Leaving aside the mediocre reputation of the Linux Foundation, is it true that everyone moving away from MCP and towards Claude Skills at this point?
Mediocre?
Readit Newsmixologic commented on Donating the Model Context Protocol and establishing the Agentic AI Foundation anthropic.com/news/donati... · Posted by u/meetpateltech
Take a look at the original json.org license and all the problems that the "not for evil" clause they added to it had caused.
Ultimately though, if you put a non free license on your libraries, somebody will cry foul, fork it, and evil will still happen.
mixologic commented on How to repurpose your old phone into a web server far.computer/how-to/... · Posted by u/louismerlin
This sounds more like "How to add more devices to a botnet."
Exposing a port isn't exactly a safe thing to do nowadays, and I'd be wary of the security posture of an "old phone". Proceed with caution.
mixologic commented on Project Amplify: Powered footwear for running and walking about.nike.com/en/newsroo... · Posted by u/justinmayer
Yeah, but do they still work when us-east-1 goes down?
mixologic commented on Google flags Immich sites as dangerous immich.app/blog/google-fl... · Posted by u/janpio
The issue isn't the user-hosted content - I'm running a release build of Immich on my own server and Google flagged my entire domain.
Is it on your own domain?
Sigh. I literally bought an HDD last week. This would have been super handy.
mixologic commented on Android's sideloading limits are its most anti-consumer move makeuseof.com/androids-si... · Posted by u/josephcsible
> eliminating the ability of our devices from running any old code it downloads and runs is a huge safety win
No, this is just false. There's numerous, well-documented instances of malware making it past gatekeepers security checks. This move is exclusively about Google asserting control over users and developers and has nothing to do with security or safety.
The only "huge safety win" comes from designing more secure execution models (capabilities, sandboxing, virtual machines) that are a property of the operating system, not manual inspection by some megacorp (or other human organization).
Thats a false equivalency. I didnt say that software was safe because its been checked. Just that at the least, one can somewhat figure out where the software came from.
Getting a DUNS number obviously doesn't make it so that you cant publish malware. It just provides a level of traceability/obstacle that slows down the process of distributing malware.
mixologic commented on Android's sideloading limits are its most anti-consumer move makeuseof.com/androids-si... · Posted by u/josephcsible
I dunno man, it doesn't feel like a "huge safety win" that my computer has to check with a singular US tech company before it will let me use any software on it.
That's only sorta how it usually works. The developer has to check with a singular US tech company before they can sign the software they've given you.
Except yeah, the way this android stuff works is closer to that way. Instead of Google giving out a key for signing, they instead ask for one and tie a developer to a namespace, so yeah, I guess your Android phone has to check whether or not that namespace is "in the clear"
mixologic commented on Android's sideloading limits are its most anti-consumer move makeuseof.com/androids-si... · Posted by u/josephcsible
If you want to install software on your Microsoft Windows computer, it has to be signed by a verified developer, otherwise you get an overridable warning that the developer cannot be verified, the software may contain malware etc.
If you want to install software on you MacOS machine, the same thing applies. It must come from a verified developer with an apple account, otherwise you get a warning and must jump through hoops to override. As of macos15.1 this is considerably more difficult to override.
If you want to install iOS apps, the apps have to be signed by a verified developer. Theres no exceptions.
I just dont see a future where being able to create and publish an app anonymously is going to be supported.
Becoming a verified developer is a PITA, and can take a while or be impossible (i.e. getting a DUNS number if you're in a sanctioned country might be not at all possible) but at the same time, eliminating the ability of our devices from running any old code it downloads and runs is a huge safety win.
mixologic commented on NPM debug and chalk packages compromised aikido.dev/blog/npm-debug... · Posted by u/universesquid
It's not like NPM pre-Microsoft was a paragon of professional management or engineering...
The difference is in the apparent available resources. You cant get to "professional" without the time and money, and NPM post acquisition, presumably, has more of both. Granted, NPM probably doesn't have a revenue model to speak of, which means Microsoft is probably not paying it much attention.