• Technology Consultant.
  • Software Developer.
  • Musician.
  • Burner.
  • Game Master.
  • Non-theistic Pagan.
  • Cishet White Male Feminist.
  • Father.
  • Fountain Maker.
  • Aquarium Builder.
  • Hamster Daddy.
  • Resident of Colorado.
  • Anti-Capitalist.
  • Hackerspace Regular.
  • Traveler of the American West.
  • 4 Posts
  • 201 Comments
Joined 2 years ago
cake
Cake day: June 7th, 2023

help-circle





  • This is extremely possible and I have done a lot of stuff like it (I set up my first home built Linux firewall over 20 years ago). You do want to get some kind of multiport network card (or multiple network cards… usb -> ethernet adapters can do OK filling in in a pinch). It also gives you a lot of power if you want to do specific stuff with specific connections (sub netting, isolation of specific hosts, etc).

    There’s a lot of ways to do it, but the one I’m most familiar with is just to use IP tables.

    The very first thing you want to do is open up /proc/sys/net/ipv4/ip_forward and change the 0 to a 1 to turn on network forwarding.

    You want to install bridge-utils and isc-dhcp-server (or some other DHCP server). Google or get help from an LLM to configure them, because they’re powerful and there’s a lot of configs. Ditto if you want it to handle DNS. But basically what you’re going to do (why you need bridge-utils) is you’re going to set up a virtual bridge interface and then add all the various NICs you want on your LAN side into it (or you can make multiple bridges or whatever… lots of possibilities).

    Your basic iptables rule is going to be something like

    iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE, but again there’s lots of possible IP tables rules so read up on those.




  • I’m working with a team where my business partner and I are external consultants, but they also have internal developers (who are mostly very junior and need hand holding with things like using git).

    Anyway, the CEO (without talking to us first) hired a pure vibe coder with no software engineering experience to build the user interface. Super nice guy, super easy to work worth, super eager to learn but OH MY GOD THIS CODE.

    A lot of my work is / has been in cybersecurity (mostly for the space industry / NASA adjacent projects, but also less recently for start ups and fortune 500 companies). This app is the worst I’ve ever seen. The AI writes things SO weirdly. 30k lines of typescript to do something we could have done in 6k. Reams of dead code. Procedural code to do repeatable tasks instead of functions / classes (10 different ways of doing the same thing). API keys / data base credentials committed to git. API Keys stored in .env but then ALSO just hardcoded into the actual API calls.

    AND no. At the end of the day, it wasn’t cheaper or faster than it would have been to hire us to do it right. And the tech debt now accumulated to secure / maintain this thing? Security is a long term requirement, we’re bringing a buddy of mine in to pentest this thing next week, I expect him to find like 10-12 critical vulns. Wow.

    tl;dr: If a project requires security, stability, auditability, or the need to quickly understand how something works / why something happens, DON’T vibe code it. You won’t save money OR time in the long run. If you’re project DOESN’T need any of those things (and never will), then by all means I guess, knock yourself out.




  • We tried to build systems that perform a kind of basic, rudimentary, extremely power intensive and inefficient mimicry of how (we think maybe) brain cells work.

    Then that system lies to us, makes epic bumbling mistakes, expresses itself with extreme, overconfidence, and constantly creatively misinterprets simple instructions. It recognizes patterns that aren’t there, and regurgitates garbage information that it picks up on the internet.

    Hmmm… Actually, maybe we’re doing a pretty good job of making systems that work similarly to the way brain cells work…