Would it even crash a computer? They would fill up their hard drive but that would just yield warnings to the user in most operating systems. Chances are they would kill it manually because it would take a long time
> It was able to one-shot deploying a digital ocean droplet and configure wireguard?
Yes, that part was pretty easy - but the whole thing wasn't one shot. The parts I struggled with were:
- getting automated SSH installed on the $130 router, once you have that the LLM can drive things
- during security hardening, I got fully locked out and had to recreate a new VM. But it was able to automatically recreate everything in a few minutes.
Thanks for sharing. Just looking over this it seems to spend some time creating ufw rules and then deletes them all and disables ufw. Is that accurate or is this just the output and you had to copy and paste in?
I am assuming all the missing steps is just the information you censored.
Harsh, but a good point on egress cost that I overlooked, I'm adding a section on this - if you use Oracle cloud it looks like you get 10TB included at no additional cost where DO would be around $84 at the same bandwidth levels
I've experimented with using LLM to setup and/or maintain some servers for me for various different use cases (this being one). What I like is an agentic LLM can either document it's initial build process or "explore" your server to better understand how it works, what configuration files are used, software versions installed, etc. When you have that documentation/context provided to a frontier LLM it can take care of most maintenance work you'd like do by hand for "simple" servers. A good prompt to get an llm to explore an existing server to make sure it fully understands it is to ask it to make a working backup.
I’ve done the same, and in the process learned some things. Which is amazing! But it’s easy and tempting to do minimal learning and accept the working shell script or whatever. The better the AI gets, the more tempting that is.
Maybe I didn't make it clear from the post, the llm (cursor+claude 4.5 sonet) was actually driving the whole process from provisioning a server, installing wireguard, setting up certificates, configuring network, installing packages, and updating security - with some testing at each step. I never ran any commands manually, I just told it what to do.
Your AI slop said you have fiber, so maybe you should try to actually read it instead of having us catch your lies.
> 1. Downgraded Xfinity from $90/mo to a basic $50/mo plan (still usable speeds, just lower tier)
> 2. Added AT&T Fiber as a second line at $55/mo (different infrastructure = different failure modes)
> 3. Bonded both connections using WireGuard VPN and OpenWRT routing
Edit:
Another lie detected: ATT isn't accepting new customers on DSL, and is in fact yanking service for existing customers in many areas. So there's zero chance that OP signed up for ATT copper internet within the last year or so.
Bonding two ISPs was previously too complex for most home use until agentic AI. Claude can automate the entire WireGuard/OpenWRT/VPN setup, testing, and security hardening via SSH as an afternoon project. Total cost: $305 over 3 years vs $1,241 for commercial solutions. Downgrade your current ISP and add a second cheap one to get faster more reliable internet at home.
yeaaaaaah ..
something the llm didn't explain is how asymmetric bandwidth or latency between the connections will degrade performance... or how many services like streaming, banking, gaming will restrict, block, or otherwise treat the connection differently because the traffic now exits via a datacenter or VPN IP/ASN..
> or how many services like streaming, banking, gaming will restrict, block, or otherwise treat the connection differently because the traffic now exits via a datacenter or VPN IP/ASN.
I did run into this and claude implemented a work-around (see step 8) to route some traffic through the normal exit IP for those special use cases. So far I've only run into this problem with 3 services (Ring, Blink, and Paychex). Surprisingly none of the streaming services seem to care (Netflix, Amazon, Apple TV).
That's a very good point. I included a "Cost Comparison by Bandwidth Usage" section that shows the cost for Digital Ocean compared to a commercial bonded solution. At 10TB the monthly DO cost goes up to $84/month which is significant, but if you compare that with a commercial solution that gives you a bonded connection (Speedify) they would charge $120/m for 10TB.
If you used Oracle cloud, I think 10TB is still in their free tier so you'd be looking at ~$15/month.
I'm sorry to be harsh, but honest question - What's the purpose of using AI to create toy software that already exists (eg. YouTube downloader)? Normally the purpose would be to learn how to create that type of software, but that's presumably being skipped.
Similarly... what's the point of blogging if you're not writing it yourself? This post is very long, but seems to basically just be riffing on the title over and over, at least by the 3rd graph. If you're not explaining anything and readers aren't receiving anything - what's it for?
I really am asking with curiosity even though it's probably clear I have an opinion on this endeavor. There must be a reason you've paid money to do all this!
For me, it is about learning about what AI can and can’t do, how to progressively prompt, how to avoid problem, etc. once you understand that you can build more things quickly. I gained a pretty good understanding of what it can/cant do, how many prompt it will take to get there, and which model(s) are capable.
But then we've come back to the central point. The purpose of blogging is to organize your own thoughts, essentially. Why not write about what you've learned?
> the purpose of blogging is to organize your own thoughts
I don't get this comment. People can create content for any number of reasons and those reason will vary widely by the author. I like to use it to share something interesting to me that is too long for a Linkedin post.
Well actually you're right that blogs can have different purposes, however I think we're talking about basically the same purpose here, in "sharing something interesting to me", and what I meant is that I wasn't seeing how AI writing is actually doing that. But I'll leave you be, I'm not here to harass you and I think I've gotten the answers I was looking for.
The content ChatGPT returns is non-deterministic (you will get different responses on the same day for the same email), and these models change over time. Even if you're an expert in your field and you can assess that the chatbot returned correct information for one entry, that's not guaranteed to be repeated.
You're staking personal reputation in the output of something you can expect to be wrong. When someone gets a suspicious email, they follow your advice, and ChatGPT incorrectly assures them that it's fine, then the scammed person would be correct in thinking you're a person with bad advice.
And if you don't believe my arguments, maybe just ask ChatGPT to generate a persuasive argument against using ChatGPT to identify scam emails.
It's a good point and I should make a distinction on what models are appropriate. I think of chatGPT 4 like a college student and chatGPT 5.1 5 Pro (deep thinking model) more like a seasoned professional. I wouldn't trust non-frontier, non-thinking models with a result for this kind of question. But the determinism of the result does not scare me, the out output may vary but not directionally. The same thing would happen if you asked the foremost security expert in the world, you'd get slightly different answers on different days. One time as a I test I ran a very complex legal analysis through chat GPT pro 10 times to see how the results would vary and it was pretty consistent with ~10% variation in numbers it suggested.
My first thought was someone they tied a blockchain transaction to my name and then traced it backwards. But they also knew my ETH and BTC balances, and date the account was opened. You might be able to figure out the open date by looking at the blockchain but I could never determine how they would know balances for two unrelated cryptos without some kind of coinbase compromise.
true, I can’t rule those out entirely. I access via iPhone to limit attack surface area, the info was never printed, present in emails, or disclosed to 3rd parties
Plus, even though YOU obviously know better than to post a screenshot of your Coinbase balances on social media, (tens of?) thousands of their customers do not.
With the analysis you provided of the email, your report definitely deserved to be taken seriously, but Coinbase could easily get dozens of emails reporting "compromise" of the personal details you provided that were obtained by good ol' fashioned OSINT and poor personal privacy practices.
