Embotic | Low Uptime, Failing to reveal security problems and more

gamer3514

Let’s start with their main “company”, embotic.xyz.

Here they provide free and paid hosting.

Not revealing security issues.

Here is the most recent example. They reset all domain proxies (a proxy so people can link their own domains to web servers). This proxy is used on both free and paid plans. This reset meant anyone could proxy pointed domains to any web server on the embotic network. This wouldn’t be too bad if they made people aware of the reset, but they didn’t. All they mentioned is below:

Here is an older but more important one.

Around 2 months ago, Embotic had a data leak which included staff documents and payment logs. Instead of making people aware (payment logs included full names, emails and payment ids), embotic stayed quiet. This leak has since been deleted, so I am unable to provide screenshots. According to management, none of the leaked data was important…

Weird Ban Reasons

For pointing out the proxy issue, i got hit with a ban. Below is my reason…

In all the security issues I found, I reported them with reproduction steps. With the proxy thing for example, I put a picture of a cat on the website. Completely harmless.

Downtime

Recently embotic suffered about 2 days of downtime due to a ddos attack against their panel.

This prevented free and paid users from accessing their sites. They still have some countries blocked from this ddos, further preventing access.

FiveM selling

Unless they since changed it (can’t check due to my ban), they are offering FiveM servers as a paid option. As I highly doubt they have the correct licensing to do so, they shouldn’t be providing this as an option

Inaccurate Status Page

Remember that 2 day downtime I mentioned? It has since been wiped from their status page. According to it, there has been no downtime outside of maintenance this month…

They are constantly wiping unplanned events from their status page to hide their poor uptime.

Their Subsidiary - PauloVM

This is a new subsidiary, where Embotic has pinged everyone twice within a week to check it out.

They also had a security issue, where my IP got leaked somehow. Instead of doing smth about it, they asked the person to send it in chat, they said it was correct then left it in chat..

If that wasn’t a vpn, could have gone terribly

The staff are nothing but toxic, I have provided many images below.

the prompt in question:

I will not be monitoring or responding further in this post. I have provided ample evidence of pretty much every claim I have sent here.

ItsAsheer

gamer3514

The leak in cuestion was leaked by you.

Wtf do you mean with the ban!? In snother server where YOU DIDNT EVEN OWN IT you banned me for just begin dev at the competitor of SillyChat

katylol

gamer3514 They support lylanodes, they literally provided a server for them and it was shitty asf, 1Ghz Xeon. 16GB RAM 0% uptime

stilry

gamer3514 then left it in chat.

im a mod at paulovm, you cant delete chats

SuperEvilLuke

you were using aservice to find al ldomains lniked to an IP and then your were proxying them. I said there was nothign really I can do about it because its alrerady pointed

2. You were banned for your constant drama, disrespect to other users, and repeatedly abusing services.

3. About the downtime, we compenstated all paid users for the downtime. All countires have been unblocked.

4. FiveM yes, we are doing, which is fair enough, however it it is very likley to be discontinued.

4. Inaccurate status page, We remove the automatic downtime status on the status page and wrote an active incident page report which updated the status page with information about the downtime. You can even check it for yourself at https://status.embotic.xyz

5. PauloVM isn’t fully released, and is a fork of CollabVM. We arent the orginal authors. We did a public test to find any issues to patch before release. We never asked anyone to send any IPs in chat, and the disrespect towards others has been handled and appropiate punishments were handed out. The person who “leaked” your IP was your good friend uira, he claims he got your IP from a http toolkit, which when we tried it in our tetsing didnt work.

You only made this thread as you are mad that you were banned for causing issues ever since you wanted to “end” the drama which you clearly haven’t done, just stirring more shit up.

gamer3514

SuperEvilLuke Said i wouldn’t respond, but got sent it and your reply is crazy.

Like i said, if you had told people you did it, it wouldn’t have been an issue. You never mentioned a reset to anyone via announcements.
I never abused your services. I followed your tos to the word. I correctly reported all security issues and never hosted anything that violates them.
They weren’t when i made this post….
(FiveM) Ok?
(Status). That incident was not there when i made this post, and you deleting it results in the uptime percentage showing higher than it actually is. This misleads anyone considering your service.
Yes it is a beta, your staff handled the situation poorly which I have shown. I also saw them send someone’s home ip for shutting the vm down, but have no picture proof of that one.

Nope?

I made this thread to show what actually happens at Embotic. Basically nothing here is a result of my ban, and I have been collecting these images for a while now.

SuperEvilLuke

1-2. You were banned for abusing the “flaw” consistently, after being told to stop. I sated multipel times in public chats that I had to reset the proxy server, and yes that is my fault for not adding it the the announcment. But there is nothing I can do when people have their domains pointed to the proxy server and you proxy them all. Yoiu were also banned for repeatedly insulting members, calling them autistic when they asked a question about their code.

3. You have no paid services on your account, you never have so you wouldn’t of noticed the compensation as you had a free server.

4. ok cool

5. The status has always been there, I only remove the automatic alerts once I’ve made the incident.

6. I agree, it could of been handled alot better, however appropiate moderation actions were handed out and its resolved.

You made this post about an hour and a half after your ban, seems like it was because of your ban.

gamer3514

SuperEvilLuke

Once to see if it worked, a second so i could show you how. Public chat, seeing as how it gets flooded, is pointless. I have never called anyone autistic? Would love to see the img of this one
Was talking about the country bit not the compensation bit. People were being blocked when i made this post
The status was not there. I specifically checked it then i made this post, there were no incidents for February. Downtime is also missing for other incidents. Like how one of your nodes was down the other day. Have attached more imgs at the bottom of this reply.
Appropriate moderation actions were not handed out…

This post was not made because of a ban. That trustpilot review was made pretty much straight after your ddos, all events in this post are from after it.

I also noticed you are suddenly correcting your mistakes:

This incident shows up no where on your status page. You have also once again deleted that incident:

Oh and again, fun!

Once again not on your status page.

They are all on the status page during the incident, then magically vanish once back online (This is an unfortunate feature with BetterStack where you can delete incidents)

You can’t hide you deleting your incidents when you forget to delete them from discord too 🤦‍♂️

I also noticed you have bene deleting your messages. That “need some people to test so uh try to break it” has magically disappeared,.

Here is a screenshot from your vm site’s chat. “however appropiate moderation actions were handed out”, they are still talking and are still staff though!

You can try cover it up as much as you want, I have plenty of screenshots

gamer3514

stilry

SuperEvilLuke Yoiu were also banned for repeatedly insulting members, calling them autistic when they asked a question about their code.

I presumed “Yoiu” was a spelling mistake for “You”. Pretty sure everyone would

SuperEvilLuke

your trustpilot review also contradicts alot you have said

gamer3514

Stop making up lies

stilry

gamer3514 also with this;

since you decided to put your own id instead of uiras 😊

SuperEvilLuke

Correcting my misatkes yeah, I even agreed with you about the fivem

the incident is still there, if you’d open up your eyes you will see: https://status.embotic.xyz/incident/512512
we never went down on the 11th.

Increasing the amount of ram on my nodes would be considered maintenance? Quite pointless to write up and entire maintenance alert for something that takes me 30 seconds to do.

I deleted the orginal “need some people to test so uh try to break it” yes, but that was deleted after the testing concluded. The second one is still there.

I don’t know how many times I have to tell you that moderation actions were handed out for the PauloVM stuff, that seems to be going right through your head.

gamer3514

Didn’t know you could reboot a vps without any downtime. Please inform me of this new magical technology. It would cause a good amount of downtime. I’d say around 15 minutes, your status page does this for you.

SuperEvilLuke I deleted the orginal “need some people to test so uh try to break it” yes, but that was deleted after the testing concluded. The second one is still there.

You deleted it when i made this post but ok.

You are deleting the posts auto made by your status page to try improve your downtime percentage, it’s pathetic.

What’s the point of the status page if you delete when most things happen? I can go through more incidents if you would like, there are many days when you had downtime. Some hours long

gamer3514

You are arguing the same points over and over again. Anyone can go compare your status page to discord downtime reports, you will find many instances. When you did your ram upgrade, it caused over an hour of downtime on 1 node due to an ip misconfig. I don’t see that on your status page

SuperEvilLuke

gamer3514 Why would I remove the first message but not the second? I removed it way before your post

The node wasnt marked as down by better stack as somethig else was listening on the ip hence betterstack detected it was up
I would aruge that a reboot of a node for increasing ram is classed as maintenance? Like I said, I’m not going to write up an entire notification on better stack for clicking 3 buttons.

gamer3514

SuperEvilLuke Like I said, it was down over an hour. Your poor network config isn’t an excuse for it showing it up…

SuperEvilLuke

It eas down for 15 minutes at max. When I looked at the uptime when updating the IP it wasnt even at 20 minutes.

gamer3514

So let’s say it was 15 minutes when the ip is fixed, great.

Then there is the time for the vps to reboot, start wings, all that. That is easily another 5-10 Minutes…

You also turn all your nodes off when you do purges, I see no trace of them on your status and that’s alot of down time too.

ANYONE can go compare your status page to your discord status logs, there are many inconsistencies.

gamer3514

I can’t be bothered to argue back and fourth about this. If you argue something with actual proof I’ll respond :0

SuperEvilLuke

I do a purge like once a month, the most amount of downtime is 30 minutes, and yes I cass that as maintenance, because im purging inactive free servers. and rebooting the node after, sounds like maintenance to me. I also give multiple days notice for it, yeah not everything is on the statusd page, since I dont touch it if betetrstack dosent alert it. Im not gonna write a maintenance alert on better stack every purge. All paid servers are up and running when it happens aswell.

xpigeon3796

First of all - Bullshit. You and your little buddy were constantly mentioning how I cannot code and how “pigeons have less than 10 iq” constantly whenever i proved my points about you and your friend sharing the IP with each other to make embotic and paulovm look bad. Oh yeah, don’t worry - I got the evidence right here, too! What makes it pathetic is that you’re trying to make yourself look like you haven’t done anything wrong when you were constantly the one starting all this drama.

“My IP got leaked somehow” you say? Pfft, don’t make me laugh.

What makes this absolutely pathetic is that you had the respected role in embotic, but you just decided to be an asshole towards everyone and constantly shit-talked paulovm.

Shame on you. Grow up and stop pretending to be the victim.

uira

xpigeon3796 seems like this was just targetted at me, not the thread gamer, didnt say anything about the leak since it wasnt confirmed he only said his ip was left in chat and not deleted, while also posting other users ip for viloating your rules which isnt ok. and when i tried asking you about something all you did was say “ aw i dont run it collabvm does” and openly admitted you dont know your way round the code so bassically your hosting something u cant control which isnt ok. so now u get my name out ur fucking mouth

gamer3514

xpigeon3796

xpigeon3796 and your friend sharing the IP with each other to make embotic and paulovm look bad

All i know is my vpn’s ip ended up in your vm’s chat. How he got it I have no clue, you have to ask him.

xpigeon3796 wrong when you were constantly the one starting all this drama.

In the 3 screenshots from discord, you had started the drama…

We were not talking there until you pinged us about it.

Neils

Also Gamer, it’s kinda dumb you leak your own IP, and then try to frame it on us. As you just made it worse for you. You aren’t victim nor are you anything your a sad pile of shit the same for uira. Stop being pussy and accept the fact you both can’t code and try to laugh with others while your both worse. The fact you guys do that because you are jealous of the project is crazy. Stop being childish and get a life.

gamer3514

Neils No where in the post did I blame you for the IP leak, it simply happened at the same time as I was on your site, but I blamed you for your poor handling of the incident. Why would I be jealous of your ability to run an open source project?

Neils

uira We have no power over the source code and the fact only 1 IP was leaked shows you guys just tried to frame XPigeon and the project. You also never showed proper proof that we had backdoors. We try everything to keep the project safe and fun. And stupid people like you and Gamer deserve to be banned. Cus you both don’t know what your talking about.