Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Does MCP still have the security issues?

A big mistake in the first place to start it without proper security.

That not Web 2.0 2.0, that‘s Web 1.0




MCP Servers are usually installed locally and can do whatever they want on the local machine.

But this is solved by sandboxes such as mcp.run .


Sandboxes aren’t a solution just a workaround for a bigger problem


It's a mistake to not start at all because of an issue that may not be important for many important use cases.


It’s a mistake to start and to think security is a non important issue.

Anything that’s connected to the web has to consider security at step one.

How often are we repeating the same mistakes over and over again?


It's a mistake to invent your own terminology, skip all existing forms/standards/protocols of communication and chose the objectively worst-fitting one, and skip implementing one of the most fundamental part required by nearly anything




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: