I’m a software engineer at a startup with impossible deadlines - I’ve used GPT4 for months to generate huge amounts app/server code, and much like your IDE, once you learn to use these tools you don’t want to go back to the days without it....
I have 15+ years of experience being a software engineer and now I’m making a mid-six-figure income by going into companies who staff their “engineering department” with people who have five years or less of experience and cannot write a line of code without internet access to save their lives. So by all means go ahead and continue down the road you are going. We thought that stack overflow would guarantee a stable business but now that “AI” has come into play, we can’t even keep up with demand. We’ll probably raise prices by 25% next quarter. By the time that AI can actually produce decent results, I can probably retire twice over.
When I started doing open source software, that meant posting tarballs to Usenet and mailing list, occasionally mailing someone a hard floppy on request. I don’t have a github profile sparkling with emojies, but I think I’m doing all right.
I read a comment on here some time ago where the person said they were using cloudflared to expose some of their self-hosted stuff to the Internet so they can access it remotely....
<span style="color:#323232;">Subject to the terms of this Agreement, you hereby grant us a non-exclusive, fully sublicensable, worldwide, royalty-free right to collect, use, copy, store, transmit, modify and create derivative works of Customer Content, in each case to the extent necessary to provide the Services.
</span>
You’ll have to be fine with Cloudflare having any and all rights to the data transmitted through the tunnel, while you in return have none. They pinky promise not to fuck you over, but they also promise to legally burry you for any infringement at their discretion.
Disagree. “Necessary to provide the service” means whatever they want it to mean. If they deem it necessary to monetize your data so they can offer you their service “for free”, that is well within their right to do. The fact that you " retain all rights" just means you can use your data too without asking Cloudflare for permission.
Surely you have to acknowledge that it’s disingenuous to copy the last sentence of the clause and omit the first sentence that says the exact opposite of the point you’re trying to make.
No it doesn’t. The first sentence does not state anything that is not already clarified by law. Hence, it adds zero value to the actual meaning of the paragraph.
You are a person. Your basic human rights are guaranteed to you by law. Given that, you hereby grant me the right to enter your house and shave your head at my discretion and however often I wish, if I deem it necessary to provide to a free service that I don’t classify further in this agreement.
Same thing, you can say if I redact the first two sentences from the quote I’m being disingenuous, but really I’m just trying to get one over on you by making you feel like you have some control in this when in actually you do not.
If you look at cloudlfares strategy here, they want to be the sweetheart of everyone who knows what a VPN is in order that they will be selected by those people for corporate projects. Monetising the data that flows through their network is antithetical to that objective.
This is just naïve. Cloudflare is a business and if they see more value in selling you out, and legally you agreed they may, then they will. Acting “antiethical” has never stopped a big player from infringing on the rights of small players, especially in the tech industry where individuals essentially have zero rights.
Additionally I would venture that the data doesn’t really have any value, it would be impossible to use it to build data about an individuals browsing or buying habits.
Interesting. I would pay you $5 monthly for all the data going through your tunnel under the same conditions that cloudflare requires you to agree to. How about it?
TL;DR: you could adopt good programming practices like “don’t shadow mutable state” and “put constants first in a comparison” or you can pay us money so we show you obscure attempts to exploit your bad programming in code review … maybe …
This project is so necessary, we really need a modern, open browser engine that’s not going down the path of enshitification.
In case you didn’t know, this is the project Mozilla dropped by the developers Mozilla fired. So if you feel like at the end of the year you have some money left over, maybe consider joining the crowdfunding effort. (I am not affiliated)
I have tailscale, which is great for ssh-ing onto my Nas from the outside world. But to access my services, is a VPN the best way to do it?
The main point about Tailscale that I see people on here often get wrong is that they compare it to a “classic” hub-and-spoke VPN, when in fact it is an end-to-end zero trust encrypted mesh network. End-to-end does not mean machine-to-machine, it means user to service. So in your case, you should place one tailscale node in each pod (collection of containers that make up one service) as a sidekick. That way, a user need to authenticate in order to even open a network connection for a specific service, which is a very secure solution.
Hi everyone, I was perusing through Conjur and Vault documentation, since I’m starting to think that learning a secret-management system might be a worthwhile investment with the app secrets and SSH keys and CA certificates around....
I’m a retired Unix admin. It was my job from the early '90s until the mid '10s. I’ve kept somewhat current ever since by running various machines at home. So far I’ve managed to avoid using Docker at home even though I have a decent understanding of how it works - I stopped being a sysadmin in the mid '10s, I still worked...
The main downside of docker images is app developers don’t tend to play a lot of attention to the images that they produce beyond shipping their app. While software installed via your distribution benefits from meticulous scrutiny of security teams making sure security issues are fixed in a timely fashion, those fixes rarely trickle down the chain of images that your container ultimately depends on. While your distributions package manager sets up a cron job to install fixes from the security channel automatically, with Docker you are back to keeping track of this by yourself, hoping that the app developer takes this serious enough to supply new images in a timely fashion. This multies by number of images, so you are always only as secure as the least well maintained image.
Most images, including latest, are piss pour quality from a security standpoint. Because of that, professionals do not tend to grab “off the shelve” images from random sources of the internet. If they do, they pay extra attention to ensure that these containers run in sufficient isolated environment.
Self hosting communities do not often pay attention to this. You’ll have to decide for yourself how relevant this is for you.
I’d like to sync my markdown notes between devices (laptop and phone), which service is better: Nextcloud or Syncthing? Any other important idea I should know?, like latency times, or maximum number of synced devices, what if I edit the same note from both places without internet and then both get connected to a network… For...
Round Robin should be what you want. In a round robin style tournament, everyone plays everyone else one. In your case, you will have a 5 round tournament, playing one of your participants every round until you have played against everyone.
That is called a double round robin. It considered to be more fair, but also takes twice as long. You should probably set the group size to the number of players you want in your tournament, that’s kind of the point of a round robin. If you want fewer round that you have players, a Swiss tournament is probably closer to what you are looking for.
Someone here brought up that they were able to replace Cloudflare Tunnels with Tailscale - I can’t seem to find the post, as it was a comment and deeply buried in a thread I’ve since forgotten the title of. :)...
Both CF and Tailscale play MITM with your HTTPS connection
That’s not correct, tailscale does not intercept the traffic, TLS is terminated on the node. Tailscale mandates HTTPS / TLS with ts.net certificates so it can route traffic to the correct node in your tailnet.
That’s just not true. When you run an nginx proxy on a tailscale node, that nginx will terminate the TLS. There is no “gap” between your browser and that server.
I spent all day comparing Bard vs ChatGPT 4. Here are the results (Software Developer Questions)
I’m a software engineer at a startup with impossible deadlines - I’ve used GPT4 for months to generate huge amounts app/server code, and much like your IDE, once you learn to use these tools you don’t want to go back to the days without it....
What's wrong with using cloudflared?
I read a comment on here some time ago where the person said they were using cloudflared to expose some of their self-hosted stuff to the Internet so they can access it remotely....
How can Santa keep his lists when the GDPR is around? (worldbuilding.stackexchange.com)
Unicode tricks in pull requests: Do review tools warn us? (semanticdiff.com)
This year in Servo: over 1000 pull requests and beyond - Servo, the embeddable, independent, memory-safe, modular, parallel web rendering engine (servo.org)
Reflections on Servo’s progress in 2023: contributor stats, new features, layout improvements, WPT pass rates, and plans for next year.
VPNs, self hosting and security
I run a load of containers on a NAS, and reverse proxy them through synology’s inbuilt reverse proxy settings....
What do you use to manage secrets in your network?
Hi everyone, I was perusing through Conjur and Vault documentation, since I’m starting to think that learning a secret-management system might be a worthwhile investment with the app secrets and SSH keys and CA certificates around....
Should I move to Docker?
I’m a retired Unix admin. It was my job from the early '90s until the mid '10s. I’ve kept somewhat current ever since by running various machines at home. So far I’ve managed to avoid using Docker at home even though I have a decent understanding of how it works - I stopped being a sysadmin in the mid '10s, I still worked...
Nextcloud vs Syncthing for PKM notes?
I’d like to sync my markdown notes between devices (laptop and phone), which service is better: Nextcloud or Syncthing? Any other important idea I should know?, like latency times, or maximum number of synced devices, what if I edit the same note from both places without internet and then both get connected to a network… For...
Help with Chess.com tournament?
Not sure if this is the best place to ask, but I’m not sure where to ask - the chess.com forums just left me hanging....
Replacing Cloudflare Tunnels with Tailscale?
Someone here brought up that they were able to replace Cloudflare Tunnels with Tailscale - I can’t seem to find the post, as it was a comment and deeply buried in a thread I’ve since forgotten the title of. :)...