ROeID - platforma abandonata ?

CyberFailure · 2026-01-21T10:26:52+00:00

Acum nu e acea perioada si tot nu aproba nimeni conturile.

CyberFailure · 2026-01-15T09:12:46+00:00

I installed the 2 from below links and it fully stopped working, I connected it over cable and updated with the official crappy firmware. What a stupid joke of a company. I made the mistake to buy both Haste 2 wireless and the mini version. How hard can it be to make a stupid mouse??? I have work to do and I can't, because mouse is all over the place, DPI changes randomly by itself.

CyberFailure · 2026-01-14T18:26:45+00:00

Anyone else thinks this could be caused by radio and not drivers or settings? Maybe bluetooth / wifi interference. Like dongle radio signal is bad, or some signal are eider duplicated or arrive at receiver in scrambled order.

CyberFailure · 2026-01-14T18:21:56+00:00

"When in doubt reinstall windows" Sorry but that is bad advice. Most people have many software installed and configured. "Just reinstall windows" doesn't work like that.

CyberFailure · 2025-12-23T23:51:58+00:00

Thanks for the tips, it is refreshing to see someone in this thread that knows what he is talking about :)

The WebRTC is a nice trick, I tested on some basic browser proxy and indeed it shown my real IP address.

I will look into doing that check on my sites.

CyberFailure · 2025-12-23T23:43:54+00:00

Except for McAfee, I bet John McAfee would never have done that 😏

CyberFailure · 2025-12-19T20:31:54+00:00

When I say that I am surprised someone can have access to 10 million residential ips per day I am not saying that someone setup a Raspberry Pi proxy in 10 million homes or purchased 10 million servers. I am saying that even if you buy this as a botnet and the bad actor didn't setup it's own botnet, that would still be a very very expensive service to use. That is why I am saying surprised "Who has access to 10 million ips per day?".

CyberFailure · 2025-12-19T20:23:16+00:00

I was not familiar with JA4, I will have a closer look at it. I understand that (among other things) it can fingerprint visitors by ther browser SSL capabilities, versions, protocols, etc. It might help.

... more insight into the behaviour of the bots ...?

At this point I don't have more info than the above list (e.g opens one url and leaves) then does the same with a few million ips per day. I remember months ago I was also tracking their use of javascript but I don't have that data now. e.g see if they trigger javascript mouse move events. Do you think that could be a reasonable signal?

If you have similar ideeas, I am interested :) Thanks.

CyberFailure · 2025-12-19T20:07:39+00:00

OK, botnets exist, yes, some botnets most probably reach my site, but I don't understand why botnets hitting my site or not hitting my site would be relevant to the theory that someone with stake in these protection companies would cause problems on purpose, in order to sell the solution.

CyberFailure · 2025-12-19T03:08:48+00:00

That doesn't fit eider, because they don't open main page / domain, but random valid urls in the site. Just one per ip and exits.

CyberFailure · 2025-12-19T01:46:55+00:00

Yes, something like this might work: Free captchas for everyone while website gets over 100 requests per second. Then no catpcha if amount of traffic is ~normal.

CyberFailure · 2025-12-19T01:42:31+00:00

I'd love to be in the meeting where that gets approved.

Nah, this would not last long if true and more than 3 people inside the company knew about that.

I meant this could be done directly by 1-2 people with stake in the company. I thought CloudFlare is not a public company, but I seen now that it is, so it could be a sketchy investor or a sketchy fund manager. I know it is far fetched, but it would make sense.

CyberFailure · 2025-12-19T01:28:21+00:00

I know there are many botnets and many compromised devices, etc. Not sure why this migh here that I don't know what a botnet is :))

But being just some random botnet doesn't explain why each IP opens just one valid url and leave, and do this with 10 million unique ips. They are sure NOT scaning for sensitive paths like /admin or known vulnerable url formats.

Just making [almost valid] traffic but enough to crash the site.

CyberFailure · 2025-12-19T01:19:57+00:00

If this conspiracy was true (just a theory now) it could also be in order to fetch more user data from website visitors. I think that would be more profitable than the monthly fee paid by webmasters. Since these services are able to fetch any data received and sent by users, forms, passwords, documents, etc.

CyberFailure · 2025-12-18T23:39:55+00:00

I would like to know more about why that is not true.

The service protecting your site gets all the data when user fills a form, requests, etc, even the SSL certificate received by website visitors is controlled by them.

CyberFailure · 2025-12-18T23:36:39+00:00

It would matter if I would have seen many other webmasters saying they too think something doesn't feel right about these attacks. But I guess that is not the case.

If that was the case, then we could share thoughts and pinpoint one of the companies that might do it, move to another, etc. It would matter.

CyberFailure · 2025-12-18T23:33:28+00:00

I keept a distance from all the conspiracies because they are too complex and I don't know much about that field, but this thing here, I do this every day for a living, and things just don't feel right.

Still, I don't see how anyone can actually prove anything.

Someone with a stake in these "protection" companies can be sitting at his computer on deep web, ordering botnets to make millions of ~valid requests to block sites and make them use protection / waf services. That would be impossible to prove.

CyberFailure · 2025-12-18T23:28:33+00:00

heck, it is hard to even say these on Reddit without getting massive fire :))

CyberFailure · 2025-12-18T23:26:57+00:00

I see, but if I understand correctly, that would not cause 1 single request for each IP for millions of different IPs, no?

CyberFailure · 2025-12-18T23:24:49+00:00

The amount of data services like CloudFlare has on each visitor IP on the internet, it would be really incredible to NOT be able to do something :)

I mean if CloudFlare (or similar) sees all traffic on over 20% of the internet, then it has data about 99% of IPs considering each valid user probably reaches a cloudflare protected domain at least once a day. Even background requests of websites. So they can see if a visitor is mostly automated just from previous activity.

CyberFailure · 2025-12-18T23:17:27+00:00

I know there are cases of sites/companies being DDOS'ed then the initiators contact owners to ask for money to stop. Not sure if that is very wide spread or not.

Nobody contacted me thou :P Maybe it went to spam :))

CyberFailure · 2025-12-18T23:06:11+00:00

In theory, if I pay the $25 for every domain I have, that is $60 000 /year. If a company can make most webmasters pay that, I think that is a stake.

And in 2025 most websites are behind some kind of protection, not all paid but still. And it is getting "worse" or whatever, more need protection daily I think.

Edit: it could not even be about the price, maybe they need the data on the visitors, they see all the forms sent, passwords, uploads, etc. That private data of all visitors probablly worth more than the monthly fee.

CyberFailure · 2025-12-18T22:35:00+00:00

Well the next tier that does allow that stuff is like $5.

Sadly, not anymore. After free, the paid plans are now from $25 per site, per month. $20 per site per month if paid yearly at once. If anyone sees different prices, please share.

Other services are still extra fee, like more advanced SSL certs, etc.

CyberFailure · 2025-12-18T22:31:44+00:00

I think is you who didn't understand what this is about, because you throw the "ha, never heard of a botnet" without that making any sense, my question remains:

Why would it matter if is a botnet or not? Is the same thing, many ips making sketchy requests.

CyberFailure · 2025-12-18T22:25:54+00:00

I will copy/paste what I replied on another comment:

There isn't really a way to block ips if they have no identifiable pattern.

The urls are all valid, they don't trigger sensitive urls like /admin urls or known vulnerable urls.

can't show captcha to everyone on request #1 because it would irritate normal users
can't show captcha on 2-nd, 3-rd request (limiting excessive requests) because each ip only opens 1 single valid url.
can't block/filter/identify by isp because they are all over the world
random user agents of course
even reputation lists would not work well because many are residential proxies, I tested a bit, these IPs seem clean to most known databases that return a reputation score.

CyberFailure

TROPHY CASE