HackerTrans
TopNewTrendsCommentsPastAskShowJobs

jclarkcom

no profile record

Submissions

[untitled]

1 points·by jclarkcom·2 месяца назад·0 comments

Show HN: CircadianLab – Browser-based radiosity lighting simulator (WebGPU)

innerscene.com
1 points·by jclarkcom·2 месяца назад·0 comments

I Let Claude Build My Home Network: Two ISPs Bonded, $312/Year Saved

jonathanclark.com
15 points·by jclarkcom·8 месяцев назад·31 comments

I have recordings proving Coinbase knew about breach months before disclosure

jonathanclark.com
685 points·by jclarkcom·8 месяцев назад·223 comments

comments

jclarkcom
·6 месяцев назад·discuss
I do something similar but this only protects secrets at rest. If you app has an exploit an attack could just export all your secrets to a file.

I prototyped a solution where I use an external debugger to monitor my app, when the app needs a secret it generates a breakpoint and the debugger catches it and then inspects the call stack of the function requesting the secret and then copies it into the process memory (intended to be erased immediately after use). Not 100% security but a big improvement and a bit more flexible and auditable compared to a proxy
jclarkcom
·7 месяцев назад·discuss
Would it even crash a computer? They would fill up their hard drive but that would just yield warnings to the user in most operating systems. Chances are they would kill it manually because it would take a long time
jclarkcom
·8 месяцев назад·discuss
Thanks for your response, I'm acknowledging it and taking to heart.
jclarkcom
·8 месяцев назад·discuss
Here are some of the commands it used (censored & auto-generated) with a few specific examples at the end: https://jonathanclark.com/posts/bonded-internet-connection-c...

> It was able to one-shot deploying a digital ocean droplet and configure wireguard?

Yes, that part was pretty easy - but the whole thing wasn't one shot. The parts I struggled with were: - getting automated SSH installed on the $130 router, once you have that the LLM can drive things - during security hardening, I got fully locked out and had to recreate a new VM. But it was able to automatically recreate everything in a few minutes.
jclarkcom
·8 месяцев назад·discuss
Harsh, but a good point on egress cost that I overlooked, I'm adding a section on this - if you use Oracle cloud it looks like you get 10TB included at no additional cost where DO would be around $84 at the same bandwidth levels
jclarkcom
·8 месяцев назад·discuss
I've experimented with using LLM to setup and/or maintain some servers for me for various different use cases (this being one). What I like is an agentic LLM can either document it's initial build process or "explore" your server to better understand how it works, what configuration files are used, software versions installed, etc. When you have that documentation/context provided to a frontier LLM it can take care of most maintenance work you'd like do by hand for "simple" servers. A good prompt to get an llm to explore an existing server to make sure it fully understands it is to ask it to make a working backup.
jclarkcom
·8 месяцев назад·discuss
That's a very good point. I included a "Cost Comparison by Bandwidth Usage" section that shows the cost for Digital Ocean compared to a commercial bonded solution. At 10TB the monthly DO cost goes up to $84/month which is significant, but if you compare that with a commercial solution that gives you a bonded connection (Speedify) they would charge $120/m for 10TB.

If you used Oracle cloud, I think 10TB is still in their free tier so you'd be looking at ~$15/month.
jclarkcom
·8 месяцев назад·discuss
> or how many services like streaming, banking, gaming will restrict, block, or otherwise treat the connection differently because the traffic now exits via a datacenter or VPN IP/ASN.

I did run into this and claude implemented a work-around (see step 8) to route some traffic through the normal exit IP for those special use cases. So far I've only run into this problem with 3 services (Ring, Blink, and Paychex). Surprisingly none of the streaming services seem to care (Netflix, Amazon, Apple TV).
jclarkcom
·8 месяцев назад·discuss
Maybe I didn't make it clear from the post, the llm (cursor+claude 4.5 sonet) was actually driving the whole process from provisioning a server, installing wireguard, setting up certificates, configuring network, installing packages, and updating security - with some testing at each step. I never ran any commands manually, I just told it what to do.
jclarkcom
·8 месяцев назад·discuss
nice. I wish fiber was available for me. I only had access to AT&T's copper service (DSL) but they do 2-pair bonding so speed is not far from Xfinity.
jclarkcom
·8 месяцев назад·discuss
Bonding two ISPs was previously too complex for most home use until agentic AI. Claude can automate the entire WireGuard/OpenWRT/VPN setup, testing, and security hardening via SSH as an afternoon project. Total cost: $305 over 3 years vs $1,241 for commercial solutions. Downgrade your current ISP and add a second cheap one to get faster more reliable internet at home.
jclarkcom
·8 месяцев назад·discuss
> the purpose of blogging is to organize your own thoughts

I don't get this comment. People can create content for any number of reasons and those reason will vary widely by the author. I like to use it to share something interesting to me that is too long for a Linkedin post.
jclarkcom
·8 месяцев назад·discuss
It's a good point and I should make a distinction on what models are appropriate. I think of chatGPT 4 like a college student and chatGPT 5.1 5 Pro (deep thinking model) more like a seasoned professional. I wouldn't trust non-frontier, non-thinking models with a result for this kind of question. But the determinism of the result does not scare me, the out output may vary but not directionally. The same thing would happen if you asked the foremost security expert in the world, you'd get slightly different answers on different days. One time as a I test I ran a very complex legal analysis through chat GPT pro 10 times to see how the results would vary and it was pretty consistent with ~10% variation in numbers it suggested.
jclarkcom
·8 месяцев назад·discuss
For me, it is about learning about what AI can and can’t do, how to progressively prompt, how to avoid problem, etc. once you understand that you can build more things quickly. I gained a pretty good understanding of what it can/cant do, how many prompt it will take to get there, and which model(s) are capable.
jclarkcom
·8 месяцев назад·discuss
yes, for example this article including charts and summaries were generated by AI. https://jonathanclark.com/posts/ai-coding-million-lines-2025... Typically I act as an editor rather than a direct writer with cursor now replacing word
jclarkcom
·8 месяцев назад·discuss
I restarted my blog after a 20 year break (https://jonathanclark.com) thanks to AI making taking out the drudgery.
jclarkcom
·8 месяцев назад·discuss
I don’t understand this comment. I’ve found AI a great tool for identifying red flags in scam emails and wanted to share that.
jclarkcom
·8 месяцев назад·discuss
true, I can’t rule those out entirely. I access via iPhone to limit attack surface area, the info was never printed, present in emails, or disclosed to 3rd parties
jclarkcom
·8 месяцев назад·discuss
I have attempted to condense it based on your feedback, and added some more info about email headers.
jclarkcom
·8 месяцев назад·discuss
My first thought was someone they tied a blockchain transaction to my name and then traced it backwards. But they also knew my ETH and BTC balances, and date the account was opened. You might be able to figure out the open date by looking at the blockchain but I could never determine how they would know balances for two unrelated cryptos without some kind of coinbase compromise.