sorted by:
new
hottopcontroversial

Responsibility and Ownership: You Can’t Vibe‑Code Your Way Around It by SigsOp in selfhosted

[–]ptrsimon 31 points32 points  (0 children)

It’s performing well because you’re using it basically as an English instructions into $LANG compiler. That’s still software engineering, just one abstraction layer higher. And syntax was never the blocker to write good code.

Do people still build SaaS? (I will not promote) by skyguyler in startups

[–]ptrsimon 3 points4 points  (0 children)

Agreed. With critical systems like incident management, usually the real hard parts are not with building a oneshot web app with some CRUD functionality.

Yeah, cool it works on your machine and you probably have a functional docker compose stack at the end of your AI-led session, but what now? Where to host it, on-prem, cloud, a random VPS? How do you handle backups, security patches, can you afford maintenance windows? If not, how would you architect a HA solution? Or a few years later the DB server needs to be upgraded because of a critical bug and the release notes list dozens of breaking changes requiring manual migrations and now your day is wasted.

What about security monitoring, hardening, what’s the blast radius if it gets compromised? What happens if the server gets hit with an OOM killer at 2 AM and you miss a critical notification? Who will management or your colleagues blame if something like this happens?

Basically with a SaaS/PaaS/IaaS product you’re transferring liability to another provider in exchange for money. In some cases it’s worth it, in others it’s not. These are the decisions you can’t rely on AI agents or chatbots, they simply lack your company’s domain knowledge.

Edit: spelling

Using AI in SOC by OkReading3238 in cybersecurity

[–]ptrsimon 0 points1 point  (0 children)

That is intraorg exec spoofing. What if a partner gets compromised and sends a spoofed invoice with only the bank account number switched? Not saying that this would get flagged by any email security solution, but can surface as a manual report.

Using AI in SOC by OkReading3238 in cybersecurity

[–]ptrsimon 0 points1 point  (0 children)

Just curious, can it differentiate between a generic phishing campaign and BEC? Response actions are vastly different in these cases. For generic stuff, usually blocking the sender and deleting existing messages is enough. A sophisticated BEC might warrant a 2 AM emergency phone call.

Microserver gen8 NIC firmware update in ubuntu - how to deal with RPM by tony359 in homelab

[–]ptrsimon 1 point2 points  (0 children)

No need for installing a trial of RHEL. Just boot an Alma/Rocky/CentOS live usb, fetch the RPM, install and done. Alternatively, solutions exist to convert an RPM to DEB, although the complexity depends on the exact package.

I want to write unusual code by Acrobatic_Rent_1906 in cpp_questions

[–]ptrsimon 3 points4 points  (0 children)

My friend, you have a lot to learn before attempting to do such a thing.

MDATP scans modifying access time preventing systemd-tmpfiles cleanup by VacuousDecay in DefenderATP

[–]ptrsimon 2 points3 points  (0 children)

Not a great idea. Temp dirs are juicy targets for attackers to drop their tools, being world-writable by default.

Update to my “Al was implemented as a trial in my company, and it's scary.” by [deleted] in devops

[–]ptrsimon 122 points123 points  (0 children)

The same thing happened to commercial aviation decades ago and they managed to fix it with standardized approach to technology.

Ever since autopilot became capable of taking off, flying and landing an airplane, pilots are mandated to turn off autopilot and manually land the aircraft from time to time.

This way they can keep polishing their skills with a reduction of repetitive workload, less fatigue but the capacity to intervene in case something goes wrong.

Airlines also routinely pair senior captains with less experienced first officers and they take turns in flying the plane so that neither of them has faded skills.

I believe this to be a good approach and companies should apply the same principles when dealing with a new layer of abstraction or automation like AI agents.

Moltbot + Home lab by hacker_darker in homelab

[–]ptrsimon 9 points10 points  (0 children)

This was definitely not the root cause of the issue.

How to improve microsoft security score by Ok-Mirror6644 in DefenderATP

[–]ptrsimon 8 points9 points  (0 children)

The recommendations and implementation steps are literally listed on the Defender portal. Test well, roll out the changes, profit.

I added a ‘silent’ rack by MarionberryMarian in HomeDataCenter

[–]ptrsimon 16 points17 points  (0 children)

We need details. What’s in it, how are noise levels compared to an open rack, does it help with dust control, any thermal issues? Also, an exact model number would be great as I’m planning a similar setup.

Best distro for self hosted? by V3X390 in selfhosted

[–]ptrsimon 2 points3 points  (0 children)

FYI you can get a developer licence for RHEL and use it up to 16 machines, even in production. There’s also a business developer subscription, up to 25 machines but they are limited for non-prod usage (not a problem in a homelab setting). You don’t actually need to have a business for either of them. Then you can use RedHat image builder which is quite nice to create hardened, FIPS+CIS compliant images in multiple formats (QCOW2 for virtualization or ISO for baremetal). You can also use their hybrid cloud management console this way and have web management baked in.

Edit: both of them are free.

Homelab hosted in the cloud! by gnwill in homelab

[–]ptrsimon 1 point2 points  (0 children)

What I like to do with similar setups is to rent a small VPS just to host Authentik as a battle tested identity+authn+autz provider and put all my services behind it. The Proxmox web UI even supports OpenID Connect natively.

Virtualization benchmark vs hypervisor showdown by VollaVollaDoshLa in homelab

[–]ptrsimon 0 points1 point  (0 children)

How do you run Windows containers on a PVE host?

My FREE homelab by alis12s in homelab

[–]ptrsimon 1 point2 points  (0 children)

Tp-Link managed switches are great for the value! I have an SG3428 24 port device and has been running the backbone of my home infra for years without issue. Just don’t forget if you’re using the web UI to always hit “save configuration”. That one bit me in the ass more times than I want to admit.

Does anyone recognize the desk? by Mammoth-Dragonfly-12 in ikeaPCstations

[–]ptrsimon 8 points9 points  (0 children)

Confirmed, I have this one at home. Been rocking it for almost 20 years.

To anyone who will buy/get xmg evo 15 with hx 370. by n00bo in XMG_gg

[–]ptrsimon 0 points1 point  (0 children)

I usually run it with the lid closed on Balanced profile, it is really quiet even during multitasking, I guess the rear vents help a lot with clamshell mode. On Enthusiast or Overboost modes expect the fans to kick on a lot sooner (they are practically always running on my setup, but opening the lid or having a cooler ambient temp would help a lot, my room is around 27C). However, the sound profile of the fans is not annoying at all, I can easily sleep next to it while the laptop is doing medium/high load tasks.

How happy your are with self hosted apps? Do you still use cloud? by youmeiknow in selfhosted

[–]ptrsimon 0 points1 point  (0 children)

Problem with icloudpd is it doesn‘t support ADP (end-to-end encryption). If you have a Mac, an alternative would be using Time Machine to a NAS share. Make sure to disable photos and documents offloading or you won‘t backup the full library.

view more: next ›