The sad part is that these "Israel Supporters" don't realize they've destroyed Israel in the process.
For 2 reasons:
1. Most young Americans, in both parties, are sickened by this. Next generations of Americans are not gonna support Israel anymore and the US support for Israel is the only security Israel has. In 20 years Israel will be left alone between all the countries that they once had a chance to make peace with, but decided to wage war against.
2. Israel is gonna deteriorate and become another authoritarian regime like the rest of of the Middle East. The ultra orthodox population grows and it's simply not gonna be a democratic state anymore.
So yes, go ahead, commit a genocide/ethnic cleansing (whatever you name it) in the name of a country that you destroyed in the process.
People on our circles are obsessed with model performance. OpenAI's lead is not there and hasn't been there for some time.
They do, however, have a major lead in terms of consumer adoption. To normal people who use llm's, ChatGPT is _the_ model.
This gives them a lot of opportunities. I don't know what's taking them so long to launch their own _real_ app store, but that's the game they are ahead of everyone else because of the consumer adoption.
Totally, I feel like though you do have to pay some attention for example in the context I'm working on, for the last while, Gemini was our gold standard for code generation whereas today, Claude subjectively produces the better results. Sure you can stick to what worked abut then you're missing the opportunity to be more productive or less busy, whichever one you choose.
I remember the days when I was looking for the perfect note-taking system/setup - I never achieved anything with it, I was too busy figuring out the best way to take notes.
Well, that's why REST api's exist. You don't expose your database to your clients. You put a layer like REST to help with authorization.
But everyone needs to have an MCP server now. So Supabase implements one, without that proper authorization layer which knows the business logic, and voila. It's exposed.
Code _is_ the security layer that sits between database and different systems.
While I'm not very fond of the "lethal trifecta" and other terminology that makes it seem problems with LLMs are somehow new, magic, or a case of bad implementation, 'simonw actually makes a clear case why REST APIs won't save you: because that's not where the problem is.
Obviously, if some actions are impossible to make through a REST API, then LLM will not be able to execute them by calling the REST API. Same is true about MCP - it's all just different ways to spell "RPC" :).
(If the MCP - or REST API - allows some actions it shouldn't, then that's just a good ol' garden variety security vulnerability, and LLMs are irrelevant to it.)
The problem that's "unique" to MCP or systems involving LLMs is that, from the POV of MCP/API layer, the user is acting by proxy. Your actual user is the LLM, which serves as a deputy for the traditional user[0]; unfortunately, it also happens to be very naive and thus prone to social engineering attacks (aka. "prompt injections").
It's all fine when that deputy only ever sees the data from the user and from you; but the moment it's exposed to data from a third party in any way, you're in trouble. That exposure could come from the same LLM talking to multiple MCPs, or because the user pasted something without looking, or even from data you returned. And the specific trouble is, the deputy can do things the user doesn't want it to do.
There's nothing you can do about it from the MCP side; the LLM is acting with user's authority, and you can't tell whether or not it's doing what the user wanted.
That's the basic case - other MCP-specific problems are variants of it with extra complexity, like more complex definition of who the "user" is, or conflicting expectations, e.g. multiple parties expecting the LLM to act in their interest.
That is the part that's MCP/LLM-specific and fundamentally unsolvable. Then there's a secondary issue of utility - the whole point of providing MCP for users delegating to LLMs is to allow the computer to invoke actions without involving the users; this necessitates broad permissions, because having to ask the actual human to authorize every single distinct operation would defeat the entire point of the system. That too is unsolvable, because the problems and the features are the same thing.
Problems you can solve with "code as a security layer" or better API design are just old, boring security problems, that are an issue whether or not LLMs are involved.
--
[0] - Technically it's the case with all software; users are always acting by proxy of software they're using. Hell, the original alternative name for a web browser is "user agent". But until now, it was okay to conceptually flatten this and talk about users acting on the system directly; it's only now that we have "user agents" that also think for themselves.
It doesnt' have to be REST, but it does have to prevent the LLM from having access to data you wouldn't want the user having access to. How exactly you accomplish that is up to you, but the obvious way would be to have the LLM use the same APIs you would use to implement a UI for the data (which would typically be REST or some other RPC). The ability to run SQL would allow the LLM to do more interesting things for which an API has not been written, but generically adding auth to arbitrary sql queries is not a trivial task, and does not seem to have even been attempted here.
> injection attacks are confined to the rows that the user has access to, which is OK
Is it? The malicious instructions would have to silently exfiltrate and collect data individually for each user as they access the system, but the end-result wouldn't be much better.
Why is Uber's price not affected by Waymo is a puzzle to me.
I use Waymo's all the time. There are still some quirks they need to figure out and polish the experience, but it really is happening and it appears that Uber's head is in the sands or I'm missing something here.
Scalability? Waymo is operating in a handful of carefully chosen US cities. Uber can probably open in any city in the world (within reason) with probably a few weeks' effort.
I agree with your underlying premise that in the (very) long term, all taxis will be automated; I guess the gamble for investors is how long that transition takes, across the globe.
> Waymo is operating in a handful of carefully chosen US cities. Uber can probably open in any city in the world (within reason) with probably a few weeks' effort.
This. Uber can operate anywhere that has human drivers and cell service. Waymo needs (I think) high-precision maps that are frequently updated, and simple traffic behavior.
Traffic in Lima looks like absolute chaos to an American, with endless honking and lane markers treated as vague suggestions, but there are not constant crashes, because the (mostly professional) drivers know the local conventions and communicate with each other by horn, eye contact, hand signal, etc. Huaraz is full of blind 4-way intersections with no stop signs, so drivers honk as they get close to one, and there is a remarkable lack of fiery death.
Waymo can't work in most places until it either changes human driving, or achieves AGI. Uber works as soon as it can pay local drivers.
So you're saying Waymo can't scale because traffic in Lima is chaotic? That feels like saying cars won't scale because many rural villages don't have roads smooth enough for cars, and that horses can deal with that problem just fine.
Yes and no. If you think Lima is a "rural village," you need to get out more, or at least check Wikipedia. It's a city of 10+ million people that doesn't follow American traffic laws, and there are plenty more like Huaraz (100,000+) where I can catch a human-driven taxi right now.
I'm saying a Jaguar I-Pace with lidar that knows how to follow lines and a high-res map isn't suitable for a lot of the world's roads. And how it will "scale" to what a taxi can handle right now isn't at all obvious.
I've driven or motorcycled in Chile, Mexico, Indonesia, Vietnam, Philippines. Too many situations where the roads are just nonsense and the other drivers are insane or homicidal: I can't imagine how a self-driving car could work in the worst traffic without AGI.
Plus drivers will learn the weaknesses of self-driving cars and then abuse those weaknesses.
Taxi drivers know not to stop in certain unsafe locations - good luck for self-driving cars to learn how to read for dangerous situations because of criminals.
I wouldn't touch Uber stock, but the PE ratio is only 15. My guess is the market is expecting them to be able to still grow in the next few years even if they eventually face tough competition.
I think there's also the fact that if self-driving cars take off and price goes down, people will ultimately rely on taxis/delivery more than ever. Maybe there is a place for Uber to be the platform for that still, maybe not.
Waymo and Uber have partnerships in some cities, like Phoenix, where you can only order a Waymo through the Uber app. So they don't view each other only as competitors, though I have no clue what Uber's thinking long-term.
I've heard this argument again but just because you can hail a Waymo through Uber doesn't mean Uber can continue as-is. In a world where Uber is just the app, Uber's margins would be extremely thin and it wouldn't justify the market price it has now.
Also, why would Waymo, in the long term, use Uber for this?
They have the car, the driver, the app/software. They are not gonna share a big chunk of the profit with Uber in long term. The current partnership is probably just a tactical thing for both, not a strategic one.
I always assumed waymo would immediately kill uber, but really the likelihood is that there will be multiple self driving companies as well as human drivers in markets. A big city may need 2000 waymos most of the time, but 5000 waymos on a saturday night or when a big game is on. Google can either build 2.5x as many as they need, or they can keep other operators in the market to make the service more functional during peak times. It is likely that other operators will bring cars to market, and a unified app with different self driving providers will bring better service than any individual provider.
Waymo could develop some type of modular docker-type container that would significantly fill the interior of their vehicles, or maybe even replace the interior of their vehicles. So equipped, a Waymo vehicle could be used to deliver supplies and stock to small businesses throughout the city throughout the week. Think small chains such as convenience stores, they could lower the per-store inventory and refill from remote, cheaper-rent areas, if they had three Waymo deliveries during the work day.
Those vehicles would then be fitted with the human interiors for the high demand periods you state.
There could be a stable long term arrangement between Waymo and Uber. Think of the relationship between Nvidia and OEMs, where Nvidia gets all of the margin and only has to deal with B2B bulk orders that they can redirect at any time, while the OEM has to deal with all the expensive customer support, returns, recalls, and other annoying aspects of retail.
It's not a future where Uber is a viable company though.
Perhaps. Or it may be that Uber sees its long term future as lead gen and management for people/goods transportation, and Waymo sees itself as fulfillment of those.
Uber has tremendous brand recognition and marketing in ways that Google has never been good at. I don’t think it’s the most likely outcome, but I would not be shocked to see Uber take an minority ownership stake in Waymo, use it as the preferred self-driving option, and phase out human drivers in many areas over the next 10 years.
How is Uber subcontracting a ride out to waymo really any different from subcontracting out to a gig worker? It's not an Uber employee or an Uber owned or maintained car in either case.
In the partnership model Waymo charges uber for the ride and Uber charges the customer.
The interesting thing is that uber loses money on every ride. Waymo charges Uber more than Uber charges the customer.
On Uber’s side, though, this is preferable to losing the entire ride. Uber loses much more slowly by controlling the distribution and losing a few dollars per ride than by losing the entire customer base with no revenue from these customers.
Uber eats and other diversifications. Unlike Lyft, which refused to diversify, which I always thought was a strange choice especially once the pandemic hit, Uber not only the dominant player but also diversified enough where it will most likely still be the #1 player, with the second seat now being Waymo. Based on how Waymo scales from city 1 to city n, it is extremely hard for them to do 100 cities at once. And international expansion will be almost impossible. Uber will still continue to dominate those markets.
The thing people miss about Uber is that Waymo doesn't need to scale to 100 cities at once to eviscerate Uber's ride hail business. They need to win the couple dozen largest cities that make up the vast majority of Uber's profits. The rest of the world drives less volume and costs vastly more to service when you account for things like regulatory compliance, internationalization, payments, and support.
My hesitation to use Uber is rarely about price. It's about the miserable experience of having a driver who cancels or never shows up. Prices bumping up or down 20% doesn't move the needle.
WTF, it's definitely on the status page -- if you can get to the status page, which, the status page having an outage is an alarm sign?
It has been there for over 9 hours now.
I would definitely shame them -- do they not even bother looking at status pages before giving you information? How has Heroku not distributed this information to any customer-contacting staff already?
It's crap like this that disturbs me even more than the outage in fact. I know bad outages can happen even to the best of us, but your account manager not knowing about it and not even bothering to try to find out before giving you bad information is the mark of mediocrity at best.
The biggest advantage of this is for the llm providers like OAI not application developers.
LLM's are brains with no tools (no hands, legs, etc).
When we use tool calling we use them to empower the brain. But using normal API's the language model providers like OpenAI have no access to those tools.
With MCP they do. The brain they create can now have access to a lot of tools that the community builds directly _from_ llm, not through the apps.
This is here to make ChatGPT/Claude/etc _the gateway_ to AI rather than them just being API providers for other apps.
The sad part is that these "Israel Supporters" don't realize they've destroyed Israel in the process.
For 2 reasons:
1. Most young Americans, in both parties, are sickened by this. Next generations of Americans are not gonna support Israel anymore and the US support for Israel is the only security Israel has. In 20 years Israel will be left alone between all the countries that they once had a chance to make peace with, but decided to wage war against.
2. Israel is gonna deteriorate and become another authoritarian regime like the rest of of the Middle East. The ultra orthodox population grows and it's simply not gonna be a democratic state anymore.
So yes, go ahead, commit a genocide/ethnic cleansing (whatever you name it) in the name of a country that you destroyed in the process.
I wish I wasn't their excuse for all this.