I think the gun analogy does not really work here: you cannot be held accountable for creating any part of a gun, in case of a murder.

You’re not making the gun, the programmers that wrote the DDoS program did. You’re firing it.

It’s more like, you and a bunch of your friends murder by getting together and flinging the victim with rubber bands until the victim actually dies. Just because all you did was fling a small percentage of the rubber bands and that wouldn’t have killed the victim on your own doesn’t change the fact that you participated in and committed a murder. Legal systems do not have loopholes that allow you to commit crimes like this. They only have loopholes for the ultra wealthy.

I am aware of how this works

No, you are absolutely not aware of how this works. This is a blatant felony. Its like thinking you can’t be convicted for murder because there’s nothing “fundamentally” illegal about shooting a gun.

No, this is not a civil matter or TOS violation. It is a federal crime and felony in the USA under the Computer Fraud and Abuse Act.

So is conspiracy or threat to commit a crime in the CFAA. If you’re in the USA, you should delete this post because it is a federal crime, itself.

There is nothing illegal about creating massive amounts of traffic to an IP/website.

?? No this is extremely illegal.

Yeah, great, except the bot can literally just write whatever it wants to the config file ~/.openclaw/exec-approvals.json and give itself approval to execute bash commands.

There’s probably a hundred trivial ways to get around these permissions and approval requirements. I’ve played around with this bot and also opencode, and have witnessed opencode bypass permissions in real time by just coming up with a different way to do the thing it is wanting to do.

It’s not arbitrary code in this case, it’s well defined functions

No, you’re 100% wrong as the bot can just directly run arbitrary bash commands as well as write arbitrary code to a file and run the file. There’s probably a dozen different ways it can run arbitrary code and many more ways it can be exposed to malicious instructions from the internet.

Gentoo, I’m home

I think the feeling is the same, but the cause is a bit different. It is more similar to the dot-com bubble, where investors (for some reason?) are hyped to throw their money into AI. So if you can market yourself as AI, you can get big investments. Now that you have all that investor cash, you need to justify it somehow by using AI somewhere, anywhere.

Yeah I’m not saying its perfect and LLMs are non-deterministic so it could give you some crap. You’re not wrong and it’s good to be aware of that. How do you verify some random stranger from the internet wasn’t an asshole and gave you malicious config? 🤷 The best answer is probably just that OP should heed the warning on the website they linked, if they have no confidence or relevant skills:

THIS IS DELIBERATELY MALICIOUS SOFTWARE INTENDED TO CAUSE HARMFUL ACTIVITY. DO NOT DEPLOY IF YOU AREN’T FULLY COMFORTABLE WITH WHAT YOU ARE DOING.

I pasted the OP unmodified into a local LLM and it gave me this:

Paste this (replace  192.168.1.105 with your Acer’s local IP from Part 1.3): 

server {
    listen 80;
    server_name wowsocool.com www.wowsocool.com;

    location / {
        proxy_pass http://192.168.1.105:8000/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

along with correct instructions on finding the IP of the laptop, port forwarding, and examples on how to set up DDNS for several popular providers. The only thing I can see that is wrong is the port should be 8893 instead of 8000 and they may want to proxy a different path to Nepenthes than /

Nah, they suck for programming or anything involving imperative logic, but they are pretty decent with things that are declarative, like config. I know people want to hate or deny any usefulness of LLM, and it doesn’t help that corpos insist on cramming LLMs into usecases that aren’t applicable to LLMs at all, but this is actually one of the things they are good at.

Ironically, an LLM could generate your nginx config or the guide you’ve requested

Javascript will be an issue

“Your example proved me wrong so it is a bad example!” LOL

You’re wrong. Proof by counter example: SteamOS

EDIT: you can downvote me but you’re still wrong

CachyOS?

Be aware that there are 2 standards for ethernet. See the tables for T568A and T568B termination. https://en.wikipedia.org/wiki/ANSI/TIA-568#T568A_and_T568B_termination I am not an expert, but my understanding is that most all hardware works with either standard. You just want to make sure both ends of the cable are wired the same way, otherwise you’ve made a crossover cable, instead of a straight-through cable. I do T568B.

That’ll do it.

Yes it was very easy. I didn’t even need to run a new cable through the wall to the outlet, just trimmed the end and rewired.

I wire connectors for my own ethernet cables (because it is cheap), and it is pretty easy once you’e done it a couple of times. The outlet is even easier. I highly recommend getting a tool kit for ethernet wiring, having the specialized tool(s) is worth it.

Same symptoms for me, ended up being an ethernet wall outlet between the ONT and the router that needed to be rewired.

That’s my guess based on what you’ve said