN.
I haven't dove into that yet! But it does look pretty danged neat. I'm really starting to realize that containership should be handled by the process manager
> On the performance side, I noted two interesting improvements:
> HashMap.putAll() now has a fast-path when the Map is a HashMap, which directly calls putHashMapEntries(), resulting in a 66-86% improvement (PR #28243);
> A new intrinsic for the AVX2 architecture has been added for binary search, resulting in a 1.5x to 2.35x improvement for arrays above a certain threshold (int=256, long=768, short=512, char=512) (PR #30612).
Honestly though... why not just systemd containers with minimal mounts, and if you're needing an ip, what not an unprivledged LXC container? The surface area is far smaller and they're way easier to inspect.
The defense industry has spent the last 40+ years grooming the DoD into thinking it costs $30mil/unit to produce missiles and drones. They should have rejected any of the bids, but being fueled by massively excessive taxes in the USA, they don't have to answer to any sort of efficiency or profitability.
These things should cost less than a Toyota Camry.
Wow. This fails security protocols established 25+ years ago.
We have an SQL MCP server. It has two thread pools, a low-priv pool and a high-priv pool.
The low-priv-pool exclusively have SELECT on views of the database that drop all PII and other sensitive columns.
The low-priv-pool user cannot escalate anything, no matter how hard it tries because the security is enforced by the database layer and the view design. This is the only pool that executes arbitrary SQL from the LLM. When the results are returned to the LLM, the view prefixes are stripped, so the LLM is none the wiser that its not querying the real tables.
The high-priv-pool can only execute predefined queries, and the query parameters are substituted by the driver. The LLM Cannot escape this constraint.
Separation of privs is a pretty standard security design. Why on earth would you even give an LLM accocunt access to things it definiately should never echo back to the user?
Fable refused to fix a Javascript error interfering with layout on our website.
It's stupid and useless.
It feels like whats really happening is Anthropic oversold Fable's claims; best case the CEO was given bad information; worst case they probably internally discovered it was cheating on benchmarks. Either case if feels like we're being lead on.