Of course, using an oddball browser in and of itself is easily trackable, but that's not what the bot-detection software is looking for, so it defaults to assuming I'm a bot.
Likely you just use a shit web browser.
every time there is a captcha it makes you authenticate. so it's the same thing as the captcha.
maybe i have it misconfigured
Is it a honeypot, or does it just look like a honeypot? And if it just looks like a honeypot, isn't that a honeypot? or if it looks like a honeypot that isn't a honeypot does that mean it's the actual thing?
The lack of even taking your payment details makes it look either fake, as in still being built or built as a demo, or not being a serious operation.
I doubt it. I think the author of this page is giving himself way too much credit. The only evidence that anyone "panicked" is the author's own statements that they must have. More likely someone put in a WAF rule that 401'd for his IP.
"By running these honeypots, the police create suspicion and paranoia in the community. If you want to buy a DDoS attack, you now have to wonder if the website is real or just a police honeypot logging your IP. They want people to stop trusting these services entirely."
Well, good, right? What "community" is this diabolical suspicion and paranoia being created in? The community kids who want to DDoS some other kids' game servers? OK, again, that's good, right?
"But it really just feels more like feds jerking themselves off on how cool they are."
Pot, kettle.
"Does this video and the honeypot have any real impact? Let's be honest: probably not."
How does the author know? According to Wikipedia, the larger operation has shut down 4 dozen sites offering DDoS services.
Sure, gov't is often clueless and maybe this is effective or maybe it isn't. Maybe it's an experiment. Maybe it's actually intercepted a fair number of potential customers.
If clueless teens are signing up for booters and it's actually LEO who contacts them and says "you know, that's illegal" then that's a good thing.
Why make this assumption when you could just visit the website yourself and see the same 401?
The reasonable assumption to make when something changes that it had nothing to do with me. Because 99.99999% of the time, it didn't.
Is een nep-honeypot ... echt?
Forgive my pedantry.
Genuinely asking if anyone recalls this being in an HN in the last two yearsish.
I accidentally made law enforcement shut down their stresser honeypot
How I stumbled across a fake booter site run by international police, and how they panicked when I started digging
I feel like this describes roughly 75% of all government initiatives.
I, too, hate it when people discuss hacking on my Claude News homepage.
Why not take their Bitcoin though… maybe they might be building other cases or something
cloudflare browser run, superb. no captcha.
i can let opencode merrily browse the web and it doesn't get stopped. a bit like a drug mule bribing the cops.
Like, if a page gets hundreds of thousands of visitors, then your assumption is reasonable. For a page that might get dozens of visitors over its lifetime, it’s a much less certain assumption
Is it possible that it happened that way? Sure. But it's more likely that it didn't.