Mistral is doing some really great stuff lately. Sure, it's hard to compete with OpenAI and Anthropic and their models, but they are taking up some interesting takes and designing their product in unique ways.
I like a lot what they are doing and I'll be watching them a lot more closely. I'd love to work for them btw!
I've read the Tao Te Ching dozens of times. Every few years I'll re-read one new passage, daily, for three months (there aren't too many words within this semi-spiritual text).
My most recent read is the first, post-ChatGPT. From Verse Thirteen, three lines finally jumped out at me (which never have, before):
>>"I suffer because I'm a body; if I weren't a body, how could I suffer?" [1]
Already LLMs have shown me connections that no other human could endure/conjure from me (I've paid for a few attorney/therapists in my few decades living). Currently I'm the plaintiff in a lawsuit which I began with LLM counsel, and now have human counsel — this arrangement has saved lots of prep time, and led to interesting discussions with both counsel, human ¬.
One interesting conversation led to my human attorney recommending Neal Shusterman's Scythe Trilogy, which I've since read and absolutely re-recommend. Written in 2016 (same year as Attention is All You Need), it eerily hypothesizes many of the SciFi complexities that omnipotent general AIs now already-do ("Thunderhead" in scythespeak).
[1] Ursula K. LeGuin ~translation~, similar to Buddhist concept of "life is suffering"
yeah, I wrote it myself, but since I'm not a native English speaker, I do use AI to "fix" and "polish". I think AI made me a worst writer in a way lol.
it's my bad, I should have been more careful at keeping the content how I wrote it, without much of the fine tuning GPT did.
I worry about that too, but I'm not sure we are close to that yet. Maybe we'll end up working on legacy systems where AI would break more than it would fix, or maybe we would become prompters. Idk!
Auth0 is constantly releasing new features, including a new major offering now for AI agents. Plus is still very active in the development community, with open source like OpenFGA, frameworks, contributions to standards and so much more.
Not sure where the maintenance mode is coming from...
I've seen solutions implementing authorization in multiple ways, some still rely on the underlying services that map to the tools, guaranteeing the AT sent to those services is acting on behalf of the user.
Other's do checks at the tool level, systems like openfga can help make that easier by centralizing the authorization policies.
There are multiple ways, you can use known authorization methods like RBAC, or if you want something more fancy ReBac (tools like openfga, https://openfga.dev).
But there's only so much that you can do with that, if you need to call third party APIs on the user's behalf I'd recommend going with a solution revolving around custom token exchange (https://datatracker.ietf.org/doc/html/rfc8693).
reply