Wireguard.

Dunno if Cloudflare does effective auth for the tunnel or if you have to set that up yourself, but I don’t bother trying to expose services to the internet in any way because some of this stuff was just never designed for proper web security (cough Jellyfin).

It’s still worth setting up a wildcard cert with ACME so you get nice https and a real domain.

If it weren’t for the massive silicon supply lockdown, I feel like we could easily see local models making it into consumer tech in the coming years and effectively replace all those casual users since you no longer have to pay a subscription to do regular/low effort tasks on whatever device you own. A lot of it has gotten really good, especially with lots of quantization techniques getting superseded by new ones each year.

Actually I guess it could probably go the same way as cable and streaming. Eventually they’ll keep amping up the ante with the billing (because they always do), and people will just get turned off into a bunch of “cheaper” 3rd parties that have lower costs with some niche tricks, which will fragment the userbase too much.

Also I haven’t looked into it, but do they advertise those $50 users separately from enterprise? I don’t really know anyone outside of “power” users that aren’t just using the $20 a month basic plans that give you enough tokens to get by (for now).

I feel like they’re inflating their numbers from enterprise estimates because that’s where they can bait with cheap API prices and then hook with vendor lock in.

I wonder what exactly they screwed up to bork it like this. It would seem like a no brainer to leave all the git stuff alone and add all the random fancy AI stuff in a separated manner.

Got smacked with the pull request incident banner yesterday and now I’m actually considering to just move all my random personal repos to GitLab lol.

I’ve been putting off spinning up Forgejo at home because I really need to clean up my homelab design (really abusing quadlets to the point where it would be easier to just do K8s), and I already know I’m gonna immediately waste all my time setting up a dumb CI/CD pipeline that looks really cool but just makes a big mess every time I commit a mistake because I am not in the mood of setting up a monkeychain of pre-commit hooks at home lmao.

I wish.

It was the same Samsung 970 NVME that I’m using right now lol.

Windows 8 on a hard drive was 1000x worse. I made the mistake of upgrading my laptop back in the day from 7 to 8, and it would just sit at 100% disk IO at idle.

But just in case, on the SSD it actually would take anywhere from several seconds to a full 15 before the start menu decided to load.

XFCE, WF-Shell, KDE, and the many dmenu clones are all instant.

My biggest “wow” was when I could hit the super key and have the start menu open immediately instead of waiting 4 minutes for it to load in and another 20 minutes to take my search input and give me back results from Bing.

No please, continue shooting yourself in the foot.

People begged for performance debloating for more than a decade but you’re only interested now because Proton outperforms Windows.

I would be asking for a multi million dollar salary as an NT kernel engineer to undo all the crappary intentionally introduced in every update ever since Windows 8.

That’s what roborock has employed for their Vacuums haha.

I can’t tell if this is a lead into Atomic like Silverblue, or a rugpull into NixOS lmao

I didn’t mean for FOSS projects actually, I meant the bug bounties run by silicon valley giants lol.

FOSS bug reports are done either out of love or spite lmao.

I don’t want to shame the user, but there was a recent discussion thread on npmplus where someone was using a compose file generated by an LLM and was confused why the hallucinated env variables weren’t working.

The kicker is that npmplus literally gives you a comprehensive and complete compose file with every optional setting commented out with a brief description, so you can just copy and edit to your desire.

Which of course the LLM decided to ignore anyway and come up with its own config options lol.

On a somewhat related note, I feel like bug bounties these days have become sort of under subsidized for well developed applications. All the medium and lower findings payouts are pretty fair, but lots of the high/critical bounties seem a lot less than what I would expect, especially compared to some of the huge prize pools I’ve seen at some conventions (upwards of 50k USD).

I have no idea how much they fetch on the black market, but it seems weird to me that something like an RCE receives less than 10k, which could easily be utilized by some APT to net millions in a more sophisticated ransomware attack.

Ask IT to make their DCs public facing /s

Really holding out on Motorolla to add their announced GrapheneOS support because I want my funni flip phone lol

It depends whether or not they left the DNS setting unlocked, which is actually highly likely.

Would have to use a public server, but it should in theory work.

I’ve been trialing Vaultwarden for a while and while I do like the server sync setup and clean web access, the Bitwarden browser plugin is just okay despite being an “enterprise” solution. It misses probably about 20% of websites when creating a new account, forcing you to grab the password from the generator history and make a new entry manually.

KeepassXC is much better in that regard, and it’s almost as good as the default credential handler of Firefox, and it lets you set up a bunch of custom stuff to extend the functionality if you want. Plus it has some neat kbdx options aside from AES256.

Only downside is syncing, which I’m debating how I’ll deal with something better than syncthing on android (protocol is great, android makes it a PITA to have a background process if its not Google spyware).

I still haven’t figured out if Google’s flight search forwards view data similar to checking on the actual airline’s website because I’ve definitely seen price hikes occur in realtime, but I can’t tell if that’s because of constant rechecks close to the flight date, or just the static algorithm increasing the price as the flight date approaches.

Otherwise I’m kind of skeptical of how they allow Google to use such data and present it for free.

I was originally gonna post the Wikipedia info about this software because its actually fairly new, and only came out last year, but I found an infinitely more funny entry about the mascot:

The software’s loading screen is branded with a commissioned artwork of Anubis as a jackal-eared anime girl by the European artist CELPHASE.[1][8] The mascot is depicted with a hoodie, skirt and magnifying glass. Before the artwork was ordered, Anubis used an AI-generated placeholder image.[1]

The Anubis mascot is shown to all end users and cannot be altered in the software configuration.[1] The image’s feel may clash with websites that have more formal atmospheres, surprising or confusing users of those sites.[8] Altering the branding is an enterprise feature and Iaso has requested that operators not attempt to change it themselves unless they have made financial contributions to the project.[1]

Duke University, which has deployed Anubis for its digital archives, was “hesitant” to use it due to the mascot but has reached an agreement to use the software with custom branding.[1] Jamie Zawinski describes the mascot as “cutesey kawaii bullshit”.[11]

So literally hardcoded weeb builtin lmao.

EDIT: It’s $50 donation a month if you want the “official” enterprise version which gives you an easy overlay to change the HTML/CSS and uses some generic icons by default, but I’m sure anyone not into a jackal girl is more than capable of doing the same on the public image lol.

If you’re interested about the software history anyway, it involves a response to Amazon spamming the crap out of the internet with their web crawlers, probably including for mass AI data collection:

Right? I was like dang you’re already half way there lol.

The reason though is that they probably don’t want to discourage payments because I have seen businesses refuse to use Monero in ransomware attacks because their insurance agreement complicates payout on a fundamentally untraceable currency. Even if Bitcoin is technically decentralized, they can report the transaction and specific currency blocks to whatever federal agency is responsible for fraud.

Still, why not offer both and put a 5% discount on Monero.

Hah I actually remembered this too, and people were still hyping Elon Musk at the time as well.

TBF the researchers knew what they had could be scaled into something gamebreaking which is how we got ChatGPT-3, but OpenAI made it sound like they already had it nailed down several years before it actually blew up. I think their unreleased examples they gave were a newspaper and short story written by AI which they said was indistinguishable from human material.

I’m pretty sure its shopped because I’ve never seen a machine with actual displays in it for each flavor lol. They all use paper cut outs.