Anthropic’s Model Context Protocol (MCP) has received a lot of attention for standardizing the way models communicate with tools, making it much easier to build intelligent agents. Google’s Agent2Agent (A2A) now adds features that were left out of the original MCP specification: security, agent cards for describing agent capabilities, and more. Is A2A competitive or complementary? Is it another layer in a developing protocol stack for agentic applications? Similarly, Claude Code has been the flagship for agentic coding, the next step beyond cut-and-paste and comment completion (GitHub) models. Now, with OpenAI’s terminal-based Codex and Google’s Firebase Studio IDE, it has competition. The upside for Anthropic? These tools implicitly acknowledge that Anthropic is the AI vendor to beat.

Artificial Intelligence

Programming

Security

Policy Puppetry is a new prompt injection attack technique that works against all major LLMs. The attack works by writing the malicious prompt in a form that can be interpreted as a policy file that the LLM would be required to obey.

Windows Recall is back. It’s in the preview channel. Many of the problems appear to have been fixed. It’s not on by default, it can be uninstalled, and it can be used without a network connection. But it’s still creepy, and Microsoft’s reputation is a problem that remains.

Mitre’s CVE program (Common Vulnerabilities and Exposures) was almost defunded. Funding expired on April 15 and was only extended for 11 months on April 17. CVE has been essential in disseminating information about security weaknesses in computer systems.

Google has announced end-to-end encryption (e2e) for Gmail. While this reduces the burden of implementing e2e encryption for IT departments, it’s debatable whether this is truly e2e. Recipients who don’t use Gmail can use a special subset of Gmail to read encrypted mail.

OpenPubkey SSH simplifies using SSH with single sign-on. It adds SSH public keys to the ID tokens used by OpenID Connect. Short-lived SSH keypairs are created automatically when users sign in, and don’t need to be managed by users.

Infrastructure

Microsoft is working on a tool that automates fixing Windows 11 boot crashes. Boot crashes are typically caused by configuration errors or installing a bad device. A tool like this might have helped users to recover after the bad CrowdStrike update last year.

Web

Could OpenAI be the new Twitter? The company’s apparently in the early stages of creating a social network that integrates with ChatGPT.

xkcd’s annual belated April Fools’ joke on push notifications is a masterpiece.

Mozilla is looking past its Thunderbird email client to Thundermail Pro, a full email service that’s designed to compete with Gmail. It will include a calendaring service and an AI tool for help writing messages.

Quantum Computing

Quantum messages have been sent over commercial communications infrastructure. The distance (254 km) almost doesn’t matter; what’s more important is that the experiment used commercial optical fiber with no cooling or other quantum-specific support.

An Australian company has developed an alternative to GPS that uses quantum sensors to pinpoint locations based on the Earth’s magnetic field. The device doesn’t emit signals, can filter out noise, and unlike current GPS systems, isn’t vulnerable to outages or attacks.

Phasecraft has developed an algorithm that makes quantum simulations more efficient. This advance could help quantum computers to model chemical reactions and create new materials.

Robotics

Hugging Face has acquired Pollen Robotics and is planning to sell robots. Its first offering, Reachy 2, is a humanoid robot that can be programmed using Hugging Face’s LeRobot models.

RoboBee is a tiny flying robot (roughly an inch long) that can land safely on a leaf.

