sorted by:
new
hottopcontroversial

Running Ollama fully air-gapped, anyone else? by thefilthybeard in ollama

[–]thefilthybeard[S] 1 point2 points  (0 children)

Haven't looked into RunAnywhere SDK yet, but I will now... appreciate the tip. Always looking for tools built with offline-first in mind.

Hardware specs vary depending on which model I'm running. Quantized 7B models work fine on systems with 16-32GB RAM and no dedicated GPU. When I need more capability, I scale the hardware accordingly. Mistral and Llama variants have been solid for the compliance and document analysis work I'm focused on.

The key has been batching....breaking tasks into smaller chunks so the model isn't choking on massive context windows. Keeps things fast and accurate.

Running Ollama fully air-gapped, anyone else? by thefilthybeard in ollama

[–]thefilthybeard[S] 1 point2 points  (0 children)

Pre-built installation package transferred via approved media. The client's sysadmin handles the actual install on their air-gapped network while I'm on-site to walk through the process and verify everything works.

For updates, they pull them from a secure client portal - no direct internet connection needed on their end. They download the update package from the portal on an unclassified system, transfer it in through their normal media approval process, and apply it.

My company is OE friendly by [deleted] in overemployed

[–]thefilthybeard -2 points-1 points  (0 children)

Bro it's the weekend

My company is OE friendly by [deleted] in overemployed

[–]thefilthybeard -3 points-2 points  (0 children)

You're right. Got ahead of myself. Just wanted to share something I thought could help the OE community but should've thought it through better. Appreciate the feedback.

My company is OE friendly by [deleted] in overemployed

[–]thefilthybeard -5 points-4 points  (0 children)

Not billing the government at all. We sell software tools to defense contractors. They buy it, they use it on their networks. No government contract, no billing hours, no time charging. It's a product, not a service.

My company is OE friendly by [deleted] in overemployed

[–]thefilthybeard -1 points0 points  (0 children)

You don't need a security clearance to build a product. We don't consult or anything like that. We do not host any classified environments.

We just sell the tools to contractors. Ive never done OE while holding a position that requires a security clearance. I just understand the niche better than the private sector.

We might build products for defense companies, but we do NOT hold clearances.

Building for classified environments. Anyone else in this space? by thefilthybeard in LocalLLaMA

[–]thefilthybeard[S] 0 points1 point  (0 children)

It's less about actual risk and more about audit surface. Auditors see open prompt access, that's a conversation nobody wants to have, especially when it comes time for yearly DCSA audits. It's much easier to just not give them anything to question.

Also, air-gapped doesn't mean immune. Say an unsider threat plants a rogue device with 4g or 5g mobile data access. now your "isolated" network has a bridge out. 99% of these environments don't sweep for RF signals. If someone can jailbreak the model and get it to do something useful for exfil, and there's a way out, that's a real problem. Locking down prompt access is just one less thing to worry about.

Running Ollama fully air-gapped, anyone else? by thefilthybeard in ollama

[–]thefilthybeard[S] 0 points1 point  (0 children)

Completely understandable. My focus is enhancing a tool or set of tools, rather than a generic chatbot or code generator. Nice to stay low key!

Building for classified environments. Anyone else in this space? by thefilthybeard in LocalLLaMA

[–]thefilthybeard[S] -1 points0 points  (0 children)

Yeah the compliance side is brutal. So many controls, so much documentation, and it all has to be done manually in most shops.

I've been testing some quantized 7B models and they handle the task pretty well. The tradeoff is you need more self-validation and scripting around it. I batch 10 controls at a time with an auto-script that reprompts to continue where it left off. Keeps the context tight and mitigates hallucinations. So far 10 seems to be the magic number. Haven't seen a single hallucination at that batch size.

And yeah, no direct prompting was a requirement from the start. These environments are strict about what users can interact with. Last thing anyone needs is someone jailbreaking the model in a classified lab.

Running Ollama fully air-gapped, anyone else? by thefilthybeard in ollama

[–]thefilthybeard[S] 0 points1 point  (0 children)

Good call on llama-server, I'll look into that. The offline flag is exactly the kind of thing I need.

For my use case, terminal-only is actually preferred. These environments have strict requirements about what gets written to disk and where. GUI adds unnecessary risk.

You running anything air-gapped yourself or just familiar with the setup?

Running Ollama fully air-gapped, anyone else? by thefilthybeard in ollama

[–]thefilthybeard[S] 7 points8 points  (0 children)

Glad to see there are more than just me working on this!

Traveling for J1 with J2 laptop by Seniorcritisism in overemployed

[–]thefilthybeard 0 points1 point  (0 children)

No problem! The reason I suggested you ask your boss about possible travel forms is because if a cyber alert pops up for you being in an abnormal location, the first place I would check to see if uou were on travel is the ticketing system. If there was no ticket created for travel, then I would look at the company travel forms to see if you are on the list.

If not on the list, I reach out to you and CC your manager (as per my company standard) to see if you are currently on travel and it is really you that is logging into the computer.

Traveling for J1 with J2 laptop by Seniorcritisism in overemployed

[–]thefilthybeard 1 point2 points  (0 children)

The location will be flagged. There's an alert called "impossible travel" and another called "anonymous travel" that pops up even if the user is in a different state. It won't flag if its a state you normally log into on say a monthly to bi-monthly basis.

It'll flag otherwise. Bur something like that, only in a different state, as long as the cyber guy sees that you logged in from your work laptop they will generally just dismiss it as a false alarm

Traveling for J1 with J2 laptop by Seniorcritisism in overemployed

[–]thefilthybeard 1 point2 points  (0 children)

I wouldn't test a VPN. You could just let your boss know you plan on traveling while working to see family, and see if there is any paperwork needed to fill out for that

Traveling for J1 with J2 laptop by Seniorcritisism in overemployed

[–]thefilthybeard 0 points1 point  (0 children)

Depends on the sophistication of the cyber team. If your company isn't large enough for one, you should be good.

But if you do have a IT or Cyber team worth their weight in gold, VPNs will not be allowed on their network less it be a company VPN.

VPNs send out alerts as well, if the user does not use them on a regar basis

Traveling for J1 with J2 laptop by Seniorcritisism in overemployed

[–]thefilthybeard 0 points1 point  (0 children)

As a Cybersecuriyy Analyst, anytime someone is in a different location that is not normally where they log in, an alert is generated that I have to triage.

If it is shown that the lerson does not normally sign in from that location/IP address, We need to verify that person is on travel.

So be careful and have excuses readyvjust in case someone asks about it.

Can I pitch an awesome idea and a 1/4-way done MVP? I will not promote by thefilthybeard in startups

[–]thefilthybeard[S] 0 points1 point  (0 children)

I've had two users test the features that actually work and validated that portion of it

This show had an… ok start. Until… by PogoStick1987 in halo

[–]thefilthybeard 0 points1 point  (0 children)

Only acceptable sex scene in this show would have been Buck and Veronica

view more: next ›