Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
tptacek 3 hours ago

Corporate/enterprise networks have nightmarish setups for centralizing access to LLMs. This seems like an extremely natural direction for Tailscale; it is to LLM interfaces what Tailscale itself was to VPNs, a drastically simplified system that, by making policy legible, actually allows security teams to do the access control that was mostly aspirational under the status quo ante.

Seems straightforward?

I think if you don't have friends working at e.g. big banks or whatever, you might not grok just how nutty it is to try to run simple agent workflows.

Bluecobra 3 hours ago | parent | next [-]

>Corporate/enterprise networks have nightmarish setups for centralizing access to LLMs.

As someone who is on the other side of the fence on this and trying to keep the network secure and preventing data exfiltration there could be a good reason for this. More often than not we have folks doing all kinds of crazy things and ignore what’s in the handbook. For example we had someone who didn’t like MFA for remote access and would use Tailscale to have a remote permanent reverse proxy to their homelab to do whatever work they were doing. What’s funny is that we are not BOFH’s and would have helped them setup whatever they need had they just sent us an email or opened a ticket.

tptacek 3 hours ago | parent [-]

The whole Tailscale ethos is exactly what you're talking about:

* Security/risk teams have coherent, sensible goals for managing access

* The technology stack they've landed on makes those goals performative; so complicated that they can't even express their most important goals, so annoying that users route around it

* What's needed is a radically simplified approach that centers end-user experience (particularly around onboarding).

I'm not saying banks are crazy to want to control LLM usage (I'm not bullish on it long-term either, but I see the issue), just that the systems I've talked to friends about them using today are batshit, ranging from "foundation lab shmoundation lab we'll just do our own models" to "OK you can operate in 2025 but only in a Citrix terminal".

skrtskrt 2 hours ago | parent | prev [-]

Yeah I think it's better to think of Tailscale as an access control company which is utilizing networks as the utility vector, not a network utility company that also has access controls.