• 0 Posts
  • 498 Comments
Joined 3 years ago
cake
Cake day: July 29th, 2023

help-circle


  • mlg@lemmy.worldtoFuck AI@lemmy.worldNo good outcome here
    link
    fedilink
    English
    arrow-up
    4
    ·
    2 days ago

    People replying to this with “muh enterprise” don’t understand that I can still plug in a Supermicro server with the correct power input, spin up Linux, and do whatever the hell I want with my giga ultra 8x NVlink GPU 2X Xeon CPU morbillion dollar server.

    Now even though it will be sold for a measly couple thousand dollars after the collapse, it doesn’t mean I can’t burn through my unemployment savings to have fun lol.


  • GitHub gets autoscanned by thousands of malicious actors for keys and credentials on every commit, including the comments lol.

    The fact that CISA themselves never saw an automated breach attempt only minutes after pushing to github is the more interesting story here.

    Either the contractor is so incompetent that they didn’t have any logging set up and the breach went completely unnoticed for 6 months.

    Or this really is some fat honeypot that they won’t admit is a honeypot because they’ve been using it to watch or bait APTs.

    Currently, there is no indication that any sensitive data was compromised as a result of this incident

    This is literally impossible unless it really was a honeypot. You can demo this yourself in real time. Make a throwaway cloud account on your favorite provider, commit the cloud auth token into a repo, and you will see an automated bot login within minutes.

    Commiting any secrets to a public repo should just be considered auto compromised because of how potent it is.

    That stuff ususlly gets exposed via poor CI/CD permissions where credentials are required, but straight up file commit is like publicly announcing exactly where you left your house keys lol.



    • Anything that you can shove hardware into (CPU, RAM, HDDs, maybe a PCI slot), so any used workstation is a great start, and don’t bother splurging initially, just follow the quality tool rule and only buy when something becomes inadequate. If you want to jump straight into loud and noisy severs, you can pick up used servers for cheap like R730s which there’s a ton of out there. Just avoid 2.5" drive bays because 3.5" HDDS are way cheaper per Gb.

    • Would recommend podman over docker as its matured to the point where it has a lot of better features like rootless, quadlets, etc that you might want to take advantage of in the future. OS is whatever linux you prefer, but I recommend you stay away from Ubuntu. If you want something RedHat but not as cutting edge as Fedora, I’ve heard OpenSUSE is pretty nice.

    For apps, If you want to do HTTPS via GUI then npmplus is nice option, Otherwise caddy can do the same with text config. Rest is whatever you want to try out :)

    EDIT: If you start making an *arr stack, I would recommend recyclarr to handle the quite expansive content filter settings for sonarr and radarr.


  • I hate to break the news but the issue with Bitwarden is that the client sucks total ass, and there are no drop in 3rd party replacements for the browser plugin.

    Been running Vaultwarden for a while now and even though the sync implementation is nice and clean, it’s just not worth the end user experience.

    This is really dumb when compared to literally every other password manager, open source and enterprise which does a much better job of actually being a password manager and not a glorified encrypted text file.

    I’m eventually going to switch back to KeePassXC and just suggest setting a master password with Firefox’s builtin password manager for everyone else who just wants a painless user experience and not have to deal with syncing vaults.



  • NIMBY is usually more to do with perceived loss in value though no?

    People don’t want AI datacenters because they are directly offloading energy costs to neighborhoods via substantially higher power bills. Which is happening because the demand is so high, they can’t compensate by building more power sources in the same time frame.

    That and the poor reception to the AI market, which is wrecking jobs, the economy, etc.

    Otherwise, datacenters were pretty well known for being built with very little resistance before this, especially since lots of providers, like Google, would fund geopower sources to power their datacenters which would add power to the grid with surplus.






  • I’m curious but has anyone’s business/employer actually bought or used these off the shelf “AI” solutions that are all running the same cloud model with a fancy system prompt + frontend?

    Because I really have only seen ChatGPT, Claude, or sometimes Gemini in enterprise.

    Actually for that matter, I don’t even know anyone personally who tried any of the ad spam ones from the superbowl.






  • There’s the MTT S80 (First PCIe Gen 5 GPU lol) which is the consumer grade version of Moore Thread’s enterprise GPUs like S4000, but the problem is that they trade off super cheap VRAM and PCIe bandwidth for low compute power compared to even antiquated stuff from Intel, AMD, and Nvidia.

    They’re actually a great choice if you want to run AI/LLM stuff for really cheap, and Moore threads has their own CUDA knockoff called MUSA which iirc does have support in the various LLM backends available. Back when they released, it was going for something like $160 in China and ~$200-250 online. Could easily pool the VRAM, though finding a mobo+CPU combo with enough PCIe lanes to spare meant you’d most likely not be taking advantage of more than maybe 2 or 3 cards in one tensor parallel split.

    China’s domestic processor production is still catching up, so even though they have access to high speed RAM and all the latest standards, they don’t have the cores to match.

    Their last KX7000 x86 CPU was comparable to a skylake i5 or i7, but just with newer standards like DDR5 and PCIe gen 4. So they’re about 7 years behind based on that estimate.