Wireguard.

Dunno if Cloudflare does effective auth for the tunnel or if you have to set that up yourself, but I don’t bother trying to expose services to the internet in any way because some of this stuff was just never designed for proper web security (cough Jellyfin).

It’s still worth setting up a wildcard cert with ACME so you get nice https and a real domain.

If it weren’t for the massive silicon supply lockdown, I feel like we could easily see local models making it into consumer tech in the coming years and effectively replace all those casual users since you no longer have to pay a subscription to do regular/low effort tasks on whatever device you own. A lot of it has gotten really good, especially with lots of quantization techniques getting superseded by new ones each year.

Actually I guess it could probably go the same way as cable and streaming. Eventually they’ll keep amping up the ante with the billing (because they always do), and people will just get turned off into a bunch of “cheaper” 3rd parties that have lower costs with some niche tricks, which will fragment the userbase too much.

Also I haven’t looked into it, but do they advertise those $50 users separately from enterprise? I don’t really know anyone outside of “power” users that aren’t just using the $20 a month basic plans that give you enough tokens to get by (for now).

I feel like they’re inflating their numbers from enterprise estimates because that’s where they can bait with cheap API prices and then hook with vendor lock in.

I wonder what exactly they screwed up to bork it like this. It would seem like a no brainer to leave all the git stuff alone and add all the random fancy AI stuff in a separated manner.

Got smacked with the pull request incident banner yesterday and now I’m actually considering to just move all my random personal repos to GitLab lol.

I’ve been putting off spinning up Forgejo at home because I really need to clean up my homelab design (really abusing quadlets to the point where it would be easier to just do K8s), and I already know I’m gonna immediately waste all my time setting up a dumb CI/CD pipeline that looks really cool but just makes a big mess every time I commit a mistake because I am not in the mood of setting up a monkeychain of pre-commit hooks at home lmao.

I didn’t mean for FOSS projects actually, I meant the bug bounties run by silicon valley giants lol.

FOSS bug reports are done either out of love or spite lmao.

I don’t want to shame the user, but there was a recent discussion thread on npmplus where someone was using a compose file generated by an LLM and was confused why the hallucinated env variables weren’t working.

The kicker is that npmplus literally gives you a comprehensive and complete compose file with every optional setting commented out with a brief description, so you can just copy and edit to your desire.

Which of course the LLM decided to ignore anyway and come up with its own config options lol.

On a somewhat related note, I feel like bug bounties these days have become sort of under subsidized for well developed applications. All the medium and lower findings payouts are pretty fair, but lots of the high/critical bounties seem a lot less than what I would expect, especially compared to some of the huge prize pools I’ve seen at some conventions (upwards of 50k USD).

I have no idea how much they fetch on the black market, but it seems weird to me that something like an RCE receives less than 10k, which could easily be utilized by some APT to net millions in a more sophisticated ransomware attack.

Ask IT to make their DCs public facing /s

Really holding out on Motorolla to add their announced GrapheneOS support because I want my funni flip phone lol

It depends whether or not they left the DNS setting unlocked, which is actually highly likely.

Would have to use a public server, but it should in theory work.

I’ve been trialing Vaultwarden for a while and while I do like the server sync setup and clean web access, the Bitwarden browser plugin is just okay despite being an “enterprise” solution. It misses probably about 20% of websites when creating a new account, forcing you to grab the password from the generator history and make a new entry manually.

KeepassXC is much better in that regard, and it’s almost as good as the default credential handler of Firefox, and it lets you set up a bunch of custom stuff to extend the functionality if you want. Plus it has some neat kbdx options aside from AES256.

Only downside is syncing, which I’m debating how I’ll deal with something better than syncthing on android (protocol is great, android makes it a PITA to have a background process if its not Google spyware).

I still haven’t figured out if Google’s flight search forwards view data similar to checking on the actual airline’s website because I’ve definitely seen price hikes occur in realtime, but I can’t tell if that’s because of constant rechecks close to the flight date, or just the static algorithm increasing the price as the flight date approaches.

Otherwise I’m kind of skeptical of how they allow Google to use such data and present it for free.

Right? I was like dang you’re already half way there lol.

The reason though is that they probably don’t want to discourage payments because I have seen businesses refuse to use Monero in ransomware attacks because their insurance agreement complicates payout on a fundamentally untraceable currency. Even if Bitcoin is technically decentralized, they can report the transaction and specific currency blocks to whatever federal agency is responsible for fraud.

Still, why not offer both and put a 5% discount on Monero.

Hah I actually remembered this too, and people were still hyping Elon Musk at the time as well.

TBF the researchers knew what they had could be scaled into something gamebreaking which is how we got ChatGPT-3, but OpenAI made it sound like they already had it nailed down several years before it actually blew up. I think their unreleased examples they gave were a newspaper and short story written by AI which they said was indistinguishable from human material.

Honestly they’d probably throw you on a list for not using the internet lol.

Man I can’t wait to upgrade my device/GPU with AV1 hardware support

AI slop bubble fart reverb sfx

I think Denuvo technically does a little bit of this.

I forgot the exact details, but one of the keys that’s used to unscramble the bytecode has to be downloaded from their registry server on first launch.

But after that, it’s not required.

Bans and heavy moderation of content.

I’m glad some of the reddit copy communities here like DankMemes died quickly because it was being run by the same loser mods from reddit.

So far I’ve only been banned from I think maybe 2 communities ever. The only one I remember is one of the NCD communities because the lead mod was a dumb dumb.

I don’t really care about complaints of specific instance users because unpopular opinions and comments deserve to be seen, otherwise you create an echo chamber.

So long as there is no brigading, it is much healthier to see everyone’s input.

Also I hope the r/Chodi crowd never finds lemmy lol.

They don’t have any lunar module in their package. Best bet would be to just burn back into LEO and dock with a competently designed spacecraft to rescue the crew.

Except NASA has a sore history of being in this exact scenario and they opted to go with “screw it” which led to the second shuttle disaster.

Fedora

OpenSUSE if you want something non American and not directly related to RedHat

You couldn’t pay me to attempt space travel in a Lockheed tincan.

Would not be surprised at all if NASA delays this to next year.