| ▲ | alexjurkiewicz 7 hours ago |
| Claude is leaning into the idea of a local "session" being the host where everything connects. I guess this makes sense for now. You can build integrations leveraging the user's personal access credentials. Later, once Claude takes over the world, they can move sessions to live in their own walled garden. |
|
| ▲ | 8note 2 hours ago | parent | next [-] |
| thats how Amazon worked its MCP setup - got everything onto oauth tokens, and then the harness knows how to to access the token to get permissions to whatever the user has. the bad part is setting separate permissions for different user tokens |
|
| ▲ | ttul 5 hours ago | parent | prev | next [-] |
| They certainly are. And this is likely to some degree a response to enterprise security desires. Enterprise endpoints are locked down already - no need for extra external API security if it’s just the user’s desktop communication as usual. |
| |
| ▲ | CorpOverreach 4 hours ago | parent [-] | | I feel like this is absolutely not the case. Our corporate infosec guys are freaking out, as developers and general users alike are finding all new ways to poke holes in literally everything. We're finding out quickly that enterprise endpoints are not locked down anywhere near enough, and the stuff that users are creating on the local endpoints is quickly outpacing the rate at which SOC teams can investigate what's going on. If you're using Claude via Anthropic's SaaS service it's near impossible to collect logs of what actually happened in a user's session. We happen to proxy Claude Code usage through Amazon Bedrock and the Bedrock logs have already proven to be instrumental in figuring out what led a user to having repeated attempts to install software that they wouldn't have otherwise attempted to install - all because they turned their brains off and started accepting every Claude Code prompt to install random stuff. Sandboxing works to an extent, but it's a really difficult balance to strike between locking it down so much that you neuter the tool and having a reasonable security policy. | | |
| ▲ | tharkun__ 4 hours ago | parent [-] | | Oh so much this, in a sense. Look, as a software dev myself, I really like that my company lets us use our computers the way we see fit. Pre- or post-AI with no restrictive lockdown. Been there, hated that. But I totally get the freaking out over "normal devs". The amount of stuff most people think is reasonable, AI or not, is mind boggling. For myself of course I like to just be able to be responsible myself. But as a security team I'd also be freaking out. Like, the amount of people that find our super boring, totally corporate "security training videos", helpful and insightful and "oh dang I'd never have thought of that!" is mind boggling all by itself. Never mind any actual security training that'd be useful to someone with half a brain. You can literally just click through the 8+ hours of stuff you're supposed to watch / answer / do in 30 minutes. |
|
|
|
| ▲ | clcaev 7 hours ago | parent | prev [-] |
| I'd like Claude on IOS to pull/commit from a private git repository for Markdown and ideally drawio diagram editing. |
| |
| ▲ | fzzzy 5 hours ago | parent | next [-] | | It can. Go to the code tab, choose your repo, and have it write an image file to disk. If you tell it to read it, it should show in the chat. It works on the web version so hopefully it works on ios. | |
| ▲ | bakies 5 hours ago | parent | prev [-] | | Claude Code for the web would be able to do that |
|
