Zerossl is integrated with Caddy by default and there’s no indication from Caddy that you would only be able to renew the cert twice before needing to cough up some money.
It would be cool if the output that that the LLM made (commands it ran to harden, the iptables, MPTCP config, etc.) was included in the post.
It seems incredulous that this didn’t take dozens of back and forth prompts and fixes. It was able to one-shot deploying a digital ocean droplet and configure wireguard?
> It was able to one-shot deploying a digital ocean droplet and configure wireguard?
Yes, that part was pretty easy - but the whole thing wasn't one shot. The parts I struggled with were:
- getting automated SSH installed on the $130 router, once you have that the LLM can drive things
- during security hardening, I got fully locked out and had to recreate a new VM. But it was able to automatically recreate everything in a few minutes.
Thanks for sharing. Just looking over this it seems to spend some time creating ufw rules and then deletes them all and disables ufw. Is that accurate or is this just the output and you had to copy and paste in?
I am assuming all the missing steps is just the information you censored.
Yeah but if I program a drone swarm to automate this process it’s for the greater good — more apples for everyone!
And I only charge a tiny subscription for access to all my drone-managed orchards, you can eat as many apples as you want. But don’t steal any and start your own orchard or I sue.
All the people who care for the trees and pick the apples have lost their job while an apple became nearly worthless, but without a job it‘s still unaffordable.
Replace your drones with China or India and you have the current situation in the US.
Apple farmers go out of business so you lose the people who create new varieties.
> but I use those 1,000 apples to start my own orchard
Steal cuttings, not the fruit, if you plan to start an orchard. From 1000 apples you'll get ~10 000 seeds, statistically you won't even end up with one good tree.
> An output of three cultivars from around 50.000 seeds means that 17.000 seeds were needed to get one cultivar. Only one out of around 9.000 scab resistant seedlings showed the appropriate quality to become a cultivar. This proportion underlines the enormous effort which is necessary to develop a new cultivar.
Hell is it going to start injecting ads into coding output? Ask Codex to generate you a fix for your web app and it spits out a number for a web hosting service? Give it a Jira ticket and it gives you an ad for a different SaaS ticketing system?
Is it going to inject ads for indeed while a recruiter is using ChatGPT to summarize a stack of resumes?
If it only ever injects ads for specific requests how profitable would that even be? I understand clients would want their product to be recommended but if I only get the ad answer when prompting a certain way, can I the user avoid ads by asking questions a specific way?
In a Windows environment this can be managed with AppLocker, or an endpoint management solution, or 3rd-Party tool like Threatlocker.
It becomes less about controlling the users and more about stopping any bad guy dead in their tracks. If nothing but what has been implicitly authorized can execute, then 99% of ransomware attacks will be stopped immediately even after the user clicks the link.
Your company software procurement process shouldn’t be so onerous that people turn to Shadow IT. You have to work with people where they are.
Thanks for sharing this! Yesterday I was just wondering about ssh key verification techniques for third party services.
SSH keys are amazing, portable and in some ways easier to use than Passkeys. But for them to successfully replace passwords and account configuration, which works decently well for a service like pico.sh, the user experience needs to be improved significantly. Not impossible but what does become a continuous and ongoing problem is verification.
If Gold kept pace with inflation (roughly $35 an ounce in 1970 dollars) it would be ~$279.98 an ounce in 2025 dollars.
So inflation has almost nothing to do with the current price of gold and the grandparent post’s speculation about the futures market running hot is far more likely. The price of gold isn’t attached to the dollar and hasn’t been for over 50 years.
I would like to see that chart because houses have also spiked significantly in price especially since 2008. That maintaining a consistent ratio would at least eliminate the dollar from the equation showing value not just dollars.
A quick sanity check of my own house would show that it would cost something like 75 ounces of gold. It was built in the 70’s and originally sold for 45,000, or well over 250 ounces of gold in gold prices from around then. Doesn’t seem right…
The other way to think about it is that the price of many other things may have gotten cheaper (in terms of labor/capital) at the same time as fiat inflation.
But how can you untangle an objective production price from the fiat / economy it's produced out of?
If that were the case, you'd expect scarce but still produced assets (e.g. housing) to have both increased in price (due to fiat inflation) and decreased in price (due to production technology efficiencies).
Which one dominates to what degree likely depends on the asset.
Inflation has been masked and understated for decades. Some of the inflation was concealed by getting rid of domestic production in favor of cheap imports. These chickens are coming home to roost.
By this logic, if a single person in Romania purchases a product from me, I must hire someone in Romania or else the transaction is unethical? Immoral?
If I only need 10 developers to make some software and sell it globally why should I have to hire more people?
Zerossl is integrated with Caddy by default and there’s no indication from Caddy that you would only be able to renew the cert twice before needing to cough up some money.
reply