Yeah but I think this is still the same, just not a single language. It might think in some mix of languages (which you can actuaysee sometimes if you push certain LLMs to their limit and they start producing mixed language responses.)

But it still has limitations because of the structure in language. This is actually a thing that humans have as well, the limiting of abstract thought through internal monologue thinking

That has always been the case. Even basic programs need debugging sometimes, so we developed debuggers.

I have not, I tend to avoid services and diy it

in the context of the comment you referenced:

Definitely have the server on its own VLAN. It shouldn’t have any access to other devices that are not related to the services and I would also add some sort of security software.

If you have a public service that you expect to have multiple users on you definitely should have some level of monitoring whether it is just the application logs from the forum that you want to host or further have some sort of EDR on the server.

Things I would do if I was hosting a public forum:

• Reverse proxy
• fail2ban
• dedicated server that does not have any personal data or other services that are sensitive
• complete network isolation with VLAN
• send application logs to ELK
• clamAV

And if the user base grows I would also add:

• EDR such as velociraptor
• an external firewall / ips
• possibly move from docker to VM for further isolation (not likely)

Just tailscale really.

My services are only exposed to the tailscale network, so I don’t have to worry about otger devices on my LAN.

A good VPN with MFA is all you really need if you are the only user.

If for example the server is actually a computer in the LAN and maybe it’s also his media server and his backup server then potentially any compromise could lead to his personal information leaked and or other computers in the LAN compromised.

So what could actually happen? His personal photos and passwords and accounts can be leaked or taken over. He could be spied on by accessing his webcam. A lot of things could go wrong.

You are right. Learning by doing is awesome. Just be sure to do it in a safe way. Get a VPC. Do it there. No personal information, no access to other services. Just this service, just for this purpose. Worst case scenario, if it’s taken over, the only thing that’s harmed is the forum itself. Which is not the end of the world, I’m guessing.

Especially if this is from a computer that has access/information beyond just the public service.

Don’t do it.

Hosting a public service with no real knowledge of security can only end badly.

Get a vpc, do it there, learn from mistakes.

It’s more than just HTTPS, you also need proper authentication, regular updates, emergency updates for critical vulnerabilities, ideally some sort of monitoring to detect potential misuse of the service or any escalations from the service to the OS.

Ask yourself this: If this was your first time driving a car, would you rather do it in an empty parking lot where at worst you will damage the car. Or would you rather do it in a busy street where at worst you can kill someone?

The red part of old metals, lick it!

I disagree, you were just taught to be ashamed of your body. Just as you shouldn’t be ashamed of your face or hair or height, you shouldn’t be ashamed of your nipples or butt or genitals.

Nudity is okay, your body is yours, and your nudity is not for others pleasure if you don’t want it to be. Just as I wouldn’t look at your face and be disgusted that you have a nose, i wouldn’t be disgusted that you have other body parts.

Great even more reasons to avoid it

I know a few people who are genuinely smart but got so deep into the AI fad that they are now using it almost exclusively.

They seem to be performing well, which is kind of scary, but sometimes they feel like MLM people with how pushy they are about using AI.

Nothing that comes to mind, but simple search of the SIEM you are going to use in youtube and pirate bay should provide some good starters

I suggest skipping the devops part and instead starting with a course. If you go with setting it up you will probably spend 95% of the time doing devops and not security (which is usually the client of the devops team that maintains the SIEM)

Up to 10 years is crazy. Sure, what he did was wrong, planned and malicious, and they claim it cost them tens of thousands of dollars. But 10 years? This is crazy for something that at worst would be a yearly salary of a single employee.

Fucking capitalism.

Basically declaring that they don’t allow free speech.

“Hey, you have been liking things we disagree with and we need an echo chamber here, align with us or fuck off. Sincerely, the money hungry bitches of the internet! Also heil daddy musk!”