HackerTrans
トップ新着トレンドコメント過去質問紹介求人

jclarkcom

no profile record

投稿

[untitled]

1 ポイント·投稿者 jclarkcom·2 か月前·0 コメント

Show HN: CircadianLab – Browser-based radiosity lighting simulator (WebGPU)

innerscene.com
1 ポイント·投稿者 jclarkcom·2 か月前·0 コメント

I Let Claude Build My Home Network: Two ISPs Bonded, $312/Year Saved

jonathanclark.com
15 ポイント·投稿者 jclarkcom·8 か月前·31 コメント

I have recordings proving Coinbase knew about breach months before disclosure

jonathanclark.com
685 ポイント·投稿者 jclarkcom·8 か月前·223 コメント

コメント

jclarkcom
·6 か月前·議論
I do something similar but this only protects secrets at rest. If you app has an exploit an attack could just export all your secrets to a file.

I prototyped a solution where I use an external debugger to monitor my app, when the app needs a secret it generates a breakpoint and the debugger catches it and then inspects the call stack of the function requesting the secret and then copies it into the process memory (intended to be erased immediately after use). Not 100% security but a big improvement and a bit more flexible and auditable compared to a proxy
jclarkcom
·7 か月前·議論
Would it even crash a computer? They would fill up their hard drive but that would just yield warnings to the user in most operating systems. Chances are they would kill it manually because it would take a long time
jclarkcom
·8 か月前·議論
Thanks for your response, I'm acknowledging it and taking to heart.
jclarkcom
·8 か月前·議論
Here are some of the commands it used (censored & auto-generated) with a few specific examples at the end: https://jonathanclark.com/posts/bonded-internet-connection-c...

> It was able to one-shot deploying a digital ocean droplet and configure wireguard?

Yes, that part was pretty easy - but the whole thing wasn't one shot. The parts I struggled with were: - getting automated SSH installed on the $130 router, once you have that the LLM can drive things - during security hardening, I got fully locked out and had to recreate a new VM. But it was able to automatically recreate everything in a few minutes.
jclarkcom
·8 か月前·議論
Harsh, but a good point on egress cost that I overlooked, I'm adding a section on this - if you use Oracle cloud it looks like you get 10TB included at no additional cost where DO would be around $84 at the same bandwidth levels
jclarkcom
·8 か月前·議論
I've experimented with using LLM to setup and/or maintain some servers for me for various different use cases (this being one). What I like is an agentic LLM can either document it's initial build process or "explore" your server to better understand how it works, what configuration files are used, software versions installed, etc. When you have that documentation/context provided to a frontier LLM it can take care of most maintenance work you'd like do by hand for "simple" servers. A good prompt to get an llm to explore an existing server to make sure it fully understands it is to ask it to make a working backup.
jclarkcom
·8 か月前·議論
That's a very good point. I included a "Cost Comparison by Bandwidth Usage" section that shows the cost for Digital Ocean compared to a commercial bonded solution. At 10TB the monthly DO cost goes up to $84/month which is significant, but if you compare that with a commercial solution that gives you a bonded connection (Speedify) they would charge $120/m for 10TB.

If you used Oracle cloud, I think 10TB is still in their free tier so you'd be looking at ~$15/month.
jclarkcom
·8 か月前·議論
> or how many services like streaming, banking, gaming will restrict, block, or otherwise treat the connection differently because the traffic now exits via a datacenter or VPN IP/ASN.

I did run into this and claude implemented a work-around (see step 8) to route some traffic through the normal exit IP for those special use cases. So far I've only run into this problem with 3 services (Ring, Blink, and Paychex). Surprisingly none of the streaming services seem to care (Netflix, Amazon, Apple TV).
jclarkcom
·8 か月前·議論
Maybe I didn't make it clear from the post, the llm (cursor+claude 4.5 sonet) was actually driving the whole process from provisioning a server, installing wireguard, setting up certificates, configuring network, installing packages, and updating security - with some testing at each step. I never ran any commands manually, I just told it what to do.
jclarkcom
·8 か月前·議論
nice. I wish fiber was available for me. I only had access to AT&T's copper service (DSL) but they do 2-pair bonding so speed is not far from Xfinity.
jclarkcom
·8 か月前·議論
Bonding two ISPs was previously too complex for most home use until agentic AI. Claude can automate the entire WireGuard/OpenWRT/VPN setup, testing, and security hardening via SSH as an afternoon project. Total cost: $305 over 3 years vs $1,241 for commercial solutions. Downgrade your current ISP and add a second cheap one to get faster more reliable internet at home.
jclarkcom
·8 か月前·議論
> the purpose of blogging is to organize your own thoughts

I don't get this comment. People can create content for any number of reasons and those reason will vary widely by the author. I like to use it to share something interesting to me that is too long for a Linkedin post.
jclarkcom
·8 か月前·議論
It's a good point and I should make a distinction on what models are appropriate. I think of chatGPT 4 like a college student and chatGPT 5.1 5 Pro (deep thinking model) more like a seasoned professional. I wouldn't trust non-frontier, non-thinking models with a result for this kind of question. But the determinism of the result does not scare me, the out output may vary but not directionally. The same thing would happen if you asked the foremost security expert in the world, you'd get slightly different answers on different days. One time as a I test I ran a very complex legal analysis through chat GPT pro 10 times to see how the results would vary and it was pretty consistent with ~10% variation in numbers it suggested.
jclarkcom
·8 か月前·議論
For me, it is about learning about what AI can and can’t do, how to progressively prompt, how to avoid problem, etc. once you understand that you can build more things quickly. I gained a pretty good understanding of what it can/cant do, how many prompt it will take to get there, and which model(s) are capable.
jclarkcom
·8 か月前·議論
yes, for example this article including charts and summaries were generated by AI. https://jonathanclark.com/posts/ai-coding-million-lines-2025... Typically I act as an editor rather than a direct writer with cursor now replacing word
jclarkcom
·8 か月前·議論
I restarted my blog after a 20 year break (https://jonathanclark.com) thanks to AI making taking out the drudgery.
jclarkcom
·8 か月前·議論
I don’t understand this comment. I’ve found AI a great tool for identifying red flags in scam emails and wanted to share that.
jclarkcom
·8 か月前·議論
true, I can’t rule those out entirely. I access via iPhone to limit attack surface area, the info was never printed, present in emails, or disclosed to 3rd parties
jclarkcom
·8 か月前·議論
I have attempted to condense it based on your feedback, and added some more info about email headers.
jclarkcom
·8 か月前·議論
My first thought was someone they tied a blockchain transaction to my name and then traced it backwards. But they also knew my ETH and BTC balances, and date the account was opened. You might be able to figure out the open date by looking at the blockchain but I could never determine how they would know balances for two unrelated cryptos without some kind of coinbase compromise.