i think the key is having declarative policies that describe what access mean, then choosing whether to enforce inline, pre-filter, or batch filter based on latency/consistency tradeoffs
I'd be really happy if the internal company chatbot didn't share my private health concerns with everyone or reveal how much money I make. :) Great article!
The recurring theme of the Zanzibar approach to authorization is that it's prescriptive. The data format, logic language, and API are all tightly specified in order to define authorization in terms of relations between objects and users.
This approach makes a lot of sense at google, which has a famously monolithic culture and the ability to enforce top-down standards. But not so much at other companies.
There’s definitely some hype in any new data infrastructure trend (see: graph databases, time-series databases). But the problem vector DBs solve—retrieving context efficiently for LLMs—seems real enough. Maybe the question is whether LLM-native applications will be big enough to sustain a separate category. Is the industry moving toward general-purpose DBs incorporating vector search? or specialized vector DBs will still have a place in some time?
imo TypeScript is a superset of JavaScript that adds static types, enabling better error checking and code scalability, while JavaScript is a dynamically-typed language with no built-in type-checking so most projects that's complex and large could benefit from TypeScript's tooling and safety
"better engineers" is subjective, some people have more technical skills and some more leadership skills, some more interpersonal skills etc. there is always space for you and everything you bring to the table, and you are so much more than your "labor" capacity. please don't commit suicide.
I’ve hope this is helpful, but our robotics start up is still hiring for multiple roles, head of product marketing, senior mobile engineer, data/ml engineer, solutions engineer, etc.! If you are interested to talk, email me at [email protected]
