i needed to share a single file so i wrote a quick webserver in bash like any normal person would. it supports head and get, which was all i needed. as far as i'm aware it doesn't misbehave too badly
then i showed it to a bunch of extremely smart phd level agi bots that are going to replace us all and asked them to review it and point out any flaws
what follows is a non comprehensive list of replies in no particular order. for fun you can guess which model said what
i am aware that python's http.server is very easy to use, and so is nginx, and so is every other server really, but this was 6 lines of code that i wrote to share a log file with a friend
it's a silly project not intended for production use. i couldn't immediately break it, so i asked some people and some ai thingies (pretty much all the relevant ones in august 2025) to have a look
the ai results ranged from irrelevant, to nonsensical, to just laughably bad. there was a lot more but this is enough to convey my point. the human results ranged from "lol" to "why not just use..." to "pls dont"
in fairness to the bots, a lot of them did point out that this isn't hard to dos. just spawn a billion connections!
ncat has a --max-conns option to address this, but there's already a read timeout and i couldn't
be arsed to find a value that made sense for just running cat on a 100kb file.
remember to pick a good one before deploying the next facebook on this
this was quite a few bots that are being sold as agi with all the thinking settings maxed out etc. overall i feel like i gave them a fair try, but they only managed to produce an endless stream of completely made up vulnerabilities. this is not what an expert would come up with
it's probably my fault tho. i am old and grumpy. i should have prompted better, or used the even newer models, or maybe i should just write react instead or possibly tailwind css? but you're absolutely right to point this out. let me try a completely different approach...
