Since Wireguard uses UDP and peers only reply to a received packet if it's expected and valid, it won't show up in port scans and barely increases your attack surface. Tailscale and Zerotier are quite nice, but personally I dislike NAT-punching protocols.
floquant
joined 5 months ago
Sigh. This will most likely come up in every legalization discussion in the future
Indeed... IPv6 needs to be actively disabled, not enabled, by default.
Unless your ISP provides IPv6 connectivity, which gives every endpoint a globally-routable address. Firewalling at the router only works because of NAT.
Point being...?
It is absolutely not, but I understand it's easy to lose sense of scale when you go into billions territory.
Which, you know, is fine. Maybe if people had an idea of how much power is required to run them, they would think twice before using a gigawatt to output a poem about farts, and perhaps even wonder how OpenAI can offer that for free. Btw, a 7b model should run ok on any PC with at least 16GB of RAM and a modern processor/GPU.
Since when is Bitcoin a brand lmao? I'm really struggling to see how it is comparable to McDonald's or Windows. Having a logo does not make you a corporation
which I would have never learned to do.
it knows how to code
Please take a step back and reconsider what you think your mind can do vs what LLMs can. The ability to understand is what separates us from machines, at least for now. Not saying AI is bad, but it's important to keep in mind what it is, and what we are. Also, fuck OpenAI, run local models if you can.
They are doing something about carbon emissions. Emitting more of it.
I can't change my router's DNS
Do you mean you can't change the DNS server in the DHCP settings or the server the router itself uses? In the first case you might be able to use Pi-Hole's DHCP server instead, while for the latter it shouldn't be an issue - I actually usually leave upstream servers configured there to avoid loops. BTW, you might also be able to flash OpenWRT to your router
view more: next ›
It seems like your whole threat model is avoiding DNS poisoning, which is fine, but I fail to see how you can compare using DoH/DoT to a VPN.
Except for the DNS provider (in your example, Google, so... yikes), the operator of the network you're on (since the destination IP can be rDNS'd or WHOIS'd, or simply grabbed from the Host header if your browser still tries HTTP first). Any traffic that is not encrypted will be snoopable. Traffic volume and connection times to each destination can be analyzed.
By contrast, a VPN will also use secure (if you trust the provider ofc) DNS servers for your requests, plus making all of the traffic completely opaque except for "going to this server".
You can also make your own, free VPN service with a little technical knowledge.