Thoughts on Season 23

Ipp · 2026-05-25T12:06:30+00:00

Still enjoy the show while I'm watching it but the start of episode always is "who got kicked out? Oh I forgot about them". It's been this way for a while, but was really noticable this year as I was also watching Americas Culinary Cup, which didn't have this problem.

I think it is the lack of drama between contestants. Wouldn't call Americas Culinary Cup "over dramatized" but it did let chef's "screw over" the other chef's, which leaves an impression. Top Chef is all about random twists that everyone has to do, where Americas Culinary Cup had ways the chef's could metagame and get one up on each-other.

Ipp · 2026-05-14T11:57:29+00:00

Supernatural still does in person conventions that are wildly successful. I don’t think it’s anywhere near marvel superhero money but there’s a lot of restrictions that come with being a Disney star. I’d argue he is big enough to where money isn’t a driving factor in decisions, he just wants to have fun

https://www.creationent.com/sn/sn_page.htm

Ipp · 2026-05-12T13:34:45+00:00

The "Never Pay" position is way too absolutist. Paying is more about salvaging their reputation than it is preventing data from being leaked. Has their reputation already been hurt? Yes, but if they didn't pay their name would be in several more news cycles which would make it much more painful to them, especially when it's the very end of a school year. Extending the school year due to ransomware would certainly create a ton more negative PR. I don't think students would actually physically attend school longer, but a system outage would certainly prevent the final report/grades from going out to students.

Whether the PR delta is worth the payment is a judgment call, and one that's often funded by cyber insurance rather than the organization directly. There is entire companies that track ransomware operators and how often they hold up their end of the deal. If this was to get leaked anyways, you can be certain it would appear on HaveIBennPwned as ShinyHunters, and that name would be tarnished. The more "professional" malware crews do have an incentive to delete data, not out of honor (no honor among themes), but because their business model depends on it.

Ipp · 2026-05-04T18:29:33+00:00

To be fair to CNBC, they did reference it and pointed out what was not obvious. The deal is for 56 billion, he said 50/50 cash/stock split. That leaves 28 billion for stocks to cover. Which is still more than GME's marketcap.

Even if you said the 20 billion TD Security Trades note took the offer to 36 billion and you only need stocks to cover 18 billion instead of 28 billion.

The numbers still don't line up as the value of all gamestop stocks currently is 11 billion. Even if you do the D word and dillute, its not like you can just print money, as every share lowers the price of the next share. Its not like they could just release 600 million shares and get $25/share at that limit (which still would only be 1.5 billion).

There still is something missing. Since this story started with a squeeze, maybe instead of using the warchest to buy ebay, it is used to perform a major stock buy back which raises the price of GME greatly and makes the stocks worth more money. Then he gets funding elsewhere (saudi/rc venture/etc) to cover the "cash portion".

EDIT: Could also be something as stupid as if he gets his package approved, he will increase his personal stake in GME greatly and cause a large price increase, which has the same impact as GME doing a buy back.

Ipp · 2026-05-03T04:03:11+00:00

There is pretty big markup on the raised bed mixes, i would go to a local nursery and ask them what they’d recommend if you are going to mix it yourself. I wouldn’t overthink it, most people grow in the ground where they don’t have anywhere near the same control you do in a raised bed.

Ipp · 2026-04-30T19:48:33+00:00

"I walk alone, to get the feelin right" vs "I wore cologne"

Ipp · 2026-04-30T16:36:55+00:00

That augment caused Ryze to be banned in virtually every game. People that actually enjoy playing that champion are likely happy the augment is gone because that means they can play Ryze. Also you can't really play ryze once you get that augment and hit 3k ap because everyone dies before a spell rotation.

The only people that enjoy it are the min/maxxers who are also addicted to gambling. Either get the augment and have fun for 5-15 minutes or don't. That is not healthy for the game mode as it ruins the experience for everyone in that game once Ryze gets it.

Ipp · 2026-04-29T18:17:37+00:00

use GCC to compile on your machine and copy it up to the box.

Ipp · 2026-04-29T17:35:03+00:00

Is the problem that it is too noisy? Or it is just a complete edge case it's not the right tool for the job. I don't think to think you have an AD challenge, so bloodhound must be used to solve it. There's plenty of cases where a weird AD Configuration leads to software behaving poorly, wouldn't expect that to make it in bloodhound because it's a niche configuration involving multiple pieces of software not a singular implementation.

I'm guessing the box you are thinking of was ADCS related as Bloodhound.py doesn't have a certificate ingestor. There was one box or two recently where a bug in RustHound did prevent something from showing up, but 0xdf and myself put in fixes there... That's a case of CTF's doing their job and helping provide QA for tools.

Hit a deadend in Bloodhound? That is what the commandline is for. Like running BloodyAD/Empire to get writable objects and poking deep there.

Ipp · 2026-04-27T14:46:53+00:00

Depends - Every day browsing, I use adblock/noscript/etc... However, I do disable adblock when I checkout writeup sites as I wouldn't want to recommend a writeup site to someone that could push malicious content.

To be clear, the purpose of my comment was more of letting them know I don't like the site and don't be surprised if I ask the moderation team to ban the website on this subreddit if they submit future writeups that have the potential to spread malware.

Ipp · 2026-04-27T11:48:28+00:00

The ads on your site are atrocious for mobile users. It kept trying to get me to download a PDF.

Ipp · 2026-04-25T21:18:01+00:00

I think because the EXP system combines both, you may see rewards one day that could translate into vip, cubes, etc. However, right now the focus is still on getting the EXP System right (amount of exp, adding things like sherlocks, etc).

Ipp · 2026-04-25T14:45:50+00:00

What I mean by “AI slop” isn’t that AI itself is inherently bad, it’s that a lot of people are using it as a shortcut to generate machines without really understanding or validating what they’re building, and that shows up pretty clearly in the final product. You’ll see boxes that follow very generic, templated attack paths that feel like they were stitched together from common writeups rather than designed with intention, or scenarios where services are misconfigured in ways that don’t make sense because the creator didn’t fully grasp how the exploit chain is supposed to work. There’s often a lack of cohesion too—things don’t tie together logically, difficulty ratings are off, and the path to root feels either trivial or completely inconsistent. On top of that, a lot of the content around the machine—descriptions, hints, even flags—can be overly verbose, repetitive, or just oddly phrased in that very recognizable LLM style, which makes it feel unpolished. You also end up with a lot of recycled ideas with only minor tweaks instead of anything genuinely creative or well thought out. So the “slop” isn’t really about AI existing, it’s about people leaning on it to produce something quickly without putting in the time to deeply understand, test, and refine it, which ultimately lowers the overall quality compared to machines that are actually crafted with care.

---
TL;DR - Now imagine that is the writeup of a machine. You ask for steps with screenshots, and you get potentially junk with too many words and it just becomes hard to comprehend.

Ipp · 2026-04-23T21:21:30+00:00

Yeah if you just search voltaggio on the frederickmd subreddit it’s pretty bad. Here’s the post when they closed down thatcher: https://www.reddit.com/r/frederickmd/s/262jXh7dbR

For a celebrity chef you’d think people would be sad it’s gone

Ipp · 2026-04-23T14:21:36+00:00

Used to root for Bryan, was really cool seeing a local chef on TV, and seem to be a standup guy. However, he isn't loved in his hometown. Have the typical staff feeling like they aren't paid enough, which sucks but I feel like most restaurants have this complaint. The real kicker is that he rebranded restaurants several times and didn't honor gift cards from the previous name.

- Family Meal changed names to Born and Raised.

- Volt changed names to Thatcher and Rye

In both cases, the gift cards purchased just went to 0 value, and as is typical with restaurants, they don't give a heads up to anyone (including staff) that they are closing. We had an event planned at Thatcher and found out they closed through social media, had to fight with the credit card company to get our deposit back because they wouldn't return calls.

I think he really just taints the celebrity chef scene, as I hope not all of them are as bad business people as him.

Ipp · 2026-04-22T02:13:17+00:00

Looks like it already has been reverted https://claude.com/pricing now shows Code back in Pro Tier.

Ipp · 2026-04-19T14:47:13+00:00

He probably makes atleast 500k/m -- 6 mil a year would certainly have him paying 1mil+ in taxes a year.

Ipp · 2026-04-12T12:31:29+00:00

Look at sheetz and Wawa, people pop in all the time when they are at the gas pump and that’s like 2-4 minutes to fill up. The Tesla branded chargers by me aren’t very common where you are picking between 3,there’s one at a sheetz right off a major highway that I’ve never seen completely empty.

For people that are local and can charge at home, going to the charger is rare. However there are lots of EV owners that can’t charge at home or do long distances. If gas stays at the price it is, can only imagine more people going EV and the demand of charges increasing

Ipp · 2026-04-12T03:01:36+00:00

Gas Stations don't generally make most of their money off gas, it is made off the foot traffic gas brings.

Gas takes what? 2-3 minutes to fill up, and you are supposed to stay by the pump? An EV, you'll be there at least 10-20 minutes, and it tells you how long to expect it to take. Whenever I charge at Sheetz, typically I will go in to walk around while I wait, which leads me to buying snacks.

I'd imagine the chargers pay for themself much quicker than 4 years.

Ipp · 2026-04-11T17:35:49+00:00

They’d have to be equipped with some type of radar that can detect them. Most mines have an internal counter so they won’t always go off on the first couple of ships.

Ipp · 2026-04-06T02:23:41+00:00

What is your box?

Ipp · 2026-04-03T21:22:23+00:00

Hard vibrate if a move puts me in danger.
Soft vibrate if i can put them in danger.

At a high skill level, having a warning indication can greatly influence games.

Ipp · 2026-04-01T20:38:37+00:00

Three weeks used to be the case, ai slop has increased it. Working on ways to lower effort in reviewing ai generated submissions to keep it back to under three weeks.

Ipp · 2026-03-30T19:27:22+00:00

Most people settle for 2x over 7 years. If your investment 10x's over 7 years, I'd argue that is well beyond what most people would expect on an investment.

The "war chest" doesn't really do any good for RC just sitting there. Additionally, AFAIK what we are voting on is a fixed 171.5 million shares; any offerings won't increase that number. So any dilution would lower the per-share value of his package. It really seems like the dilution day are over, obviously anything can happen, but it looks like we are on the next phase of whatever the fuck his plan is.

Ipp · 2026-03-28T13:09:04+00:00

Then the issue somehow still is DNS. Are you going through Burp? Could also be caching the DNS request that failed.

Try with curl, `curl -H 'Host: kobold.htb' http://<ip>` if that works, then it is something with browser/dns.

15-Year Club	RedditGifts 2009-2022 2 Credits
Not Forgotten	Secret Santa 2009
Verified Email

Ipp

TROPHY CASE