Not really a problem with putting other stuff on it, apart from adhering to security standards. If you want to separate your personal stuff from hosted stuff, go ahead, but just because its torrent, doesnt make it much different.
Put it in a VM if you dont have a second machine i guess.
Strong argument, anything else?
To be fair, any proper VPN setup that only relies on the routing table like this is flawed to begin with.
If the VPN program dies or the network interface disappears, the routes are removed aswell, allowing traffic to leave the machine without the VPN.
So it is already a good practice to block traffic where it shouldnt go (or even better, only allowing it where it should).
Many VPN-Programs by Providers already have settings to enable this to prevent “leaking”.
To be fair, any proper VPN setup that only relies on the routing table like this is flawed to begin with.
If the VPN program dies or the network interface disappears, the routes are removed aswell, allowing traffic to leave the machine without the VPN.
So it is already a good practice to block traffic where it shouldnt go (or even better, only allowing it where it should).
Unikely… Kinda why VR also didnt get too popular, most players just prefer “classic” controls and not movement-controls.
But this is huge for VR and other usages of this, probably even useful for production routing, but i dont have any knowledge of that.
to be fair, they specifically target the way google ranks these websites. If google would rank them with less impact of what the website “bastardizes”, this could be generally less of an issue in the first place.
Make a deal with the devil, and the cost might be your soul
Just saw it too :D
Why would you ever need such a feature? Closed.
We cant read Apples mind, so thats wishful thinking. But sending telemetry (even if hidden) means it can be used.
Thats why e.g. Apple is using Differential Privacy for apps to use… to not have to give the Apps full access to e.g. usage data.
Of course Apple themselves isnt necessarily bound to that system themselves, who knew…
And why not allow other Apps to replace your default Apps if you want to? Why not have access to that Freedom?
After all you should be able to do anything you want with your system… or maybe you dont believe in this kind of freedom. Could just buy an Android phone. Fuck the person who wants to actually own their hardware, right? How could they be so dumb and want actual freedom, haha.
No, we play pretend while Freedom is further taken away under “Privacy” claims. Maybe that replacement battery will send your usage pattern via shortwave radio to an agent nearby…
you want a frontend, not the “service” itself.
Under “service” i usually understand the main logic part of something. In this case the LLM-processing itself.
Thats probably where the confusion is coming from here.
Bandwidth is one part… Storage is theother and usually you have less storage than bandwidth anyways.
Please include the actual calculations for energy-prices as many, you may not know, live in different locations and pay different prices compared to you.
mhh… you might be correct.
I havent considered how easy it actually is to search for a comment and find the exact post.
Question is if searching indexers like public search-engines is enough to call the data easily re-identifiable.
Or if this usage of personal data is covered somehow else e.g. legitimate interest, weighed against the freedoms of the data subjects, as you have listed above already.
Of course they are linked, but removing the username from the comments means they are mostly anonymized as far as GDPR is concerned.
It is perfectly fine to unlink data and keep processing it, as long as its considered anonymized under GDPR.
Your post content here is also not considered personal data, it shows up on a lookup request because its currently linked. If i crawl the page and dont save the username, the resulting data can most likely be considered anonymized under GDPR as far as the current interpretation is concerned.
It only becomes a problem as soon as i become aware the content indeed did contain personal data or probably also if i could have expected it to with high probability.
And i’d have to make sure to remove obvious ways to re-link the content to your user (e.g. mentions of your username in comments).
Anything else requires precedence about ways to re-identify someone based on posts on a platform weighed against the users freedom and the difficulty of doing such re-identification.
Recital 26 discusses when something could be considered anonymous. (or rather when gdpr would apply at all, and what it means to have anonymous data)
Now i dont want to defend reddit here, but afaik most comments are not subject to GDPR as long as you dont know they contain personal data and they have been detached from other personal data fields (like username).
So by removing personal data fields, they most likely become “anonymized”.
Of course thats not the end of it, you have to consider the available technology to de-anonymize this data for it to be legally called anonymized.
But i dont think there has been any case where this was challenged before… and i bet most supervisory authorities would discard such complaints as being “too hard to follow through”. (i got that reply from the Netherlands authority for checking newsletter opt-in from a website)
And i certainly dont think reddit or any operator will be forced to delete comments because they could be deanonymized depending on the content the user wrote, when most comments probably cannot be deanonymized.
Having to check everything for potentially identifiable data in that regard would be ridiculous for website operators.
Maybe some light checks sure, but not as deep as it would be required to truly anonymize everything that a user could have written to identify them.
Alot of that information becomes fragments as soon as you unlink it from the user. e.g. 12 people in a post wrote “I am gay”, great. But if you cant link that back to other comments of the same users somewhere else, its not identifiable, just text.
As far as i understood tailscale funnel its just a TCP-tunnel.
So you handle TLS on your own system, which makes sure tailscale cannot really interfere.
If you already trust them this far, might aswell do the same with a VPS and gain much more flexibility and independence (you can easily switch VPS provider, you cannot really switch tailscale funnel provider, you vendor-locked yourself in that regard)
I’d connect the VPS and your home system via VPN (you can probably also use tailscale for this) and then you can use a tcp-tunnel (e.g. haproxy), or straight up forward the whole traffic via firewall-rules (a bit more tricky, but more flexible… though not that easy with tailscale… probably best to use TCP-tunnel with PROXY-Protocol).
This way you can use all ports, all protocols, incoming and outgoing traffic with the IP-Address of the VPS.
Tailscale might even already have something that can configure this for you… but i dont really know tailscale, so idk…
And as you terminate TLS on your home-system, traffic flowing through the VPS is always encrypted.
If you want to go overboard, you can block attackers on the server before it even hits your home-system (i think crowdsec can do it, the detector runs on your home-system and detects attacks and can issue bans which blocks the attacker on the VPS)
And yes, its a bit paranoid… but its your choice.
My internet connection here isnt good enough to do major stuff like what i am doing (handling media, backups and other data) so i rent some dedicated machines (okay, i guess a bit more secure than a VPS, but in the end its not 100% in your control either)
Many systems dont support subpaths as it can cause some really weird problems.
As you use tailscale funnels, you really want incoming traffic from the internet. I am not sure thats a good idea for e.g. homeassistant that is limited in access anyways.
Might aswell use tailscale and access the system over VPN.
And for anything serious i wouldnt use something like funnel anyways. Rent a VPS and use that as your reverse-proxy, you can then also do some caching or host some services there. Much simpler to deal with and full support for such things as you then have an actual public IPv4/IPv6 address to use.
Heck, dont even have to pay for it with the Oracle Always-Free system.
How much time do you have? Because even small models will take alot of time on that kind of hardware to spit out a long text…
And the small models arent that great. I think the current best and economic model would be a mistral, mixtral or dolphin.
If you got the power, nous-capybara is very good and “only” 34B parameters (loading alone needs like 40GB of memory).
Dont. They are notoriously bad at such things. Lack of Hardware acceleration mainly. These old Chips and problems with single-board-complications are just not worth it at such high prices.
An Intel N100 MiniPC will have much more compute with less complications.