惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Forbes - Security
Forbes - Security
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
P
Palo Alto Networks Blog
Martin Fowler
Martin Fowler
T
Threatpost
D
Docker
S
Schneier on Security
M
MIT News - Artificial intelligence
G
Google Developers Blog
L
LINUX DO - 热门话题
J
Java Code Geeks
月光博客
月光博客
博客园 - 三生石上(FineUI控件)
IT之家
IT之家
博客园 - Franky
C
Cyber Attacks, Cyber Crime and Cyber Security
K
Kaspersky official blog
Google DeepMind News
Google DeepMind News
N
News and Events Feed by Topic
V
Vulnerabilities – Threatpost
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
人人都是产品经理
人人都是产品经理
Spread Privacy
Spread Privacy
T
Tailwind CSS Blog
爱范儿
爱范儿
阮一峰的网络日志
阮一峰的网络日志
U
Unit 42
C
CERT Recently Published Vulnerability Notes
The GitHub Blog
The GitHub Blog
Simon Willison's Weblog
Simon Willison's Weblog
NISL@THU
NISL@THU
MongoDB | Blog
MongoDB | Blog
Application and Cybersecurity Blog
Application and Cybersecurity Blog
H
Heimdal Security Blog
Recorded Future
Recorded Future
云风的 BLOG
云风的 BLOG
SecWiki News
SecWiki News
P
Privacy International News Feed
P
Proofpoint News Feed
O
OpenAI News
B
Blog
腾讯CDC
F
Full Disclosure
Apple Machine Learning Research
Apple Machine Learning Research
T
Tor Project blog
H
Hacker News: Front Page
Project Zero
Project Zero
Hugging Face - Blog
Hugging Face - Blog
C
Cisco Blogs
S
Security Affairs

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
The Boring Protocol That Quietly Ate the Cloud
Kanak Waradk · 2026-04-25 · via DEV Community

This is a submission for the Google Cloud NEXT Writing Challenge

Act I — A Scene You've Already Lived

A Scene You've Already Lived

It is 2:47 AM.

You have been staring at the same error trace for three hours. Your AI agent — the one you spent two weeks fine-tuning, the one your manager called "the future of the team's workflow" — is broken. Not because the model is wrong. Not because your logic is flawed. It is broken because the tool it needs to call speaks a different dialect than the one you wrote the connector for. The authentication handshake is slightly off. The schema your agent expects doesn't quite match what the API returns. You wrote a wrapper, then a wrapper for the wrapper, then a helper function to normalize the wrapper's output.

You are not building intelligence. You are a translator in a room where everyone is shouting in a different language.

This is not a fringe experience. This is the defining condition of modern AI development, and almost nobody is talking about it. Because while the conference halls of Las Vegas erupted for a new Gemini model and eighth-generation TPUs, something quieter happened at Google Cloud NEXT '26 that will matter far longer than any benchmark score.

A protocol became the law of the land.

Act II — The Tower of Babel, Serialized

The Tower of Babel

To understand why the Model Context Protocol (MCP) is the most important announcement from Google Cloud NEXT '26, you have to understand the problem it kills. And to understand that problem, you have to go back further than you think.

In the beginning, there were APIs. This was supposed to solve everything.

APIs were the handshake that let software systems talk to each other. They were elegant in theory: you expose endpoints, you document them, and any system in the world can connect. For a while, this worked. The internet was built on it.

Then something changed. The internet didn't get smaller. It got bigger. Exponentially, chaotically bigger. And as it grew, every platform, every service, every product started developing its own dialect. REST. SOAP. GraphQL. gRPC. Webhooks. OAuth 1.0. OAuth 2.0. API keys in headers. API keys in query strings. Rate limits that differ per endpoint. Error codes that mean different things across different services. Every integration you built was, in reality, a custom translation layer — a bespoke diplomatic relationship between two systems that fundamentally did not understand each other's native tongue.

This was tolerable when software was built by humans, for humans, at human speed.

Then came the agents.

Act III — The Shatter Point (December 2025, Largely Unnoticed)

Here is the moment historians will circle back to.

In December 2025, before the spotlights, before the Vegas keynote stage, Google quietly launched fully managed remote MCP servers for Google Maps, BigQuery, Compute Engine, and Kubernetes Engine. No major press cycle. No splashy product announcement. Just a protocol, extended to four services, slipped into the changelog.

That was the shatter point.

Because here is what MCP actually is, stripped of the marketing language: it is a universal adapter for AI agents. Instead of an agent needing a custom-written integration for every tool it wants to use — instead of you, the developer, writing that integration — MCP defines a single, standardized way for agents to discover, connect to, and operate tools. One protocol. One handshake. Every tool that speaks MCP is instantly available to every agent that speaks MCP.

It is the USB port for artificial intelligence. And in December 2025, Google plugged it into four of its services and said nothing about it.

By April 2026, at Cloud Next NEXT '26, they plugged it into everything.

Act IV — What Actually Happened in Las Vegas

What Actually Happened in Las Vegas<br>

While the crowd was applauding the Gemini 3.1 Pro benchmark numbers — and they are genuinely impressive numbers — the structural revolution was being announced three slides earlier, in language so dry it barely registered.

Quote from the Opening Keynote, Thomas Kurian:

"We've used the Model Context Protocol to turn every Google Cloud service into a tool that agents can orchestrate directly, enabling them to troubleshoot our own infrastructure using decades of our own telemetry."

Read that sentence again. Not some Google Cloud services. Not the popular ones. Every Google Cloud service is now an MCP server. Google turned its entire cloud infrastructure — the same infrastructure that runs YouTube, Search, and Android — into a unified, agent-readable tool surface.

The implication is almost too large to process.

If you are building an agent today on Google Cloud, you no longer write integration code for BigQuery. You do not write a connector for Cloud Storage. You do not negotiate with the IAM API. You point your agent at the MCP server and it figures out the tools available, their schemas, their capabilities — automatically, standardly, and with enterprise security baked in by default.

The Workspace MCP Server, announced in preview at NEXT '26, extends this further. Agents can now synthesize Drive documents, draft Gmail responses, and manage Calendar logic — all through a single, standardized, open framework. The new Workspace CLI will allow agents to trigger these capabilities directly.

And then there is Apigee.

Act V — The Apigee Revelation (The One Nobody Talked About)

The Apigee Revelation

Apigee is Google Cloud's API management platform. Most people think of it as a gateway — something that sits in front of your APIs and handles rate limiting and authentication. Boring infrastructure. Background noise.

At NEXT '26, Apigee became something else entirely.

Apigee now functions as an MCP bridge. What this means in practice: any standard API — not just Google's, any API — can be translated into a discoverable, agent-ready MCP tool. Existing security controls and governance policies carry over automatically.

Think about what that sentence means. Every legacy REST API your organization has ever built. Every third-party service you've integrated. Every custom internal tool that runs on some vendor's proprietary endpoint. All of it can now be surfaced as a standardized, agent-accessible MCP server.

The fragmentation problem doesn't get solved by replacing all your APIs. It gets solved by giving every existing API a universal translator. Apigee is that translator. And it quietly went live while everyone was watching the TPU benchmark charts.

Act VI — The Part Where It Gets Dangerous (And Why That's the Point)

Here is the fear that lives at the center of every serious conversation about agentic AI: who controls what the agent can do?

If an agent can call any tool, what stops it from calling the wrong one? What stops it from writing to a database it should only be reading? What stops a compromised agent from exfiltrating data through a tool it was never supposed to have access to in the first place?

The old answer was: application logic. You write guardrails in code. You validate inputs. You build permissions into the software layer.

The problem is that application logic is fragile. It can be bypassed. It can drift. In a world where agents are autonomous — where they run for days, chain tasks across dozens of tools, spawn sub-agents — trusting the application layer to enforce security is like trusting someone to lock the vault and also trusting them to not write the combination on the door.

MCP, as implemented at Google Cloud NEXT '26, solves this at a different layer entirely.

The Agent Gateway, announced as the "air traffic control" system for the Gemini Enterprise Agent Platform, is the enforcement point. It understands MCP natively. Every tool call, every agent action, every data access request routes through the Gateway. And the Gateway is connected directly to Google Cloud's Identity and Access Management (IAM) system.

The demo shown in the Developer Keynote made this tangible. A Planner Agent attempting to call a Finance MCP server — to read and write financial records — was stopped dead. Not by application code. Not by a hard-coded rule buried in a function somewhere. It was stopped because a developer had applied a single conditional IAM policy to the MCP server connection: read-only = true. The write privilege evaporated, instantly, at the protocol layer.

This is what zero-trust security looks like when it grows up. You do not write permission checks into every agent. You enforce permissions at the protocol that every agent must use. Change the policy once, and every agent that touches that MCP server is immediately governed by it.

One rule. Every agent. No exceptions.

Act VII — The Ghost in the Protocol

The Ghost in the Protocol

There is a concept in systems theory called antifragility — the idea, coined by Nassim Nicholas Taleb, that some systems don't just survive stress and chaos; they actively grow stronger from it. They are built such that every shock to the system makes the structure more resilient, not less.

The history of software integration has been, by every measure, fragile. Every new service added to your stack was a new point of failure. Every new agent you deployed was a new attack surface. Every new API you connected was a new diplomatic negotiation that could break at any time, without warning, for reasons entirely outside your control.

MCP is not just a protocol. It is an antifragile architecture for the agentic era.

Every new tool that adopts MCP makes every other MCP-compatible agent immediately more capable. Every new security policy applied at the Agent Gateway makes every connected agent immediately more secure. Every new service Google exposes as an MCP server makes the entire ecosystem more interconnected — not more fragile, but more robust. The network effect runs in the direction of stability, not entropy.

Google adopted MCP — a protocol originally designed by Anthropic — as the foundation of its entire agentic infrastructure. Microsoft's A2A protocol, now at version 1.2 and running in production at 150 organizations, is designed as a complement to MCP, handling agent-to-agent communication while MCP handles agent-to-tool communication. Salesforce runs it. ServiceNow runs it. SAP runs it. The Linux Foundation now governs A2A. The ecosystem is converging.

This is what the end of the fragmentation era looks like. Not a single vendor winning. Not one cloud eating the others. A protocol becoming the shared grammar of an industry.

Act VIII — What This Means For You (The Practical Part)

What This Means For You

If you are building AI agents today — whether on Google Cloud, another platform, or your own infrastructure — MCP should change how you think about your architecture.

Stop writing custom connectors. Every hour you spend writing a custom integration between your agent and a tool is an hour you are spending on a problem that has already been solved. If the tool you need speaks MCP, you connect to it with a standard call. If it doesn't, Apigee can translate it.

Govern at the protocol layer. Do not write security logic into your agents. Apply IAM policies to your MCP server connections. This gives you a single, auditable, enforceable control point for every agent in your ecosystem, regardless of which model is running underneath.

Think in tool surfaces, not in integrations. The mental model shift is from "this agent connects to these specific APIs" to "this agent has access to this governed surface of tools." The tools are discoverable. The capabilities are standardized. The security is inherited.

Here is a minimal example of what connecting to a remote MCP server looks like in the Gemini Agent SDK today:

from google.cloud import agent

# Connect your agent to the Cloud Storage MCP server
# No custom connector. No schema negotiation. No auth wrapper.
agent_client = agent.AgentClient()

response = agent_client.run(
    agent_id="your-agent-id",
    message="List all objects in my-project-bucket and summarize the largest file.",
    mcp_servers=["https://storage.googleapis.com/mcp/v1"]
)

print(response.text)

Enter fullscreen mode Exit fullscreen mode

No custom authentication. No wrapper library. No three-hour debugging session at 2:47 AM. The agent discovers the tools, understands their schemas, and calls them — governed by whatever IAM policy you've already applied to your Cloud Storage resources.

That is the reality MCP makes possible.

The Full Circle

The Full Circle

We began in a room where everyone was shouting in a different language. A developer, exhausted, writing wrappers for wrappers, trying to make a system that was supposed to be intelligent do something as simple as access the right tool in the right way.

The Tower of Babel was not destroyed by building a better tower. It was dismantled by giving everyone a shared language.

Google Cloud NEXT '26 was, on the surface, a showcase of computational power. Eighth-generation TPUs. Gemini 3.x models. New data center fabrics. A new IDE. The hardware was extraordinary. The models are genuinely capable.

But the announcement that will define this era — the one that will matter in five years when we look back and ask how AI agents went from fascinating experiments to the operational backbone of every enterprise — was a protocol. A dry, specification-level decision about how agents should communicate with tools.

The Gemini models get the headlines. The benchmarks get the LinkedIn posts.

MCP gets the future.

And while you were watching the keynote for the part with the big numbers, the boring protocol was quietly wiring itself into everything. Every service. Every tool. Every agent. Every organization.

Not with a bang. Never with a bang.

Just a handshake. A standard one. The same one, every time.


Written in response to Google Cloud NEXT '26. All technical details sourced from official Google Cloud keynotes and blog posts, April 22–23, 2026.


References