Jeremy Lewi
@jeremy.lewi.us
Building foyle.io to use AI to deploy and operate software.
MLOps Engineer, Kubernetes enthusiast, dog owner
Formerly at Google and Primer.AI
Started Kubeflow
MLOps Engineer, Kubernetes enthusiast, dog owner
Formerly at Google and Primer.AI
Started Kubeflow
Good luck. Unfortunately I think the only way we get out of this mess is if things get bad enough that there is a political price to be paid.
November 8, 2025 at 11:27 PM
Good luck. Unfortunately I think the only way we get out of this mess is if things get bad enough that there is a political price to be paid.
I can't believe they were willing to keep deliberating. Who has that kind of time?
November 6, 2025 at 3:48 AM
I can't believe they were willing to keep deliberating. Who has that kind of time?
MCPs are being used as an imperfect solution here. If you create your own MCP around the service than you can block access to resources outside the VPC..
November 1, 2025 at 4:03 PM
MCPs are being used as an imperfect solution here. If you create your own MCP around the service than you can block access to resources outside the VPC..
GitHub is a great example because it has a ton of world writeable surfaces. So an agent with access to sensitive data could exfiltrate it. Imagine your agent is helping you with a K8s issue and helpfully opens a GitHub issue with a bunch of sensitive code?
November 1, 2025 at 4:03 PM
GitHub is a great example because it has a ton of world writeable surfaces. So an agent with access to sensitive data could exfiltrate it. Imagine your agent is helping you with a K8s issue and helpfully opens a GitHub issue with a bunch of sensitive code?
1. Destructive actions on resources you own
2. Exfiltration of data to resources you don't.
IAM protects against the first. VPC service controls protect against the second.
2. Exfiltration of data to resources you don't.
IAM protects against the first. VPC service controls protect against the second.
November 1, 2025 at 4:03 PM
1. Destructive actions on resources you own
2. Exfiltration of data to resources you don't.
IAM protects against the first. VPC service controls protect against the second.
2. Exfiltration of data to resources you don't.
IAM protects against the first. VPC service controls protect against the second.
I'm not a huge fan of analogies I think it often just adds more confusion. In this case how many people have firsthand knowledge of what being a surgeon entails? My only reference is pop culture and I'm not sure greys anatomy is accurate
October 24, 2025 at 3:06 PM
I'm not a huge fan of analogies I think it often just adds more confusion. In this case how many people have firsthand knowledge of what being a surgeon entails? My only reference is pop culture and I'm not sure greys anatomy is accurate