What kind of company do you work at? I try to aim for big enough to pay well and give good benefits, but has small enough teams that we own the whole product, start to finish. If you’re working at a software development company, maybe try a company that does something else, but still needs developers?

Yes, in qbittorrent, bind it to the VPN interface.

You’re going to have to moderate IRC too.

I expect it wasn’t even that, but that they just took the text generation output as if it was code. And yeah, in the shutdown example, if you connected its output to the terminal, it probably would have succeeded in averting the automated shutdown.

Which is why you really shouldn’t do that. Not because of some fear of Skynet, but because it’s going to generate a bunch of stuff and go off on its own and break something. Like those people who gave it access to their Windows desktop and it ended up trying to troubleshoot a nonexistent issue and broke the whole PC.

I’d prefer an approach that requires some input about what’s wrong with a post in order to reduce its prominence

A lot of the time, I downvote troll content that should not be engaged with. Like, not technically against the rules, but definitely someone who is not posting in good faith. If I responded to the post, I’d be contributing to the problem.

WAF and DMZ too.

Yes, scan the potential malware directly (exe, dll files). Not all scanners support extracting archives.

Yeah, I mean writing to a file. Do that in python, don’t wrap a script with more script.

You’re probably right about the process handling being the cause, but I wouldn’t worry about that and just do it right the first time.

Yup. Until you get into stuff like immutable distros, because that’s a whole different animal.

Modify the python script to include the new behavior.

I’ve never created a custom docker container, but I’m pretty sure you should make the entry point python itself, too.

If the US has tried that, SA would have tanked the dollar.

Yes, those are the known vulnerabilities. We don’t know how many unknown vulnerabilities could be discovered in the future.

Unlikely for the rar file itself. The exe seems a little suspicious, so I would scan that file individually. Hard to say without unpacking and examining it.

Firewalls can log dropped packets.

It depends on what you’re trying to do with it. Typically people only use Macs as servers when they’re doing development for Apple products.

Provide them with VPN access. If that’s too much for them, then they don’t get access. Tough. On the scale of security vs convenience, that’s nothing.

If you really really want, you should at least see if you can put a WAF in front, and put the server itself somewhere it doesn’t have access to the rest of your network (a DMZ) so that if and when it gets hacked, it doesn’t compromise the entire network.

Companies as big as Intel don’t typically go poof, they have bankruptcy proceedings and sell off their assets. If those assets contractually can’t be sold, then yeah AMD would be the remaining owner.

Step one is check with the university IT department. Don’t put random unmanageable shit on other people’s networks.

Why a Mac running Linux? I can’t think of a use case for that.

I still don’t recommend putting jellyfin on the Internet. It’s not designed for it. There are some API endpoints you can access without authentication, not to mention potential authentication bypass vulnerabilities.

5 minutes is also probably too frequent. Leases are usually significantly longer. You might hit a rate limit and get blocked.

Then yes. The VPS provider will get it instead.