My thanks to WorkOS for sponsoring last week at DF. Every AI agent demo looks magical, but most hit a wall in enterprise deployment. It’s not model quality or latency. It’s authorization. Authentication proves an agent’s identity. Authorization defines its blast radius.

The winners in enterprise AI won’t have the most features. They’ll be the ones enterprises can safely trust. Learn how WorkOS FGA scopes that blast radius with resource-level permissions, and read their deep dive for more.

Max Seelemann: The parameters are documented, but the optimal combination is not. Here’s what I learned:kCGImageSourceCreateThumbnailFromImageAlways: While this seems optional for correct functionality, without it there will be error logged for images that might include embedded thumbnails (like JPEG or HEIC), but don’t. There’s a FromImageIfAbsent variant, but it did not silence these logs in […]

Caleb Jacobs (via Hacker News): While the agricultural manufacturing giant pointed out in a statement that this is no admission of wrongdoing, it agreed to pay $99 million into a fund for farms and individuals who participated in a class action lawsuit. Specifically, that money is available to those involved who paid John Deere’s authorized […]

Tim Hardwick (Hacker News): Amazon and Globalstar have announced a definitive merger agreement under which Amazon will acquire the satellite operator. […] Alongside the acquisition, Amazon and Apple have signed a separate agreement for Amazon’s Leo satellite network to power existing iPhone and Apple Watch satellite features, including Emergency SOS, Messages via satellite, Find My, […]

Photos from the New York Subway in the 1940s, by teenage Stanley Kubrick.