Is this, along with the comments by the other green usernames on this post, an AI-generated comment? Apologies if it isn't, AIs are trained on human writing and all that, but they're jumping out at me.
Edit: I see another green comment was flagged for AI, might be indicative of something, but why so many green comments on this thread specifically?
The BPI-R4 is great for use as a 10G WAN router if your ISP uses PPPoE since the network processing engine has hardware acceleration for it.
Unifi released the UCG-Fiber around a year ago that can also apparently finally handle it, but plenty of threads about slow performance with their UDMs since it's entirely done on the CPU [0].
I'm not the biggest fan of OpenWRT and would prefer something like OPNSense, but it's x86 only and good PPPoE performance isn't guaranteed either - need a CPU with good single core performance that costs more than the BPI-R4, or apparently virtualizing OPNSense allows it to process PPPoE with multiple threads.
I've found it to be the better choice for x86 hardware, because it performs so much better on older CPUs. FreeBSD has gotten better with driver support, but the Linux kernel in OWRT is just a better base to build off of.
not GP but I've found the install and upgrade experience for OpenWRT on larger machines is not great compared to the alternatives and normal Linux distros, everything is biased towards the use case of occasionally flashing/configuring little systems
I still use it though, can't complain in terms of actual routing/switching
Love the way this is written with "questions" interspersed throughout to explain more about the steps taken. Adds good context that makes it very easy to follow.
> Lenovo tells us, “The biggest challenge in getting to a 10/10 was balancing repairability with all the other expectations of a commercial device: performance, reliability, thermal efficiency, form factor, and design integrity. Repairability isn’t achieved by a single change: it requires many small, intentional decisions across the entire system, and each of those decisions can introduce trade-offs.
Yes, however companies say a lot of things. We'll need to see some hard numbers and reviews based on real world usage to know if their claims ring true.
For local services, I don't see the benefit of using DNS challenges and a Let's Encrypt certificate over running my own CA and generating my own certificates. It's not that much work to trust my root certificate on each device, and then I don't need an internet connection to verify local service certificates.
> It's not that much work to trust my root certificate on each device
Sure, but is trusting your homebrewed CA on all your devices for essentially everything really a good idea?
When your homebrewed CA somehow gets compromised, all your devices are effectively compromised and not only for local connections, but everything that uses PKIX.
Make sure all the TLS clients you use have support for name constraints. When I evaluated this in 2023, Chrome was in the process of adding support. I'd love to see a caniuse style analysis of TLS features, people assume they work but support varies.
I can either add a Cloudflare API key and Certbot on my NAS, or I could generate a root certificate and add it to my desktop computers, laptop, tablet, phones, Apple TV, etc.
Doesn't seem that tough of a choice. I guess in the future I could even forego the Cloudflare API key and just have the persistent DNS record there once.
Not the original commenter, but I noticed it too. I guess it's hard since AI is trained on human content, so presumably humans write like this too, but a few that stood out to me:
> Five entire countries vanished from GreyNoise telnet data: Zimbabwe, Ukraine, Canada, Poland, and Egypt. Not reduced — zero.
> An attacker sends -f root as the username value, and login(1) obediently skips authentication, handing over a root shell. No credentials required. No user interaction.
> The GreyNoise Global Observation Grid recorded a sudden, sustained collapse in global telnet traffic — not a gradual decline, not scanner attrition, not a data pipeline problem, but a step function. One hour, ~74,000 sessions. The next, ~22,000.
> That kind of step function — propagating within a single hour window — reads as a configuration change on routing infrastructure, not behavioral drift in scanning populations.
(and I'm not just pointing these out because of the em dashes)
GPTZero (which is just another AI model that can have similar flaws and is definitely not infallible, but is at least another data point) rates my excerpts as 78% chance AI written, 22% chance of AI-human mix.
To me at least, the article still seems to be majority human-written, though.
Also, one of the authors is "Orbie", which looks like an AI name, and if you go and read through some of the recent posts, all of the posts with that author feel very LLM-y and bland, and the posts without that author are much more normal.
reply