alt Hacker NewsArchive.today is directing a DDoS attack against my blog?
Comments
It is academically very interesting to think about this in light of their long-standing dispute with Cloudflare (https://community.cloudflare.com/t/archive-is-error-1001/182...) over EDNS, which could have privacy implications attached.
I think no matter how you slice it though, it's unethical and reprehensible to coordinate (even a shoddy) DDoS leveraging your visitors as middlemen. This is effectively coordinating a botnet, and we shouldn't condone this behavior as a community.
This likely means nothing, but the .is webmaster seems to have some sort of existing issue with Finland (where gyrovague is from), see https://news.ycombinator.com/item?id=37011955. I thought I would point it out.
Also, as someone interested in OPSEC and OSINT as a hobby, I find the measures taken by the .is webmaster, especially the dedication to setting up countless fake accounts for each persona, to be very intriguing. I spent about an hour looking into the Nora Puchreiner persona and all the accounts registered to it that I could find. It appears that "Tomas Poder" is another alter-ego used by the .is administrator. Nora also seems to have a sister: "Sara Puchreiner". Again, all very interesting and I can't seem to make a clear picture of the situation.
It's a puzzling situation:
- The DDoS was certainly unethical and unneeded
- Although the blog post only shows an extremely one-sided version of the story by skipping straight to the threats, there are reasons to think that diplomacy has also failed terribly
- The website owner has all eyes of the "thought police" on them, and given the current political situation in Russia, it's more than likely they reside somewhere where it has real power; realistically speaking, who wouldn't be losing it?
- The blog post is preserving information that could aid further investigations even if purged from the original sources, and reveals non-OSINT information in the follow ups
- At the same time, it's, to say the least, hypocritical of the archive.today owner to attempt forcefully taking the original post down, when archive.today itself is an OSINT tool
I don't think there's a way to fairly untangle this mess anymore.
Hence, I'd focus on the possible outcomes: do we want archive.today taken down over this? Who would lose and who would benefit the most from this takedown?
Archive.today does not seem to have worked for people connecting from Finland since mid-January, it just gives an endless captcha loop. Is this related to whatever this drama is?
… seems like we the HN community should find a new site to mirror with.
Why is this flagged?
Given the content, I find this suspicious.
Archive sites are very important for freedom due to many different entities out there attacking sites and getting them taken down.
Unfortunately Archive.today complies with these attack requests in some situations, but is still usually better than others.
Stupid question, but CORS is designed explicitly to defend against this type of side-surf attack. Adding a strict cors policy should fix this, or am I missing something?
My tinfoil guess is archive.today is compromised by a state actor. Simply shutting it down would cause too much drama. Instead turn it into villain, and then take it down.
Regardless, archive.today does fine with some sites that blocks archive.org archiver somehow.
Thank you for keeping this up, whoever you are.
Interestingly, this website exists in badmojr-1Hosts-master-Pro-adblock list
I reported a few times to the owner of archive.is/archive.today that he was hosting dox of a friend and he never cared. So, too fucking bad that he's the one getting doxxed now. A bit of karma.
Why does this say it's been posted 8 hours ago but on hn.algolia.com is archived 2 days ago, also I'm sure I already saw it yesterday.
Temporarily see if you can put the blog behind a cloudflare or something using their DNS service.
Whatever is going on here, is so magnificently complicated: sockpuppeting, doxxing, ddosing, psyops, pirating, FBI, cyberpunk capitalists, Russian hackers and Finnish activists. Somehow it does feel like in the middle of information war.
> Well, I wish I had one, but at this stage I really don’t. The most charitable interpretation would be that the investigative heat is starting to get to the webmaster and they’re lashing out in misguided self-defense.
I don't think they're lashing out in self-defense. This is a harmless way for them to get attention, which is what they're desparate for because the FBI is after them at the behest of Bezos and other billionaires who control the paywalled media and don't like archive.today's role in making them accessible. The only thing that could possibly save them (though it almost certainly won't), is gathering as many eyeballs as possible from the people who like the service. HN having a super high concentration of those. Almost every paywalled post here has an archive.today link in the comments.
That's also why they posted about it on HN, explicitly under that name. To get HN eyeballs.
It's intentionally harmless because, as you confirmed, it's not costing you any money or resources.
[dead]
[flagged]
This is the blog of a guy who for whatever reason is trying to dox the owner of archive.today
It's a shame the DDoS isn't working.
OTOH, this all looks so silly it might as well be the archive.today operator trying to push fake dox on themselves.
I feel bad for the archive.is guy/girl.
It's clear the doxxing attempts are getting closer now to his/her real identity. On the other hand, they do something that's really useful to so many, and it will be sad if it's gone.
gyrovague-com: posted this thread, claims to own the blog
gyrovague: claimed to own the blog in the last thread
rabinovich: posted last thread linking to gyrovague.com, identifying the owner as... well... "Masha Rabinovich"
I believe these accounts are all connected.
previously https://news.ycombinator.com/item?id=46624740