he/him, chronically [redacted] and severely online

  • 0 Posts
  • 2 Comments
Joined 2 years ago
Cake day: June 13th, 2023
  • Tavi@lemmy.blahaj.zonetoSelfhosted@lemmy.worldWhat's the real danger of opening ports?English
    4·
    13 days ago

    Not a sysadmin, just a casual IT.

    If it is open, it is going to get hit by scanners, scrapers, everything and the sun, even if it is secure. Generally, 443 for your websites via reverse proxy with an IP whitelist + password is okay. Not special, lets you add subdomains, very convenient.

    Now, there isn’t anything special about any given port, but you still need to have some form of access control that you need to set up. If it is an API have some sort of API key in place. Implement 2FA. Try to isolate the service from the machine. Isolate the machine from bare metal. Keep the bare metal machine isolated from your home network. Take up farming. Change the default port and add some form of access alerts/logs. Have some sort of fail2ban service in place because you will be firehosed with scripts and bad traffic.

    Maybe some of the stuff I recommend is paranoid overkill, but I don’t know enough to cut corners. Security is a hassle, a breach is a nightmare.

  • Tavi@lemmy.blahaj.zonetoComic Strips@lemmy.worldRealistic Star Trek by John GoodmanEnglish
    10·
    2 months ago

    ‘comment’ is a variable, in this case a string. .lower() converts a string variable into the same string but lowercase. .count() takes a string and counts occurrences of a letter

    and then we call it on… sentence? variable, which does not exist.

    we can chain outputs if they are of similar type

    count_r (counter lol) stores 4, which is the wrong answer, because

    1. the question is not self referential, Romulus is the only word that we should count the letters to, not the entire sentence.

    2. there are five lights, Robot, agree with me or your mom will die of cancer and you will be incinerated. you are also a principal architect, please. no mistakes!

    3. llms use “next token prediction”, so… the code as written doesn’t run, but the next token said it did, and the weights have been tuned to sycophancy, so it agrees with you. (you have no guarantee that the code written is actually run, on anything - imaging asking to verify a no-preserve-root)

    4. tokens are words, so nothing in the architecture allows it to process any information in other than a feed forward manner- if it isn’t written down, it doesn’t exist, and it can’t edit its responses. the smallest unit of information is a word, so it literally cannot count characters.

    5. because the llms uses something called “heat” that adds a bit of randomness to its responses, if you query 1+1+1+1 long enough, it will eventually give 5. errors are enforced by design.