Comment by znnajdla

I’ve been telling people recently: get the fuck off cloud services, self-host your own servers, and learn how to do sysadmin/netadmin stuff like it’s 1990 because I assume all centralized cloud service providers will be infiltrated. AI vibe coding has made security a nightmare - secrets are in logs everywhere, developer machines are all pwned by npm attacks, and if you’re on the cloud you’re paying 10x the cost of self hosting for the privilege of being hacked. OpenAI Codex recently rotated all code signing keys, npm dependencies have been infiltrated 3 times in the past month and now this. I’m now using local AI models, self hosted Forgejo instead of GitHub, on servers running in my basement and not only is it so much cheaper, it also means I control network boundaries, and more importantly: I’m not a target because I’m not a large centralized service. The attack surface for large centralized services is just too large to control, all it takes is 1 mistake and all of GitHub/OpenAI/BigTech is pwned.