bcovertigo

I agree with you in principle but that doesn’t really help us much when poorly wrought digital devices get compromised en masse. I can say “Mirai” and way too much of the population knows that it’s an IoT botnet.

Those default passwords and superfluous software packages are cut corners, and directly translate to risk in your own home. Maybe you don’t feel that 2025 has been enough years of neglect to start calling it malfeasance , but if they’re tired of shit breaking and getting hacked and losing support I can definitely see the point of keeping more analog devices to minimize those risks.

Opportunity makes the thief, right?

Yeah you 100% have the right of this. Not a secret at all and very clearly documented on their github.

https://github.com/sipeed/NanoKVM

https://github.com/sipeed/sipeed_wiki/blob/main/docs/hardware/en/lichee/RV_Nano/1_intro.md

Would you stop?

Hey that’s not fair, plenty of them also know how to upload hardcoded secrets to postman.

Corporate consolidation is the end goal and all of the others are part of the toolkit for accomplishing that. (You can use those tools for other things, but a hammer with blood on it is a murder weapon no matter how many nails are in it’s past or future)

I think that we need more hybrid online/irl communities. Half of these issues at least can be avoided by treating digital spaces as the temporary fever dreams they are.

They fucked up pennywise’s powers already. It’s not a bad show on it’s own but I wish someone who could read was given some authority over the plot. 🙄

I appreciate that you wanted to help people even if it didn’t land how you intended. :)

If you’re seeing this follow all this idiot’s posts and mass report.

If you’re seeing this follow all this idiot’s posts and mass report.

If you’re seeing this follow all this idiot’s posts and mass report.

We have Lemminati at home.

I can’t sleep :(

Typosquat domain for sure! In a sandbox I’m seeing that all the download links point to the same HTML page on a .ink domain that cloudflare is now refusing to serve.

But our buddy joe already got a copy for us so we can at least view that report for fun: https://www.joesandbox.com/analysis/1763244/1/html

Edit: It pulls down an MSI installer or something it runs with msiexec but disguised with a PDF file extension. It seems to want a copy of cmd.exe to exist in an AutoIT installation (SearchPathW vs “C:\Program Files (x86)\AutoIt3\cmd.exe”) as well as pointing toward the multilanguage (.exe.mui) and other cmd variants. I suspect we’re one step away from a real payload with this report and that’s what we’d see the “Invoke-Obfuscation” powershell the sandbox spotted used for (if that wasn’t a false positive due to the base64 offset string).

Maybe OP is describing a prolasped rectum, where some intestine is pushed out, rather than a hemorrhoid like you describe.

Text wall incoming, no offense taken for walking away:

People always talk about distributed denial of service attacks but this is not distributed. It’s concentrated in that one farm, and that informs the types of denial of service attacks it’s suited to carry out without help and influence the govt agencies which might give a shit. A simbox is a machine that can initiate one simultaneous call for each provisioned sim card in it, or whatever other cellular network operations the towers in range support. Look downstream of that for a second though, how many 911 operators are there for that area? Denying service can be more than knocking machines offline! Do I have enough sims to drown them in prerecorded panicked AI calls so they send all their firefighters to the wrong locations? Maybe I want to knife a guy and watch everyone on that block fail to reach 911 while he bleeds out. But they said ‘disable towers’ so let’s focus on denying telephony rather than the service telephony gets you to.

Bullshit scenario to illustrate a point:

Healthy customers operating a phone normally may call a variety of internal services once each until their session is established with the appropriate permissions, and then they’re allowed to make calls or touch websites. What if I pick one of those important steps and just hammer the dick off of it so nobody else can make new connections to the network for a period? If their security teams had the idea before me maybe they built some defenses, but maybe not, or maybe the simbox has sims from many carriers so they can get help. Does MobileX even agree that they carry the obligation to respond to this? Do they even know how since they don’t own all the network devices involved? Did they willfully put their thumb up their ass and ignore so they could continue to get money from the bad actor without caring about the consequences? No of course not companies always act morally!

Imagine my phone attaches to one of three towers in an area. Imagine there’s a back end process that lets a device tell a tower “I’m bcovertigo, so start me a session and look up my plan permissions, then report back with what I’m allowed to access” with a unique identity for the provisioned sim card. What happens when a phone starts that process but just ignores the response and never goes to the next step? What if I repeatedly chain together those half opened requests, and then 100 or so of those processes are just waiting on a response, still consuming resources. Do that for each of 32 sim cards in those pictured simboxes. Now give me a 300 strong swarm of those screaming hydras. 100/minute32sims300simboxes. Can your iphone ever get online if that critical step never completes to tell you your session is allowed to make calls and visit websites? We’re not even considering disruption of IoT security systems. Maybe they found some other flaw that lets them break existing network connections or exhaust something that’s needed for very specific functions to work. Through the magic of computing, anything can go wrong!

But enough about the attack itself. What are you going to do to stop all this?

Ban the identifiers of the sim bank? Fuck you they randomize it. Deprovision the sims as you see them used? Fuck you they have 100k of them as reserve ammo. No you have to physically find it and go there in person, which means plying some investigative govt agency for help.

Archive link to an FAQ for the Slate electric trucklette that claims no sim cards and minimum digital bits. No clue if it will be a good vehicle so don’t take this as an endorsement. https://archive.ph/PMKpC

Anyone know other options?

“Refractory period” is the term, and the soft limits of it affect people differently. Short answer yes everyone has a reflex that diminishes the returns on stimulation in various circumstances. That ranges from single orgasm and significant refractory period to avoid discomfort, up to cases of multiple orgasms in the same session regardless of gender. This can also change with mood and other circumstances.

https://en.m.wikipedia.org/wiki/Refractory_period_(sex)

You’re doing a great job and you shouldn’t feel bad for being ignorant when you’re literally getting results and learning new questions to ask. Of course it’s not working perfectly! Of course you’re looking for help as you discover more options! You have the desire to learn something new to you, and you’ve made so many steps beyond the first already.

Here’s some emojis to copy and paste until you smash through that problem too. https://emojis.wiki/all-emojis/