Aussie living in the San Francisco Bay Area.
Coding since 1998.
.NET Foundation member. C# fan
https://d.sb/
Mastodon: @dan@d.sb

  • 0 Posts
  • 23 Comments
Joined 3 years ago
cake
Cake day: June 14th, 2023

help-circle
  • And I don’t ever know if it’ll get better because you need to know why you want to build something someway.

    The major issue I’m seeing with junior (and even intermediate) developers is that they trust that the AI will always do things the correct way and don’t question its approach, and they don’t develop proper debugging skills and just rely on the AI to attempt it.

    To get decent quality output out of an AI model, you need to have critical thinking skills, at least basic knowledge of the overall architecture for whatever you’re trying to build, and enough knowledge to question the model when it does something wrong.

    Blindly trusting AI is why so many old security issues are coming back - stored/reflected XSS, SQL injection, exposing databases directly to the internet with no password, things like that. Newer frameworks mostly got rid of them, and now AI is bringing them back. It’s a fun time for red teams at least.




  • This is good to know. I haven’t had issues with using a USB drive though, since it doesn’t receive many reads or writes - the system is copied to a RAM drive on boot and runs off that rather than the USB.

    I assume this means I’d need another drive to boot it from? My current setup is that I have 2 x 22TB drives in a ZFS mirror for data storage, and 2 x 2TB NVMe SSDs in a ZFS mirror for things like VMs, Docker containers, documents, etc.



  • Does it use http or MQTT?

    Home Assistant uses HTTP for this. Realistically, you won’t see much difference between HTTP and MQTT for this use case.

    MQTT is harder to secure than HTTP, and has some limitations (eg it normally only supports username and password auth - no SSO, no 2FA) so I’d avoid it for anything public-facing unless you have a specific reason to use it. Using it via a VPN is fine, but you’d still need to configure a separate MQTT username and password per user.



  • The end goal is to have no reliance on tailscale as i am preparing for the eventual enshitification.

    Tailscale is mostly open-source. If they do anything bad then someone could fork the project. The coordination server isn’t open-source, but you could self-host Headscale as a replacement.

    If it still doesn’t suit your use cases, there’s some alternatives.

    I personally wouldn’t directly deal with iptables or nftables rules, and instead use some other software to deal with that.



  • All the data gathered by Cambridge Analytica was gathered through the public API though, after users had consented to share it (by logging into a quiz app that requested the permissions). That’s why the API is very locked down now, and the approval process to get any sort of data access is very strict.

    The main issue was that they gathered data from people whose profiles were set to be visible only to friends. If someone logged into the quiz and granted permissions, their friends’ data was also accessible via the API.


  • aggressively guard

    tbh it’s a hard balance for any social media company.

    Guard content too little and you end up with Cambridge Analytica, which was literally because the public APIs allowed too much access (third-party apps could see any data through the API that you could see through your Facebook account, including friends profiles). You also end up with headlines talking about big data leaks which really just end up being compilations of public data (which has happened to both Facebook and LinkedIn).

    Guard content too much and you restrict users’ freedom too much.


  • It’s not too bad if you use an outbound SMTP relay for sending. SMTP2Go is pretty good, and they have a free plan with 1000 emails per month. I use Mailcow and you can configure relays in their web UI, but it works just as well with the sender_dependent_relayhost_maps setting in Postfix.

    Sure, it’s not fully self-hosted, but the interesting part to self-host is the storage of your emails, not the sending (which will just relay through other SMTP servers along the way anyways).



  • Are there any actual issues in those commits though? I spot checked a few and they look pretty benign, and don’t really look vibe coded to me.

    Just because someone uses an AI tool doesn’t mean their work is vibe-coded slop. An experienced developer that knows what they’re doing can use AI as a tool to take care of boring/mundane parts and write a rough plan for their work, while still paying attention to the business logic and system design, and still fully reviewing everything themselves.

    A lot of the recent commits are in the test suite, and building test suites, fixtures and harnesses is something AI is fairly decent at if you give it a good prompt (give it the input, expected output, and expected side effects).




  • Syncthing is pretty good.

    I tried seafile and it kept going down and corrupted a lot of files after an unexpected server shutdown. It shared the corruption to all the local files on every app/pc I had it shared to.

    This sounds like an issue with your server rather than with Seafile specifically. Was the unexpected shutdown due to a power outage? You should have a UPS so that it can properly shut down during outages. You’ll hit similar issues with any other system otherwise.



  • And file away your scanned papers separately,

    I’d recommend using ASN (archive serial numbers) for documents you store a physical copy of, following the recommended flow

    I printed ASN QR code stickers, using the smallest Avery labels I could find (Avery 5267 in the USA, L4731REV-25 in Europe) along with their free online design app.

    For documents I want to keep, I stick a QR code sticker on them before scanning. Paperless-ngx automatically detects the QR code and sets the ASN. I then file it away in a folder that’s sorted by ASN. When I need to find the physical copy again, I first look in Paperless to find the ASN, then find the document in the folder (pretty quick since all documents are sorted).

    You’ll need to set the following settings:

    PAPERLESS_CONSUMER_ENABLE_BARCODES=true
    PAPERLESS_CONSUMER_ENABLE_ASN_BARCODE=true
    PAPERLESS_CONSUMER_BARCODE_SCANNER=zxing