Let's do this, then.
We launch the BitFlip Show, talk homelabs and Linux journeys, debate Proxmox setups, discuss the MacBook Neo, and unpack a major AI vibe coding controversy.
What we cover
- MacBook Neo
- /r/selfhosted new Friday rule
- Huntarr fiasco
- The right way to run Proxmox, LXCs, and docker does not exist
- Vibeslop and AI existential crisis
Welcome to the first episode of the BitFlip Show, a new podcast about self-hosting, Linux, homelabs, and open source technology. Host Alex (formerly of the Self-Hosted podcast and now at Tailscale) is joined by Adam Morales from Lime Technology (Unraid), Stephen (an MSP operator running real-world infrastructure), and Geoff, a lawyer-by-day and passionate Linux homelabber. In this episode, the panel introduces the show, shares how they each got into computing, and dives into Geoff’s journey from building an HTPC NAS to running a fully Linux-powered homelab with Proxmox, Docker, and automation.
The conversation also explores some of the most interesting debates in the self-hosting community right now: running Docker on Proxmox, homelab best practices vs pragmatism, the new MacBook Neo announcement, and the rise of AI “vibe coding.” The hosts break down the recent Huntarr controversy in the self-hosted ecosystem and discuss the risks of AI-generated code, open-source responsibility, and what the future might look like for developers and homelab enthusiasts.
If you’re interested in homelabs, Docker, Proxmox, self-hosting apps, Linux infrastructure, and the future of open source, this show is for you. Subscribe for new episodes every two weeks as the BitFlip team explores the tools, debates, and ideas shaping the modern self-hosting community.
Topics: self-hosting, Linux, homelab, Proxmox, Docker, open source, Unraid, Home Assistant, AI coding, vibe coding, Huntarr controversy, MacBook Neo.
Links
- https://www.reddit.com/r/selfhosted/comments/1rckopd/huntarr_your_passwords_and_your_entire_arr_stacks/
- https://www.apple.com/macbook-neo/
Transcript
Alex: Well, welcome into the very first episode of the BitFlip Show podcast. 00:00
Alex: We are here to talk about self-hosting and Linux and Homelab and open source and anything else these three fine gentlemen decide to throw my way throughout the course of the episode. 00:05
Alex: Welcome to Jeff, Adam and Stephen. 00:17
Alex: And throughout tonight’s episode, we’re going to talk to Jeff a little bit about how he got into computing and tech in general. 00:20
Alex: And then over the next few weeks, we’ll introduce Steven and Adam in a bit more detail. 00:27
Alex: But I figure it might be a good idea just to give you a quick idea of who you’re looking at. 00:31
Alex: So hello, I’m Alex. 00:36
Alex: You might know me from the self-hosted podcast that I used to do with Chris over at Jupiter Broadcasting. 00:37
Alex: I also work for Tailscale. 00:42
Alex: And I’ve been doing content stuff for a couple of years now. 00:44
Alex: And alongside me is Adam. 00:48
Alex: Hey, Adam, how you doing? 00:49
Adam: Doing very well. 00:51
Adam: My name’s Adam Morales and I work for Lime Technology and we provide Unraid to the world. 00:52
Adam: I’ve been doing this for a very long time and I think I met Alex. 01:02
Alex: Southeast Linux Fest in Charlotte, I reckon it was. 01:05
Adam: Yeah, and we kicked off this little conversation about Unraid and Tailscale and here we are today. 01:08
Alex: Here we are today. 01:16
Alex: Joining us from the frozen tundra in the north of, well, it’s not even the north of Canada, 01:18
Alex: but it’s still flipping cold. 01:23
Alex: Stephen. 01:25
Stephen: Certainly not the north of Canada. 01:26
Stephen: I would have, I don’t know, a far higher electrical bill for my heating. 01:28
Stephen: I have a small little data center that I host a couple of things for some podcasty people. 01:33
Alex: Yes, you do. 01:38
Alex: Now, what’s interesting about Stephen in particular, and we’ll get more into his backstory over 01:39
Alex: the next few weeks, is that you run an MSP. 01:42
Alex: And so I thought it’d be really interesting for folks to hear about how being a small business owner and looking after, well, people’s data, like for real. 01:46
Alex: When you get an ice storm and it knocks the power out for a month, you know, all those kinds of stories, which we’ll get into later. 01:57
Alex: But tonight’s star guest is Jeff, who’s up in Pennsylvania. 02:03
Alex: And I would love to go over a little bit, Jeff, your background and how you got into computers. 02:09
Alex: Sure. 02:15
Geoff: So we’ll start off with the fun thing of I don’t actually work in IT for a living. 02:16
Geoff: I’m a lawyer by day. 02:21
Geoff: So I kind of don’t have the fun background a lot of you guys might have on stuff like this. 02:24
Geoff: So I got into computing. 02:29
Geoff: You know, my family always had computers. 02:31
Geoff: I always loved tinkering with them. 02:32
Geoff: But I really didn’t start getting into like building my I didn’t build my first desktop until I was in law school. 02:34
Geoff: So I had a friend who was very into computers. 02:41
Geoff: He liked retro gaming. 02:44
Geoff: He had a whole arcade set up in his apartment at law school. 02:46
Geoff: And he kind of convinced me to build my first computer. 02:50
Geoff: And so I kind of decided it would be like an HTPC NAS thing that I would hook up to my computer, my CV. 02:53
Geoff: And, you know, I had I ran Windows. 03:00
Geoff: And so it had Windows Media Center and I had a cable card and did all the fun shenanigans with that kind of stuff. 03:02
Alex: And now you’re the diehard Linux user of the group, right? 03:11
Geoff: Yes, yes. 03:14
Geoff: everything here is fully i was just saying in the pre-show you know uh i only have one linux only 03:14
Geoff: one windows box in this house and that’s my wife’s uh we were giving jeff a hard time because of the 03:19
Alex: three of us the only one having audio issue or four of us i can’t count the of the four of us 03:25
Geoff: the only one having audio issues was bless his heart the linux user yeah well i this is a relatively 03:30
Geoff: new bazite setup so i haven’t gotten a chance to fully tweak everything yet i started playing around 03:37
Geoff: like in a VM on my gaming PC. 03:42
Geoff: But of course, you know, every time I shut that down, 03:46
Geoff: Home Assistant would go down. 03:48
Geoff: So that wasn’t exactly ideal. 03:49
Geoff: So when we moved, I bought my first Raspberry Pi. 03:52
Geoff: I think it was a 3B. 03:54
Geoff: Ran Raspbian on that thing. 03:58
Geoff: For those of you who can remember Raspbian 04:00
Geoff: and not, you know, the days of the fun, 04:01
Geoff: you know, Home Assistant OS and all of that. 04:03
Geoff: I had, that was my Home Assistant box 04:06
Geoff: for a good long while. 04:09
Geoff: And then I think right before COVID, I decided to upgrade my gaming PC. 04:11
Geoff: And I’m like, well, what am I going to do with this old gaming PC? 04:17
Geoff: It’s perfectly fine. 04:19
Geoff: It was like an i5-4690K. 04:20
Geoff: So, you know, it had QuickSync, which, you know, was fun for Jellyfin. 04:23
Geoff: I think I was doing MB at the time. 04:26
Geoff: And so I ran, I, you know, moved that to the server. 04:30
Geoff: And so I was like, oh, well, I should learn Ubuntu for a server. 04:34
Geoff: And I should learn Docker. 04:37
Geoff: And I should learn all these things. 04:39
Geoff: And then Alex, you know, over there came out with the Home Assistant, you know, podcast and he was like Proxmox. 04:41
Geoff: And I was like, oh, that sounds interesting. 04:46
Geoff: And then he’s like Ansible. 04:49
Geoff: Well, that sounds really interesting. 04:50
Geoff: So I spent a lot of my COVID time learning Ansible and learning Proxmox and learning how to set up my infrastructure and, you know, as code and have reproducibility of everything. 04:54
Geoff: and honestly I haven’t looked back 05:09
Geoff: I mean I’ve tried Nix 05:12
Geoff: I’ve dabbled in the idea 05:14
Geoff: but just Proxmox just works 05:16
Geoff: I mean it does what I need 05:18
Geoff: and you know it’s like I have a bunch of 05:20
Geoff: on my Proxmox box I have a bunch of LXCs 05:22
Geoff: that you know I know this might be anathema 05:24
Geoff: for some people out there 05:27
Geoff: but I do Docker in LXC 05:28
Geoff: I know the Proxmox devs say not to do it 05:31
Geoff: if I was running a business 05:35
Geoff: like you know steven down there and you know i wanted to make sure i was absolutely secure 05:37
Geoff: i completely understand docker in pro you know docker in an lxc is not ideal the internet’s 05:43
Geoff: gonna hate you for that oh i know the internet’s gonna hate i’m fully prepared for hate mail 05:49
Alex: there is no i think i’ve determined there is no actual correct way to run an lxc container and 05:53
Alex: docker in the proxmox universe without somebody being upset with you no well that’s also applicable 05:59
Adam: to anything in technology. 06:06
Adam: There’s no correct way. 06:09
Geoff: Here’s what’s going to give me more people pissed off. 06:10
Geoff: I run Docker on Proxmox on the host. 06:13
Alex: Yeah, me too. 06:15
Alex: What rebels we are. 06:16
Geoff: But I mean, again, from my perspective, 06:18
Geoff: the main thing, I don’t run much on there, 06:22
Geoff: but I run scrutiny. 06:24
Geoff: I really don’t want to have to pass all the hard disks 06:26
Geoff: through to a VM to run scrutiny just to have reporting. 06:28
Geoff: Why can’t I just have Docker and run scrutiny 06:33
Alex: and call it a day right for me it was hardware pass through for plex transcoding with the igpu 06:36
Alex: oh yeah like trying to pass that through to a virtual machine is it’s just no bueno and so 06:41
Alex: then you think right well i’ve got plex on the host why don’t i just run everything else on the 06:47
Alex: i’d be way easier so yeah and before you know it anyway steven you looked annoyed with us you were 06:51
Adam: one of the people that like no supervisors should be pure no no okay so here’s the thing like if 06:57
Stephen: it’s for your house and you’re learning and it’s not running some mission critical thing 07:02
Stephen: then explore and figure something out just understand the consequences of your actions i 07:08
Stephen: mean if some major os upgrade comes along for proxmox and you’re like gonna jump on that day one 07:12
Stephen: and then all of a sudden it doesn’t work just understand that you’ve done things to your 07:20
Geoff: hypervisor that okay so i see i see i see alex going and i’m gonna have the same thing he has 07:23
Alex: I will accept your critique with a massive caveat of AppArmor is crap. 07:28
Alex: It’s just it’s not really fit for purpose. 07:38
Alex: I don’t disagree. 07:41
Alex: I didn’t mention it. 07:42
Alex: I’m just saying. 07:43
Alex: You mentioned it by proxy, though, by saying if you’re going to run things on the host and be upset when things break. 07:45
Alex: Because I did a whole thing on this. 07:51
Alex: I think it was on the Tailscale channel. 07:54
Alex: I kind of forget, where LXCs kept breaking because of incorrect labels 07:55
Alex: and tags or something being applied with AppArmor on Proxmox 9. 08:01
Alex: So in a perfect world, Proxmox would not be on Debian, 08:07
Alex: and Proxmox would use SE Linux if they’re going to implement anything at all 08:11
Alex: for enterprise security, and everything would just kind of work. 08:15
Alex: But this is my approach to technology in general, 08:19
Alex: is pragmatism and simplicity of administration overrules a lot of other things, 08:23
Alex: particularly in a home lab scenario, and especially doubly particularly, 08:30
Alex: now that I have nothing on the public internet thanks to my employer. 08:35
Alex: So for me, it’s just a question of like, I’m doing this all day, every day at work. 08:38
Alex: The days of coming home and being excited to sit in front of a computer for nine hours troubleshooting in the evening, 08:45
Alex: they’re behind me. 08:51
Alex: So these are the kinds of discussions 08:53
Alex: we’re going to have on this show. 08:54
Alex: We’re talking about HomeLab, 08:55
Alex: we’re talking about Linux, Docker, 08:56
Alex: and all the various different opinions 08:58
Alex: and the right way, the wrong way to hold things 09:00
Alex: and all that kind of stuff. 09:03
Alex: Speaking of Apple, 09:05
Alex: today as we record on March 4th, 09:07
Alex: they’ve just released the new MacBook Neo. 09:09
Alex: This is a new 13-inch little tiny laptop, 09:12
Alex: which I think is probably a square shot 09:16
Alex: across the bowels of the chromebooks this thing is 599 has a couple of usb c ports although the usb 09:20
Adam: 2.0 usb c ports i can’t believe yeah like oh i missed that wow okay everything else about this 09:29
Alex: laptop i i couldn’t care like eight gigs of ram fine 256 gigs of storage fine no touch id whatever 09:37
Stephen: usb 2 there’s an option though you can get the more expensive one and you can pay 100 and get 09:45
Stephen: more storage and touch id yes i know that makes big sense because if someone like yourself might 09:51
Stephen: spend more than 100 to make a little custom button for touch so maybe don’t throw shade 09:58
Stephen: at apple for that one yeah okay so like what he’s referring to is this keyboard here has the little 10:05
Alex: touch id button in the corner i bought i used one of these off of ebay and literally ripped it apart 10:10
Alex: 3d printed a little housing and now i log into my mac with my mechanical keyboard behind me with a 10:15
Alex: dedicated button not talking about that though we’re talking about the macbook neo how much would 10:20
Alex: you say that cost you to build how much does it cost apple apple to build a touch id button 10:24
Alex: not a hundred dollars i will tell you that much i mean how much does it cost them to put more ram 10:33
Geoff: in these things you know they thought is it they charged like 500 for an extra 100 you know we all 10:37
Geoff: know ram you just download more ram i saw the advert years ago isn’t ram more valuable than gold these 10:42
Adam: days any though like i think apple’s what i’ve heard is they’re doing us a solid on the ram prices 10:50
Alex: actually one would imagine a company like apple has at least purchased a few years worth of fab 10:55
Alex: pricing and locked it in ahead of time it will be interesting to see by the time we get to 11:02
Alex: the autumn updates of computers from Apple and other manufacturers, 11:07
Alex: just how the RAM-pocalypse is going to affect things. 11:13
Alex: And I’m sure this will be a recurring theme throughout the show of just how, 11:16
Alex: how bad of a time it is right now to buy any computer components, seemingly. 11:22
Geoff: I mean, I, look, I want to buy my, you know, gaming PC before COVID. 11:29
Geoff: Like I bought, you know, a 1660 Super and everyone’s like, 11:33
Geoff: oh what are you doing and i was like i’m just buying a gpu and it was a good decision then 11:36
Geoff: and i literally upgraded this pc october like 7th and like you know about a week later i looked at 11:42
Geoff: micro center and the costs were starting to go up and now that the ram in this thing would be about 11:50
Alex: 500 i think now yeah it’s no joke it’s nuts no joke now this little macbook neo actually looks 11:54
Alex: like a really great little package it’s got a little 1080p webcam in it so you can do all of 12:01
Alex: learning stuff just fine. Apple say it’s got a 16 hour battery life. It’s pretty good. 12:06
Stephen: That’s not bad. It steps back from being an M1 with M1 performance. So there’s that. 12:13
Geoff: I mean, let’s be honest. If a Chromebook can do, I mean, all you really need a Chromebook for is 12:20
Geoff: what, you know, if that’s the comparison, you need it for web browsing. I mean, you need to be 12:26
Geoff: open up some tabs, go to, you know, Google docs or whatever, you know, web browser you have 12:30
Geoff: application for your word processing and you know some chat out you don’t need you know you don’t 12:35
Geoff: need much these days i mean you can run i mean people were running you know full desktops on a 12:42
Alex: raspberry pi this is the perfect laptop to throw down the side of the couch and just have something 12:47
Adam: on your lap whilst you’re watching tv huh exactly my point that that that would be where this would 12:52
Adam: live in my life is just something where i’m not worried about hurting it it’s inexpensive it’s 12:59
Adam: It’s not nothing, but it’s inexpensive enough that I’m not going to baby it. 13:04
Adam: And the battery life on that thing, especially Macs, because when you put them into sleep mode, they last forever. 13:09
Adam: And just have it there, have it accessible, pop it out when you need it. 13:17
Adam: Bob’s your uncle. 13:21
Adam: And I think the other really interesting thing about this one is that for the first time in a very long time, people who are going to college, etc., 13:22
Adam: this is going to be a really interesting option that they’re going to be looking at at that price 13:33
Adam: point uh so accessible so it is kind of crazy perspective it is kind of crazy that this is in 13:39
Alex: a similar price realm as an ipad particularly when you buy an ipad and a keyboard and certainly when 13:46
Alex: you’re sat in a lecture theater or something like you want something on your lap or on the table that 13:53
Alex: you can type on and try and keep up with what you’re hearing um that that for me is like just 13:56
Alex: absolute slam dunk i mean the chromebooks are still quite a bit cheaper than this maybe 14:02
Geoff: 200 or dollars or less no i mean the the super cheap ones maybe but i mean like the 14:07
Geoff: the ones you really want like i bought one 10 years ago and it’s about 400 so i’d say 14:14
Geoff: that four or five hundred dollars is probably the price range for a yes they do have the super cheap 14:19
Geoff: they have the super the stupid cheap macbook you know the stupid cheap ones but i mean 14:26
Geoff: he’s talking about the kindergarten version going back to what i said earlier yes it can probably do 14:29
Geoff: things but you’re really not going to be happy with it i just went to tour my daughter’s new 14:35
Alex: school this morning she’s five and she’s starting a new school in in june july and they wheeled out 14:38
Alex: the cart full of chromebooks and very proudly showed them off and i’m like they look crap 14:44
Stephen: but the school was proud of them so you know so i think we’ve made an error here one port is 14:51
Stephen: actually usb 3 up to 10 gig is it okay my standard one is two um i was gonna say that this is the 14:57
Stephen: first time i’ll be able to step back to a 13 inch um like true 13 inch for a travel computer um the 15:06
Stephen: last time i had a mac that size was the black plasticky looking one oh it was just it was just 15:15
Alex: a macbook right it was intel i have i have such so i used to work at the genius bar and i used to 15:21
Alex: be able these plastic macbooks they used to come in the plastic bezel around the top case they 15:28
Alex: called it so you know you’ve got your laptop keyboard like this and then you’ve got the 15:34
Alex: trackpad just here right this area all around the bottom was called the top case where the keyboard 15:38
Alex: was and you couldn’t replace just the plastic shell you had to replace the keyboard and the 15:43
Alex: trackpad as a single unit and i used to be like i used to set myself challenges because we had like 15:47
Alex: three or four every shift come in of these things like can i do it in a 10 minute genius bar 15:53
Alex: appointment and i never quite managed it but i got pretty close on a few occasions like 15:58
Alex: ripping out all the 20 screws that are in there those plastic macbooks were in their day 16:03
Stephen: pretty good apart from the fact they were made of cheese the uh the black one was a matte 16:09
Stephen: finish not like any sort of sheen on it whatsoever so any sort of oils on your hand pretty much left 16:17
Alex: a permanent mark and it had a white apple logo whereas the yes it was it was really nice laptop 16:23
Stephen: actually yeah no i really liked it and so i haven’t had you know a small travel laptop since then it’s 16:29
Stephen: always been the 14 inch whatever macbook pro so i’ve been thinking about since this came out 16:36
Stephen: magically today uh grabbing one of these as just the the machine that i take out to my customers 16:43
Stephen: right because right now i’m carrying around a fairly expensive macbook pro um and if i were 16:48
Stephen: to set that on the side of a desk or something and someone knocked it over i’m out significant 16:54
Stephen: amounts of money right so this thing while it’s not free it’s not peanuts it’s you know but 16:58
Stephen: significantly less than my macbook off the price yeah yeah absolutely we have patient zero 17:05
Geoff: yeah that sounds great yeah get one get get one and get us a review indeed yeah well that’s the 17:11
Alex: macbook neo pretty interesting looking little device what else have we got in the show doc today 17:18
Alex: ah yes let’s talk a little bit about vibe slop vibe coding r slash self-hosted over the last 17:22
Alex: couple of weeks has released a new set of rules which i actually really like um you are only 17:30
Alex: allowed to post your app that you have vibe coded on a friday every other day you have to at least 17:37
Geoff: pretend you didn’t vibe code it you know i again i like our self-hosted and i’ve used you know but 17:45
Geoff: it was definitely getting to the point where 90 of what i was seeing coming out of the self-hosted 17:51
Geoff: subreddit was vibe coding stuff um so i think it’s been much a much cleaner subreddit since they have 17:56
Adam: done this. I think it’s a, it’s a wonderful role if you can actually, if people adhere to it and 18:03
Adam: they can’t get past it in some way, then I think it makes perfect sense. But I think this is just 18:09
Adam: kind of an example of where things are going to go. It’s like not a problem that’s going to go away. 18:14
Adam: This is just something we will learn to cope with. And you know, the, there’s pros and cons, 18:22
Adam: obviously like huge pro it’s democratizing this technology and allowing people to create you know 18:29
Adam: create their ideas in code um that never would have had that opportunity before so that’s a huge pro 18:38
Adam: the con is that they don’t know what they’re doing and i think a lot of them do know what they’re 18:46
Adam: doing and they just don’t care and so you know we’ll come up with systems like this we’ll come 18:50
Adam: up with rules, the systems will get better over time. And I imagine our robots will fight their 18:56
Adam: robots and eventually we’ll get it sorted. So, but I think this is a good starting point, 19:04
Stephen: long story short. I think it’s a weird space right now, right? Everything changes almost daily. 19:10
Stephen: And to the point where I’ve actually seen classes to teach people how to vibe code, 19:16
Stephen: Instead of learning code, how to talk to an AI to get the thing you want. 19:22
Stephen: And so that’s all fine and dandy, but I really feel like you need fundamental understanding of what you’re doing instead of just using general terms, right? 19:28
Stephen: You could be one sentence away from leave this completely open to everyone and allow passwords to be freely available, you know, if someone queries it. 19:40
Stephen: Or make this very secure and then please make it human readable in the code so it can be modified later. 19:50
Stephen: But if you have no idea what you’re actually doing in the back end, you don’t know to think about the little gotchas. 19:56
Stephen: And so maybe one day, and maybe one day soon, AI will start to think about this stuff more in the background automatically. 20:03
Stephen: Because we do have code specific ones, right? 20:12
Stephen: But right now, I don’t know. 20:16
Stephen: It shouldn’t be code that goes out to the mainstream that people start to rely on. 20:19
Stephen: Just my theory. 20:24
Alex: They are improving at quite a clip. 20:25
Alex: But you hear a lot of people. 20:28
Alex: I think AI stuff is like there’s very little room for nuance in the discussion. 20:33
Alex: And for me, there’s a huge amount of nuance. 20:38
Alex: So that’s what I want to talk about. 20:42
Alex: So what I worry about with vibe coding in general, I think, by the way, the self-hosted rule is great. 20:44
Alex: I was getting a bit tired of seeing the same old, like, I built this amazing new thing that solves my very specific problem. 20:52
Alex: And I really like the fact that people are able to solve their own problems, are empowered to solve their own problems. 20:59
Alex: But what I worry about are the long-term consequences. 21:05
Alex: you know where are the junior programmers going to have the time and space to learn 21:08
Alex: and make mistakes and cut their teeth because i know when i was at university learning how to write 21:15
Alex: java like i was writing an android app i’m banging my head against i remember it clear as day sat in 21:21
Alex: the college library okay why just why why won’t you compile like and that pain that pain of like 21:27
Alex: learning and understanding and really truly internalizing the problem space that you’re in 21:36
Alex: and understanding inheritance and all of these things i i know those things now because i i 21:41
Alex: i always say this but like education isn’t free it could cost you money or it could cost you a lot 21:48
Alex: of time and in my case in that year it cost me both but from my perspective like i just really 21:53
Alex: worry for the the ramifications in five or ten years time because i know for a fact i would 22:00
Alex: have just pushed the easy button if chat gpt or claude was available when i was at university 22:05
Alex: i would not have suffered through that afternoon in the library going just compile i only changed 22:11
Alex: one character what’s going on um i would have just reached out to my nearest ai tool that’s what i 22:17
Alex: worry about and you see you’re really starting to see the ramifications of it like with this 22:24
Alex: hunter fiasco that that happened over the last few weeks who wants to dig into this because it was 22:29
Alex: pretty bad, this one. 22:34
Alex: I think I remember seeing that post, 22:36
Geoff: the post that kind of called out the dev 22:38
Geoff: posted on self-hosted, and 22:40
Geoff: basically, when I was reading through it, 22:42
Geoff: I mean, it’s what exposed all the 22:43
Geoff: passwords of all your radar, sonar, 22:46
Geoff: any of your R’s was basically 22:48
Geoff: exposed, and I think 22:50
Geoff: the most, I’m going to say damning 22:52
Geoff: part of it was, you know, the dev 22:54
Geoff: instead of responding, hey, let’s go 22:56
Geoff: patch these vulnerabilities, 22:58
Geoff: I think, didn’t he ban the guy 23:00
Geoff: who you know brought brought them up the first time worse than that so hunter was a self-hosted 23:02
Alex: tool that sat on top of the the r ecosystem we’re all familiar with soda radar lidar things that we 23:08
Alex: don’t talk about in public but we all know what they do if you know what i mean um hunter’s purpose 23:15
Alex: was to automatically search through your library and look for missing media or versions of media in 23:21
Alex: your library that could be upgraded very useful tool honestly but because it had to integrate with 23:28
Alex: the r stack you had to give it the keys in order to talk to those applications so basically the 23:35
Alex: username and password to log in and say hey what do you got mate show me what you got now what 23:42
Alex: happened with the huntar controversy was that a user posted a security review i’ll use air quotes 23:47
Alex: for that um of hunt our version 9.4.2 in r slash self-hosted the claim in that original post was a 23:55
Alex: settings endpoint could be queried without authentication that endpoint would return 24:04
Alex: full configuration data including api keys and credentials for any connected application 24:10
Alex: it’s a pretty pretty bad leak like give me your username and password without any authentication 24:16
Alex: it’s pretty bad in other words anyone on the network could dump secrets this became particularly 24:21
Alex: bad if huntar for some stupid reason was on the public internet so you could request access to 24:27
Alex: anything that huntar could see the username password the api keys if it was on public 24:35
Alex: internet so shortly after that these posts were removed and people got banned from various 24:39
Alex: different places because the maintainer deleted posts from the github repo and issues and removed 24:45
Alex: any comments that were critical which is a red flag for me it’s not exactly mature behavior that 24:52
Alex: you want from a developer of an application you’re trusting with your stuff right regardless of 24:58
Alex: whether this is a piracy application or not it’s just not it’s just suspicious behavior right yeah 25:03
Alex: agreed so then the community dug a little deeper because a couple of other people’s spidey senses 25:09
Alex: were going off and they’re like right well this guy’s not kosher is he let’s have a look so someone 25:14
Alex: did a proper security review and found 20 more vulnerabilities in this vibe coded huntar 25:19
Alex: application including authentication failures and other exposed settings as well as you can imagine 25:24
Alex: the story spread pretty quickly across r slash self-hosted huntar r slash subreddit drama even 25:31
Alex: made it onto the lemmy fediverse as well then this is where it gets really kind of crappy is the 25:37
Alex: maintainer decided i’m out and just straight up deleted the project from the internet well i think 25:47
Geoff: he also like he tried to like change the repo name a couple of times and do some other weird behavior 25:54
Geoff: that i’m really not quite sure why he would i mean the deleting thing i can kind of understand if he 26:00
Geoff: wants to delete it from the internet the changing the repo bit was just strange yeah well the 26:06
Alex: maintainer deleted their entire presence from the internet as far as i can tell 26:12
Alex: they deleted their reddit account they deleted github they made r slash huntar private 26:15
Alex: i mean talk about an emotional reaction the thing that this actually raises for me is 26:20
Adam: i think the most interesting aspect is how is this going to affect the staying power of 26:27
Adam: applications going forward as more and more people. I mean, there’s lots of different angles to this, 26:34
Adam: but the angle that catches me is if you’re using, you know, vibe coding type of tooling, 26:39
Adam: how much conviction and passion do you actually have in your project? And so I was just thinking 26:45
Adam: like, okay, a little bit of pushback. And how many times will we see this repeated where, 26:52
Adam: oh, we’ll just, yeah. All right. Who cares? We’ll just blow it up and start over. I didn’t, 26:58
Alex: We’ve heard the phrase easy come, easy go forever. 27:03
Alex: And I think the same thing is true of Vibe Coded software. 27:08
Alex: Also, the quality is just not there, clearly. 27:12
Alex: These models just chuck out stuff that works. 27:17
Alex: And if it’s a single maintainer project and somebody who’s less experienced, 27:20
Alex: I think the risk we run as a community is gatekeeping people from even trying to solve other people’s problems, 27:25
Alex: which is the entire foundation of open source. 27:30
Alex: But at the same time, like you’re signing up. 27:33
Alex: There’s an unwritten and unspoken contract with open source software that you’re signing up. 27:36
Alex: It’s basically like you’re getting into a long-term relationship. 27:41
Alex: You’ve got to treat it with appropriate care and respect and honestly just common decency. 27:44
Stephen: What if really the guy just wanted to code something because he thought it would be helpful? 27:50
Stephen: He was really into the hobby and it just kind of spiraled out. 27:56
Stephen: It became popular. 28:01
Stephen: He never thought it would be. 28:02
Stephen: is he going to out himself and be like guys just so you know i didn’t make this and ai made it 28:04
Stephen: like do you do that i don’t know the fact that he just disappeared probably means that he didn’t 28:10
Stephen: really want any sort of staying around i mean i think he did claim he was security like he had 28:14
Geoff: a security plan and like he was in the security industry okay okay not not not saying that’s you 28:20
Geoff: at all true, but I mean, he was definitely 28:27
Geoff: trying to claim he was an expert. 28:31
Alex: Well then, I’m done. Sorry. 28:34
Alex: So what’s the verdict here? Is it AI bad? 28:36
Alex: Or is it, you know, we should never touch anything 28:40
Alex: vibe-coded? Or what? 28:43
Stephen: I think it’s AI good. 28:46
Stephen: Right? It’s a learning tool. It can be an amazing 28:49
Stephen: learning tool. Just think, because you mentioned Alex, 28:52
Stephen: you would say, hey, I can’t get this JavaScript thing to work. 28:55
Stephen: Why isn’t it compiling? 28:59
Stephen: If you had the self-restraint to not just say, hey, AI, fix it for me, 29:01
Stephen: and I don’t care what you do, just make it work, 29:05
Stephen: instead said, please look at this code 29:07
Stephen: and point out where I might have gone wrong and help me explain why, 29:10
Stephen: it could be a very useful tool, right? 29:15
Stephen: But just like any tool that starts to do things for you, 29:18
Stephen: Actually, cars, for example, with all their safety features, do it. 29:22
Stephen: Does everyone look behind them when they’re backing up anymore? 29:27
Stephen: No, they stare at the screen, right? 29:30
Stephen: But you really shouldn’t be doing it. 29:31
Stephen: But if you have the self-control to use the tool in such a way that can be helpful and not dangerous, then AI good. 29:33
Stephen: But if it just takes over for everything, AI bad. 29:42
Alex: What about the societal cost, though? 29:45
Alex: I know this is perhaps a slightly different debate from vibe slop. 29:48
Alex: but uh you know the fact that they’re building data centers out the wazoo the fact that we 29:52
Alex: none of us can afford personal computing hardware anymore because of uh various different data center 29:57
Alex: builds out like it we are removing the ability for the average person to afford a personal computer 30:03
Alex: and we’re centralizing all of that control it’s a very dangerous we’re seeing the impacts of it 30:11
Alex: literally right now it’s a very dangerous path i think i think it’s very dangerous but it’s 30:19
Adam: inevitable that’s what i keep coming back to with all this we talk about best practices and how 30:26
Adam: this could be a great tool if it’s just auditing my work and such i think you just got to let go 30:31
Adam: of that it’s not going to be that’s not how this is going to go the it’s moving too fast it’s going 30:36
Adam: going to get too good and humans are lazy one and um you know we’re we also want to use tools 30:42
Adam: effectively so everybody’s going to try to one-up everybody else um i think it’s just a matter of 30:52
Adam: time i actually feel like this conversation isn’t even gonna be really an issue for that much longer 30:58
Adam: if you look at the velocity of how how quickly it’s improving uh this whole concept of ai slop i 31:04
Adam: think within a year it’s just going to be this is how things are done and it’s high quality and 31:11
Adam: we don’t even talk about this anymore honestly that’s where i think it’s going to go if you have 31:18
Alex: enough of a pool of senior people that know how to guide these things i agree with you in fact you 31:23
Alex: look at anthropics job postings right now all of their engineering postings are for staff senior 31:30
Alex: staff staff level like they’re not interested in juniors they don’t care they’re not it’s just 31:36
Alex: just need the best of the best to make sure that they’re creating things that are actually going to 31:41
Alex: be able to like if you’re like i said earlier like if you’re if you’re a junior or coming out of 31:45
Alex: college right now i feel so because you just don’t have that experience it’s um it’s going to be an 31:50
Adam: interesting few years for sure i was going to say that i mean we still need people to to stack bricks 31:57
Adam: somebody was mentioning the junior devs earlier and i’m like oh yeah that’s just going to not be a 32:03
Adam: thing for much longer. And the concept of teaching vibe coding, while I think we’re just misrepresenting 32:08
Adam: what that’s going to be, it’s just going to be a completely different learning process on how to 32:16
Adam: prompt and how to have them audit, you know, multiple different LLMs auditing each other 32:23
Adam: and whole workflows that are going to be in place, which a lot of that exists now, but it’s going to 32:31
Adam: get better. And that is what people will be learning how to do. And to your point, Alex, 32:34
Adam: like the senior devs being what people are after right now, completely correct, because they 32:39
Adam: understand those core concepts. They understand how to actually be effective now with the tools 32:44
Adam: that are in play. But the societal aspect is super scary to me. I don’t know if did any of you watch, 32:52
Adam: I know this is a side tangent, and I apologize. But did any of you watch the interview with the 32:59
Adam: CEO of Anthropic CBS I believe no oh okay if you want some nightmares go ahead and watch that and 33:03
Adam: you’ll see how the U.S. government is uh bullying Anthropic via tweets about um I think it had 33:12
Adam: something to do with uh marking them as a trade threat something like that something that’s it’s 33:19
Geoff: totally unprecedented it’s not a national security threat but it’s I know what you’re talking about 33:25
Geoff: But it’s the whole Pentagon that they want to be able to use it for all lawful purposes. 33:30
Geoff: And Anthropics says fine, but not for surveillance. 33:34
Geoff: And I think autonomous like drone decisions. 33:38
Adam: It’s domestic. 33:42
Adam: It’s domestic surveillance without oversight specifically and autonomous weapons, again, without oversight, which is like the most reasonable constraints I can I can think of. 33:43
Adam: And again, Anthropics not even saying never. They’re just saying it’s not reliable right now. We cannot in good conscience do this. Right. And the laws haven’t caught up with the technology. So they’re saying, hey, we got to work with Congress to put some controls on this. 33:56
Geoff: Well, let me let me tell let me tell you a thing about laws catching up with. They’re never going to catch up. 34:12
Alex: Adam, you got him started. 34:18
Alex: Oh, no. 34:20
Geoff: I will keep this short, but the 34:21
Geoff: point of the laws is we’re never 34:24
Geoff: going to keep up. The job is to 34:26
Geoff: make the laws flexible 34:28
Geoff: enough so that way they can accommodate 34:30
Geoff: things like AI. And I think 34:32
Geoff: we’ll get there because 34:34
Geoff: honestly, I don’t know if there are going to be laws 34:36
Geoff: because I just don’t know if we can all come 34:38
Geoff: to an agreement on what the laws should be. 34:40
Alex: Indeed. Right. 34:43
Alex: Well, I think it’s probably about time that we 34:44
Alex: wrapped up for this episode. We’re going to try 34:46
Alex: them in the sort of 30 to 40 ish minute range so that you know people on their commute and things 34:48
Alex: like that can catch a full episode you can find more of us at bitflip.show we’re still working out 34:52
Alex: some of the kinks as related to rss feeds and things like that you obviously can subscribe to 34:59
Alex: us on youtube which maybe is where you’re watching this right now or maybe you’re listening through 35:04
Alex: the rss feed at bitflip.show i don’t know but that’s where you can find the source of truth 35:08
Alex: on bitflip.show. We’re going to release every two weeks, at least that’s what we’re going to try and 35:13
Alex: do anyway. All of us, this is just a hobby for the four of us, maybe me less so, but I like to 35:18
Alex: try and pretend it’s a hobby at least. So there might be the odd week where one of us is traveling 35:26
Alex: and it might just be three of us, but for the most part, we should do this every couple of weeks, 35:31
Alex: looking at infrastructure and like I said, self-hosting, just the wider conversation about 35:36
Alex: technology in general you can find all of our different profiles over at bitflip.show for the 35:41
Alex: various different places you can find us on mastodon and all those all those kinds of fediverse type 35:48
Alex: places we want to try and embrace decentralized things with the exception of youtube clearly 35:53
Alex: as much as possible um to to spread the word you know um because that’s fundamentally i think that 35:59
Alex: the four of us are all here because of a love of self-hosting and digital sovereignty and 36:05
Alex: independence from large conglomerates, even though we all just defended AI a little bit. 36:11
Alex: You know, the irony of that is not lost on me, believe me. 36:16
Alex: But yeah, that will do us for episode one, I think. 36:20
Alex: And thank you very much for watching. 36:23
Alex: And we’ll see you in a couple of weeks. 36:25
Alex: Thanks. 36:27
Alex: Thank you. 36:28
Adam: Bye. 36:29