this post was submitted on 12 Jul 2025
45 points (100.0% liked)

Showerthoughts

35907 readers
1758 users here now

A "Showerthought" is a simple term used to describe the thoughts that pop into your head while you're doing everyday things like taking a shower, driving, or just daydreaming. The most popular seem to be lighthearted clever little truths, hidden in daily life.

Here are some examples to inspire your own showerthoughts:

Rules

  1. All posts must be showerthoughts
  2. The entire showerthought must be in the title
  3. No politics
    • If your topic is in a grey area, please phrase it to emphasize the fascinating aspects, not the dramatic aspects. You can do this by avoiding overly politicized terms such as "capitalism" and "communism". If you must make comparisons, you can say something is different without saying something is better/worse.
    • A good place for politics is c/politicaldiscussion
  4. Posts must be original/unique
  5. Adhere to Lemmy's Code of Conduct and the TOS

If you made it this far, showerthoughts is accepting new mods. This community is generally tame so its not a lot of work, but having a few more mods would help reports get addressed a little sooner.

Whats it like to be a mod? Reports just show up as messages in your Lemmy inbox, and if a different mod has already addressed the report, the message goes away and you never worry about it.

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
45
With LLMs, censoring internet at the router level has become trivial (feddit.it)
submitted 1 day ago by [email protected] to c/[email protected]
9 comments fedilink hide all child comments
 

TL;DR: it looks like there are routers on the market that use gpt APIs to classify new, never seen before websites and add them to the blocklist in real time

This allows everyone to run something like the "great firewall of China" - and imagine what a government could do

Full story:

At work the boss got persuaded to pay some thousands for a fortinet firewall to cripple the customers free wifi (the extremely stupid idea is to sell them an unblock code, but I live in a country where with 10 euro per month people can get 100gb of 5G connection, who's going to pay?)

I tried that network and I was really shocked how crippled it was. Boss decided to block anything related to gaming, for example. You visit a small game developer page and it initially works but after a few minutes, you get a "blocked" page (but customers can't see that because nowadays everything uses HTTPS and they don't have the self signed CA on their system - they just see HTTPS certificate error). I tried multiple times but always the same result, after a few minutes is blocked.

Everything that corporate thinks it's not appropriate, it's blocked!

I felt more frustrated using this network than the time that I lived in China! (Left a few years before COVID, don't know the internet situation now)

When I came back home I took a shower and I thought to it under the hot water. At home I'm using gpt4o in karakeep to classify my bookmarks... and a router can also do the same.

top 9 comments
sorted by: hot top controversial new old
[–] [email protected] 8 points 1 day ago (1 children)

Boss decided to block anything related to gaming, for example. You visit a small game developer page and it initially works but after a few minutes, you get a "blocked" page (but customers can't see that because nowadays everything uses HTTPS and they don't have the self signed CA on their system - they just see HTTPS certificate error). I tried multiple times but always the same result, after a few minutes is blocked.

That's not "AI". That's just a "man in the middle (mitm)" attack. AKA, https proxy. Fortinet firewalls have been capable of that for many years. It's not uncommon for businesses (e.g. banking and finance) to proxy all internal web traffic in order to make sure personally identifiable information isn't being shared with shady websites.

Proxying traffic on the guest WiFi is pretty sketchy though.

[–] [email protected] 3 points 23 hours ago* (last edited 20 hours ago)

I was used to normal fortinet filter (they block porn and warez in the work net which is acceptable) but this new one seems extreme, borderline unusable. You have one chance in the router lifetime to browse an obscure website and then next time it's already in blacklist. I think they pay some kind of subscription for ai autoclassification because there's no way with human support it can be updated this fast

[–] [email protected] 9 points 1 day ago (2 children)

I think I lost you somewhere; how do LLMs factor into this?

[–] [email protected] 1 points 20 hours ago* (last edited 19 hours ago)

for example, i browse to a completely new website that nobody ever visited. Nobody uses linux, so i go to gnome.org and first it loads because ther router/firewall never knew that URL before. Then in a few seconds gets blocked pending "ai classification", then it gets permanently blocked because that asshole of my boss decided to block every website that offers software downloads

classification pending

blocked

or, for example, i take a linux distro that literally nobody uses, when i use pacman it firstly load packages because i'm the first one to access the download server, then in the middle of downloads the firewall learns what those server does, and blocks them during download (invalid SSL due to MITM that replaces content with the "access blocked" message)

i use arch btw

and because the blocklist is infinite, even listening to offline music gives errors when using music APIs

i wonder what's the point of offering "free wifi" like this. It's cheaper and gives a better customer experience to just remove the access points and say "no, we don't have wifi" rather than "we have wifi but you need to login with facebook and you can only use it for whatsapp and to browse our website". I heard the boss was pissed that the upstairs neighbors were "stealing" the wifi, as he saw traffic during night time

[–] [email protected] 8 points 1 day ago (1 children)

They may or may not be used here. You could use LLMs to parse the content of sites being visited by web clients on your network. Then, ask the LLM whether the content includes certain topics or is work related. Based on the results of that, you add/remove the site from a blacklist.

Is this better than just string matching? I would say likely so, though more stochastic in the results. It would let the LLM provide summaries/context of the pages, and not by just confined to specific strings in a list. It might be better ramble to handle context and complexity of the desired outcomes.

For example, there was a paleontology conference at a hotel once that was stuck behind a firewall blacklisting all sites with the string 'bone' in them. Completely ridiculous. The string 'bone' has different meanings based upon context, which simple string matching cannot provide, but an LLM might be better and identifying and acting accordingly.

[–] [email protected] 6 points 1 day ago

Cool..I worked in this school once that blocked any website about calculus because of the "cu" part of the string that means ass hole in my language. It was funny.

[–] [email protected] 3 points 1 day ago (2 children)

What about encrypted DNS?

[–] [email protected] 3 points 1 day ago

It's all blocked and I didn't find any single VPN to work (didn't try those with shadowsocks)

Tailscale worked but only if i login using 5G, then after choosing my exit node on my own server, connect to the crippled WiFi

[–] [email protected] 1 points 1 day ago

Modern firewalls are very good at sniffing out what a host is doing.