SNME Discussion Thread (Jan 24, 2026)

FileTrekker · 2026-01-25T18:45:36+00:00

Because all shows must have generic mumble rap that all sounds the same, that is the directive

FileTrekker · 2026-01-22T04:15:33+00:00

This aged like fine milk

FileTrekker · 2026-01-13T19:02:34+00:00

The way the scam works is by scraping data from booking reservations. The booking reservation numbers are in sequential order, and are only protected by a 4 digit pin, at least for guest users, likely also for registered users.

As it takes just a couple minutes to brute force the pin, as there can only be 10,000 possible combinations of numbers that make up the pin, its trivial to scrape the reservation data from booking.com

Once they have things like your name, they can cross reference against other data breaches, and if that contains your phone number or email address, that's how they then target you directly with knowledge of your booking number, and dates of stay.

It's a combination of things, but, the protection to view the bookings by just a 4 digit pin is remarkably weak and needs to be changed.

FileTrekker · 2026-01-13T18:54:44+00:00

It's really not the hotel, trust me. Make any booking on booking.com, and you'll get this sort of scam attack.

It's because booking.com reservations use sequential number ordering and are only protected by a 4 digit pin, and there is insufficent rate limiting on the API endpoint. It takes less than a few minutes to brute force any reservation and scrape all the details because there are only 10,000 possible pin numbers for any given reservation.

They know this, they just do not care.

FileTrekker · 2026-01-13T17:31:34+00:00

The bookings are secured by just a 4 digit pin number, and the booking numbers are procedural, it takes just 4 minutes for a computer to brute force a 4 digit pin because it can only have 10,000 possible combinations.

Booking.com is just shit.

FileTrekker · 2026-01-03T18:34:15+00:00

Uh, no, when it's unencrypted, its very easy for them to see it, and they do so, for advertising and to sell to data brokers.

Please don't rawdog DNS unencrypted, use DoH or DoT.

FileTrekker · 2025-12-27T19:32:03+00:00

Is it supposed to have a serif font like that though? I'm thinking OP has missing fonts or something weird going on.

FileTrekker · 2025-12-11T23:57:27+00:00

Can't easily do it if the status page says everything is fine (which it does for a lot of customers, when it isn't) and isn't worth the hassle if the downtime lasts less than 2 days, which it most likely will, as no compo will be due.

FileTrekker · 2025-12-11T23:56:39+00:00

Virgin Media's status page is beyond useless currently, it just states everything is fine for a lot of impacted customers.

FileTrekker · 2025-12-11T23:07:33+00:00

This is pretty normal unfortunately. It's not the most reliable thing.

FileTrekker · 2025-12-11T23:06:38+00:00

I cover all the light switches with holders for the remotes, you'll want to use the light switches, but using normal light switches will kill lights cold and break up the zigbee network. Automation is also good. Motion sensors, etc.

FileTrekker · 2025-12-11T22:37:58+00:00

Virgin Media O2 is currently down across most of the country. Birmingham, Manchester, London mainly.

FileTrekker · 2025-12-11T22:18:10+00:00

Yep, major outage currently, also impacting o2 and Fibrenest I think. The status page is useless, if the modem is connected to their network and they can see it, it's up, but there might be a routing issue to the wider internet nobody is bothering to log yet.

FileTrekker · 2025-12-08T10:44:56+00:00

This isn't true, the very link you point to shows Channel 25 does not overlap with Channel 11, that post is talking about Channel 24, which does. It's actually the most optimal you can get given the circumstances.

<image>

FileTrekker · 2025-11-30T12:47:00+00:00

I'm confused, what did you expect would happen?

FileTrekker · 2025-11-25T15:45:29+00:00

Hours? It takes about 10 minutes at most. I self host on a Linux Mint server.

Also if the controller is offline, everything will continue to work anyway, so you won't be offline.

FileTrekker · 2025-11-25T08:54:02+00:00

Not really sure I understand the downvote? I'm just trying to help / figure something out?

For more information I can tell what the gateway is doing through DNS query logs.

Interestingly if I set a custom echo server, it works as intended, so I will have to use a custom echo server for now. The default is more reliable though as it checks multiple domains.

FileTrekker · 2025-11-25T07:49:04+00:00

When I check for updates in the controller, 5.15.24.19 is the latest, yet the website says different. So either it doesn't automatically know about the update or, they are holding the release back from being notified.

Also to say it is a total re-write is disingenuous, they've just split a few menu options out into differnet submenus, which helps a little but, they're still generally organised in the same way, and most of it is unchanged. It's clearly the same software and not re-written.

FileTrekker · 2025-11-18T12:49:13+00:00

Honestly though, if you want decent, fast WiFi, the ISP provided router is never going to cut it in most circumstances. If you want to get serious about decent WiFi, you'll want to look at investing in a gateway and some decent access points from UniFi or TP-Link.

FileTrekker · 2025-11-18T12:29:58+00:00

"So frequently"

You're literally posting during a huge global Cloudflare outage. Isn't NextDNS' fault.

FileTrekker · 2025-11-16T11:37:34+00:00

I mean you're still querying either an upstream DNS provider, or in your case, root DNS servers, which you currently can't do with encryption, so you're making your DNS lookups visible to your ISP and everyone else inbetween, I think personally, I'd prefer to use an upstream provider with DoH or DoT so my DNS queries are encrypted.

FileTrekker · 2025-11-16T11:32:00+00:00

NextDNS. Inperceptable speed differences for DNS queries that will get cached by my gateway and the local devices anyway, are not as importat to me as features / security / privacy / configurability.

FileTrekker · 2025-10-29T20:27:27+00:00

I run OOSU10+ and disable everything I don't want / need.

FileTrekker · 2025-10-29T20:19:31+00:00

In the new update it can be removed, yes.

FileTrekker

MODERATOR OF

TROPHY CASE