When looking at the CVE itself, it seems like a bug that only gets triggered on a very specific corner case that neither the client or website alone can trigger.
Of course, it’s good that it gets reported and fixed, but I’m pretty sure these kind of bugs can only get caught by people randomly stumbling on them
You’ve probably read about language model AIs basically being uncontrollable black boxes even to the very people who invented them.
When OpenAI wants to restrict ChatGPT from saying some stuff, they can fine tune the model to reduce the likelihood that it will output forbidden words or sentences, but this does not offer any guarantee that the model will actually stop saying forbidden things.
The only way of actually preventing such an agent from saying something is to check the output after it is generated, and not send it to the user if it triggers a content filter.
My point is that AI researchers found a way to simulate some kind of artificial brains, from which some “intelligence” emerges in a way that these same researchers are far from deeply understanding.
If we live in a simulation, my guess is that life was not manually designed by the simulation’s creators, but rather that it emerged from the simulation’s rules (what we Sims call physics), just like people studying the origins of life mostly hypothesize. If this is the case, the creators are probably as clueless about the inner details of our consciousness as we are about the inner details of LLMs
I’m personally using Docker MailServer. It’s been working great for over a year now, but mailu seems to have some interesting features (I’m especially interested in the admin panel)
You’re probably behind a CGNAT, check out the other comments
Glad I could help :)
Your ISP might make you go through another layer of NAT. Can you find the WAN IP address of your router and compare it to your public IP address from a website such as ipinfo.io ?
If they do not match, you’re probably out of luck and will need to forward your port from an actually public IP in order to achieve what you want
More details : CGNAT (Carrier Grade Network Address Translation) is basically a second router between your router and the public internet. This second router is configured in the same way as your personal one, the main difference being that your ISP fully manages it. From the viewpoint of this second router, your WAN IP is a private IP, and you share one actual public IP with several other customers (the same way all devices on you LAN share one single WAN IP)
Performing port forwarding from the public internet to your LAN, when behind a CGNAT, would require you to be able to configure a forwarding rule in the ISP’s NAT, which you usually cannot do.
Something’s odd with the numbers from fediverse observer. Numbers shown in monthly graphs should be about 30 times higher than numbers shown in daily graphs, but they are about the same
VSCode being essentially a text editor is a perfect example of software that should not use 1GB+ of RAM
Recently, 2 different user agents started scraping my Lemmy instance at nearly the same time : AmazonBot and ClaudeBot
I wonder if (and how) it may be related to this headline
A blog post I wrote got shared there a while back, but I did not ask for an invite back then. 2 years later, and I don’t feel legitimate to ask for an invite anymore
Having a certificate for any subdomain has implications for other sibling domains, even without a wildcard certificate.
By default, web browsers are a lot less strict about Same Origin Policy for sibling domains, which enables a lot of web-based attacks (like CSRF and cookie stealing) if your able to hijack any subdomain
I did not have the money to pay the insane amounts these greedy for-profit certificate authorities asked, so I only remember the pain of trying to setup my self-signed root certificate on my several devices/browsers, and then being unable to recover my private key because I went over the top with securing it.
I can recommend some stuff I’ve been using myself :
I design, deploy and maintain such infrastructures for my own customers, so feel free to DM me with more details about your business if you need help with this
It’s not that I don’t believe you, I was genuinely interested in knowing more. I don’t understand what’s so “precious” about a random stranger’s thought on the internet if it’s not backed up with any source.
Moreover, I did try searching around for this and could not find any result that seemed to answer my question.
Can you give examples of countries where mainstream media is not owned by billionaires ?
I’m pretty sure they are actually hosting it. The tech is quite different (cofractal uses urls ending with {z}/{x}/{y}, while their tile sever uses this stuff that works quite differently)
They told me about hosting their own tile server earlier today. I’m really impressed by how fast they moved !
A pull request for a privacy page during the onboarding is in the works, and I’ve been working with them to update the settings page and documentation (with the goal of providing an easy way to switch map providers). They are also working on a privacy policy, and want to ship all of this in a few weeks as part of a single release.
Once again, I’m really impressed with how well they’re handling this
With all the botting going on on Reddit, this whole Google AI deal makes me think of the recent paper that demonstrates that, as common sens would suggest, deep learning models collapse when successive generations are trained on the previous generations’ output
never stopped POSTing, even though I configured nginx to always respond 403 to anything from them for about a year now.
Lol, there are definitely some stubborn user agents out there. I’ve been serving 418 to a bunch of SEO crawlers - with fail2ban configured to drop all packets from their IPs/CIDR ranges after some attemps - for a few months now. They keep coming at the same rate as soon as they get unbanned. I guess they keep sending requests into the void for the whole ban duration.
Using 418 for undesirable requests instead of a more common status code (such as 403) lets me easily filter these blocks in fail2ban, which can help weed out a lot of noise in server logs.
Alternatively, if your databases are on a filesystem that supports snapshots (LVM, btrfs or ZFS for instance), you can make a snapshot of the filesystem, mount the snapshot and backup thame database from it. This will ensure the backup is consistent with itself (the backed up directory was not written to between the beginning and the end of the backup)