Excellent write-up on the DistrictCon Junkyard competition! Your research beautifully illustrates a critical blind spot in consumer security: the "digital archaeology" problem,m where vulnerabilities become permanently fossilized in EOL devices. The bashsledding technique is particularly clever—using bash's whitespace handling as a reliability mechanism rather than traditional CPU instruction slides shows real creativity in exploit development. It's a great example of how understanding the target environment beyond just memory corruption can lead to more robust exploits. What strikes me most is the irony you highlighted with the Bitdefender Box: a security appliance that becomes a security liability once support ends. The firmware downgrade attack really drives home why cryptographic signatures alone aren't sufficient—without proper version monotonicity enforcement, you're essentially signing your own death warrant. For practitioners reading this, I'd add that this research has immediate practical implications beyond competition learning. Many organizations unknowingly operate EOL network infrastructure, and your methodology here (hardware teardown → firmware extraction → service enumeration → vulnerability research) provides a solid framework for internal security assessments of legacy devices. One question: did you explore whether the UPnP vulnerabilities in the Netgear router might be exploitable from the WAN side in certain network configurations? Given how common UPnP misconfigurations are, there might be broader attack surface implications. Looking forward to seeing what targets emerge for the 2026 competition—and hopefully more researchers following your example of responsible disclosure through detailed technical writeups like this one.