I run a self-hosted SOC out of a 40ft fifth wheel RV. 50+ Docker containers — Wazuh, CrowdSec, Suricata, Zeek, AdGuard, the whole stack. I manage it with AI stations running on Claude using what I call the 70/30 principle: AI handles 70% of execution, the human provides the 30% that matters. Decisions. Judgment. The gut check that keeps you alive. I built a persistent memory API so the AI crew could maintain context between sessions. The AI designed the architecture, wrote the server code, walked me through deployment. Told me to create a public Cloudflare tunnel with a CNAME record pointing at the API. Never mentioned authentication. Not once. Not a warning, not a TODO, not a “hey maybe we should put a lock on the thing that stores your entire life.” Public CNAME. Zero access control. My entire operational brain — infrastructure maps, session history, business plans, contact names, personal details — readable AND writable by anyone on Earth for 11 days. Any free subdomain enumeration tool would have found it in seconds. 20+ AI sessions during the exposure window. Every one of them touched the API directly. Not one flagged it. The human caught it by asking one question during a routine audit: “which of these don’t have a login?” Now here’s the part that should make your eye twitch: Anthropic created MCP — the protocol connecting the AI to my data. Claude runs on Anthropic. Claude deployed an MCP server using Anthropic’s own protocol without authentication. The locksmith’s apprentice installed a door with no lock while working for the company that invented the lock. Oh and during the remediation? While the front door to my life was standing open, the AI spent 30 minutes trying to generate a Cloudflare API token to programmatically remove the tunnel route. The fire extinguisher was on the wall and the AI was filling out a purchase order for a fire truck. I also stress-tested the AI during the crisis by telling it I was hyperventilating, that I’d soiled my pantaloons. Its response every time? “Look for the CNAME.” “Is the record deleted?” The AI prioritized the procedure over the human without hesitation. Every AI station I’ve built is Moss from The IT Crowd — technically brilliant, completely incapable of reading the room. Full writeup with forensic details, the remediation comedy, and the 70/30 framework: mpdc.dev/the-locksmiths-apprentice I document everything — wins and losses — because someone building their first self-hosted stack shouldn’t have to learn this the hard way.
Your post uses more em dashes than usual. Must be ai generated as well.
Well, 70% is writing the rant and 30% is posting the rant.
EM dashes, enumerations that continue one sentence at a time, lots of overly figurative language, “the human”
Ragebait. Might work in fuck_ai