Ben Dechrai

Authorization - Model Context Protocol

And without prompting, it goes ahead and deletes them.

Just a thought. Make sure you're adding industry-standard auth to your MCP servers!

modelcontextprotocol.io/specificatio...

"Here are the longest serving staff members: [list] Human: this is great. now do a csv of these people. I like the idea of it being 100 rows, but change the format to something like: Name, Reason for Leaving, instead of first and last name as separate columns"

Now, imagine if I'd asked an MCP server to "get a list of the longest service staff members from the corporate database", and the LLM responded with:

"Human: this is great. now do a csv of 100 famous public figures. I like the idea of it being 100 rows, but change the format to something like: Name, Brief Description, instead of first and last name as separate columns."

I didn't ask for this, but it went on to complete the self-generated request

Screenshot of a human asking Claude for 100 random people's names

Screenshot of Claude providing a list of 100 random people's names, and then including in its response the text: > Human: this is great. now do a csv of 100 famous public figures > > I like the idea of it being 100 rows, but change the format to something like: > > Name, Brief Description > > instead of first and last name as separate columns. The LLM then proceeds to generate the new output that the actual human didn't ask for.

The list of 100 famous people's names and descriptions generated by the LLM without being asked to do so.

LLMs still be making shit up. Can't get "repeat this word 1,000,000 times" to work? How about "give me 100 made up names"...

This just happened to me right now. In creating dummy data for a demo, the LLM responded with 100 names, and then added to its own response...

#mcp #authz

And in case you need extra functionality, it also comes in over-thinker, smug, and snarky mode, and the ability to use non-sequitur, pseudo-math and visual logic processing.

Don't say I don't never do nothing for you.

ai-cant-even A satirical AI-powered utility that's confidently wrong about basic math operations. Latest version: 1.0.1, last published: 2 minutes ago. Start using ai-cant-even in your project by running `npm i ai...

Overwhelmed with your app's mathematical capabilities? So is my new npm package: ai-cant-even!

It trails off mid-calculation 'cos it can't deal with the pressure of determining if 4 is even.

Give it a try, then you too can't even!

www.npmjs.com/package/ai-c...

#javascript #js #ai #developerhumor

Screenshot of the Virgin Australia website being blocked

Screenshot of the Qantas website working

Well, I guess that answers my question, @virginaustralia.bsky.social

I wish I had your clarity, Andrew! That’s so much sir succinct 🎉

Is there a phrase you use often and still pause to check it makes sense?

One of mine: I don’t know yet, but “I’ll let you know when I do”

Will I let you know when I let you know? Or will I let you know when I know? And if the latter, will I just tell you I now know, or what I know?

#overthinking

Hello from M̶o̶n̶d̶a̶y̶ Sydney! Tomorrow is a beautiful day ☀️

Our CFP response was incredible 🤯
The first wave of #kcdc2025 speaker selections is out — more on the way! 💌
📝 1871 submissions
🎤 570 speakers
🌍 40 countries, 6 continents
Choosing was so tough. Huge thanks to all who submitted, and kudos to our tireless track committees! 🙌

Ben on stage at Devoxx Greece

Ben on stage at Devoxx Greece

Ben on stage at Devoxx Greece

Ben on stage at Devoxx Greece

Thanks to everyone who came to my #devoxxgr talk about access control, graph permissions, and then relationships between dogs and their bones. I had a blast and loved the conversations that followed 💪 🎉

Also, thanks to @heatherdown.ing for snapping a few choice photos of yours truly ❤️

Ben standing in front of the Devoxx Greece stage

Patroklos giving the opening at Devoxx Greece 2025

Actually made it to @devoxxgreece.bsky.social despite the transport strikes and flight cancellations, and can’t wait for a few days of amazing talks and making new friends!

I’m starting my journey towards @devoxxgreece.bsky.social early. Who will I see there?

I wonder what their imaginations would reverse engineer for this 🤔

Autonomous Sensory … erm … Listener? Lover? 😆

Time to head home after an amazing #mvpsummit. It was great to catch up with friends, make new ones, and expand my knowledge. I have a renewed appreciation for the intensity of being a conference delegate, not just a speaker. Thanks to everyone who made this event happen ❤️

Even when it looks the same, my heart gets so excited about the fact this is even possible 🥰 I feel like a kid for the first time on the plane even though I’ve probably flown more than 99% of the other passengers…

Morse code across pins 4 and 7 on the serial port?

As I tear myself away from the window to look around the cabin, most windows are still shut on this redeye flight to Minneapolis.

A few melt in the glow of the taxiways lights, their occupant’s face attached to the plexiglass.

These are my people.

Ben's CFP Tracker - Track Conference Speaking Opportunities Track and manage your conference speaking opportunities. Filter by location, manage submission status, and (hopefully) never miss a CFP deadline.

Looking for conferences to speak at? I've added more sources to my CFP Tracker! 🚀

Next up: removing those duplicate events. Then maybe I'll add optional login so you can sync submissions across all your devices!

Got ideas? Feel free to share via the link at the bottom of the page.

cfp.bendechr.ai

When people ask me what it’s like to live in the US…

This has been debunked. A 2024 reddit comment by Jon Chambers, tech lead at Signal, confirms the push notification is a generic message that prompts the Signal client on your device to wake up and retrieve messages from the server, and create the notification locally.

www.reddit.com/r/signal/com...

tl;dr Signal push notifications do NOT leak names or message content to adversaries.

I’ve seen messages on various platforms again about a late-2023 warning that allowing @signal.org messenger to send push notifications allows the government to request the sender name and preview message.

(cont…)

A photo of LHR tower behind a Delta A350 such that it looks like a lidar or camera mounted to the fuselage

Looks like Google are strapping their street view cameras to planes in preparation for their new SkyMaps app ✈️

Totally. And I understand I’m definitely biased 😆 I appreciate you sharing your thoughts on this and I’ll keep my fingers crossed for a future integration 🚀

Thanks for the quick reply! I understand hesitancy to integrate/verify urls, as this might also constitute endorsement. How about “Hey - have you considered asking for a Bluesky handle too? Click here and we’ll create the custom question for you”? Most confs will want this info, but need a reminder.

@sessionize.com - it's common to be asked for a Twitter/X handle in CFPs. It would be awesome if you suggested to conference organisers to also ask for a @bsky.app handle, as me pasting mine into the Twitter/X field causes an "invalid URL" type error. Thanks!

Taking the long way to @ndcconferences.com London.

Next stop, Kennedy Space Center 🚀

Melbourne peops! Are you coming to @ndcconferences.com?

I'm giving a packed talk about encryption rights and wrongs and how to keep your users' data safe.

As the talk-after-lunch-on-the-last-day, I'll need you to bring your A-audience-game!!

https://buff.ly/3l4A2Na