I think no matter how you slice it though, it's unethical and reprehensible to coordinate (even a shoddy) DDoS leveraging your visitors as middlemen. This is effectively coordinating a botnet, and we shouldn't condone this behavior as a community.
I think no matter how you slice it though, it's unethical and reprehensible to coordinate (even a shoddy) DDoS leveraging your visitors as middlemen. This is effectively coordinating a botnet, and we shouldn't condone this behavior as a community.
P.S. Shout-out to dang for dropping the flags. I have a small suspicion that their may be some foul play, given the contents...
I don't think this is true. I run my own recursive DNS resolver, and get a CAPTCHA when visiting archive.today.
Also, as someone interested in OPSEC and OSINT as a hobby, I find the measures taken by the .is webmaster, especially the dedication to setting up countless fake accounts for each persona, to be very intriguing. I spent about an hour looking into the Nora Puchreiner persona and all the accounts registered to it that I could find. It appears that "Tomas Poder" is another alter-ego used by the .is administrator. Nora also seems to have a sister: "Sara Puchreiner". Again, all very interesting and I can't seem to make a clear picture of the situation.
They should probably review existing case around how Finnish courts treat the journalistic exception in the context of citizen's journalism (as he relied on that at least as one of the reasons): https://tuomioistuimet.fi/hovioikeudet/ita-suomenhovioikeus/...
Of course facts are different, but at least two Finnish court seem to require a lot more reasoning from the controller in the context of citizen journalism compared to traditional media when they want to invoke the journalistic exception. No clue which side this would fall into.
- The DDoS was certainly unethical and unneeded
- Although the blog post only shows an extremely one-sided version of the story by skipping straight to the threats, there are reasons to think that diplomacy has also failed terribly
- The website owner has all eyes of the "thought police" on them, and given the current political situation in Russia, it's more than likely they reside somewhere where it has real power; realistically speaking, who wouldn't be losing it?
- The blog post is preserving information that could aid further investigations even if purged from the original sources, and reveals non-OSINT information in the follow ups
- At the same time, it's, to say the least, hypocritical of the archive.today owner to attempt forcefully taking the original post down, when archive.today itself is an OSINT tool
I don't think there's a way to fairly untangle this mess anymore.
Hence, I'd focus on the possible outcomes: do we want archive.today taken down over this? Who would lose and who would benefit the most from this takedown?
As for outcomes, I'm very much a bit player/spectator in this drama, nobody's going to be "taking them down" over DDOSing an obscure nerd blog.
If they do go down, it'll be the FBI or equivalent, and it will be publicly justified as some combination of "protecting the children" (cf. WAAD) and/or copyright violations.
Thanks, I must have missed this.
> [...] nobody's going to be "taking them down" over DDOSing an obscure nerd blog.
> If they do go down, it'll be the FBI or equivalent, and it will be publicly justified as some combination of "protecting the children" (cf. WAAD) and/or copyright violations.
Yes, this is exactly what I fear. That we might be playing into the hands of the greater evil by escalating a small, personal conflict.
I don't think that's on the table. I would say use this as your incentive to support archive.org, who has proven much more accountable. Archive.Today is weaponizing their traffic, and reducing traffic is the best way to deal with it. Vote with your feet.
Internet Archive is a registered non-profit organization. It is more trustworthy and accountable, but it cannot realistically stand against government-imposed censorship. We've seen this unfold before with Twitter and Meta, partly with Telegram.
Archive.today may be similar on the surface, but if you take a closer look, it's actually an underground "evil twin" that has all the right tools to publish information the governments and the largest of companies want silenced.
Ideally, there would be no such information in the first place. However, the reality is that this classification has only been broadened to cover more content since the invention of the Internet, regardless of which political parties are in power. The fact that the owner of Archive.today is chased by the FBI even though the website already blocks archival of the kinds of content all of us would unanimously find disturbing speaks for itself.
But in fact:
1. HN uses a free service that someone else pays for.
2. HN abuses its paywall bypass function, which is not its main function, is not advertised (unlike 12ft).
3. HN creates legal problems for the archive by highlighting and framing the archive as a paywall-circumvention tool first.
4. HN promotes doxing.
Who would be more motivated in reducing traffic here?
archive.today/is/ph is adversarial. It archives things that don't want to be archived. That's why Trump's FBI is trying to unmask it.
[1] https://archive-is.tumblr.com/post/806832066465497088/ladies...
[2] https://archive-is.tumblr.com/post/807369905134518272/the-fi...
Even the post you linked acknowledges this:
>he blocked the entire site in Finland, although later he lifted the block
There's a few publications that don't even do that though and archive.is is very good at bypassing them so I do imagine they use logins for those, but for the masses of sites it's not currently necessary.
Are you doing regular patching? Automated restarts? Watching for security breaches? Or just praying it stays up forever?
Otherwise, respectfully, I would not classify you as a "serious operator." Your site could live or die, and it would be all the same to you. Or, you've handed it to a third party for management and they don't offer much in the way of resilience or stability.
Sorry, but I wasn't. I thought that was clear from "can't afford the cost of keeping up-to-date with the Google IP list".
> They should have a great interest at blocking archive.is
Agreed, and many should have a budget to suit. So I conclude archive.is has put a lot of effort and cost into its defence. And all for free to us, the users.
It just keeps getting banned from the addon catalogs because of complaints from media. The Firefox one was taken down by a french newspaper. So you have to sideload it, which is hard to do on Android.
Edit: it looks like even the github was taken down now: https://github.com/iamadamdev/bypass-paywalls-firefox
But yes it exists. And it works for most sites. It's just hard to get it now.
The first one is money. You need lots of it to run such an operation (servers, IPs, paying to bypass all these paywalls, etc.).
The second one is the legality, as no one wants to be hunted by the FBI, especially not for running a website that is also losing money.
Given the content, I find this suspicious.
Edit: after looking at this more closely, I have a counterintuitive (to me at least) take: I think this is interesting enough to transcend the usual categories. That is, we'd normally downweight this kind of post off the frontpage - but in this case there are so many unusual variables that the usual rules don't apply.
I say this despite having zero clue what's going on here. We do have a nose for what the HN community might find interesting (we'd bloody well better after doing this job for so long), so let's override the flags and see what happens.
But without relitigating WWII please.
I suppose I should add that we prefer archive.org links when they're available, but often they aren't.
Edit: I suppose I should also re-add that we have no knowledge of or opinion about what's going on in the dispute at hand.
Interesting. May we know why?
Maybe it would be better to check /g/ and /pol/ to find out where the flagging army comes from, because that might be more reliable than guessing what is a proxy and what is not? They initiated the doxxing campaign against the author of the article after all.
Just some hints, kid.
@dang are you effing serious? Why are you tolerating users like this guy but then strike me for pointing out that there's a doxxing campaign going on against the author, which the author literally mentions in the linked article?
I'm really disappointed by the moderation double standards here.
Unfortunately Archive.today complies with these attack requests in some situations, but is still usually better than others.
Use Onion version :D
Placing the link for others:
archiveiya74codqgiixo33q62qlrqtkgmcitqx5u2oeqnmn5bpcbiyd.onion
Fingers crossed that it works!
fetch("https://gyrovague.com/?s="+Math.random().toString(36).substring(2,3+Math.random()*8),{ referrerPolicy:"no-referrer",mode:"no-cors" });
But more to the point, so long as the request meets the requirements of a "simple request", CORS won't preflight it. GETs qualify as a simple request so long as no non-CORS-safelisted headers are sent; since the sent headers are attacker-controlled, we can just assume that to be the case. In a non-preflighted request, the CORS "yes, let JS do this" are just on the response headers of the actual request itself.
Since GETs are idempotent, the browser assumes it safe to make the request. CORS could/would be used to deny JS access to the response.
Things are this way b/c there are, essentially, a myriad of other ways to make the same request. E.g.,
<img src="https://gyrovague.com/?s=…">
Thank you for keeping this up, whoever you are.
robots.txt. It is that simple.
The article is also really appreciative of archive.today. It doesn't feel like a hit piece at all.
> they were all already posted publicly previously
Doxing very often consists of nothing more than collecting data from a bunch of public sources
I simply don't agree that this looks like doxing. No addresses or even any private information were reported. It's just a Google using WhoIs data and, in one case, the person said, in a public forum, that archive.is is "my website." Why would they have said that if they were worried about people finding out who it belongs to?
If they'd have stumbled upon an address to a private residence and reported that, sure, that would look like doxing. I just don't see it here.
I don't think they're lashing out in self-defense. This is a harmless way for them to get attention, which is what they're desparate for because the FBI is after them at the behest of Bezos and other billionaires who control the paywalled media and don't like archive.today's role in making them accessible. The only thing that could possibly save them (though it almost certainly won't), is gathering as many eyeballs as possible from the people who like the service. HN having a super high concentration of those. Almost every paywalled post here has an archive.today link in the comments.
That's also why they posted about it on HN, explicitly under that name. To get HN eyeballs.
It's intentionally harmless because, as you confirmed, it's not costing you any money or resources.
We know that the impact from that time is far from worked through, but to the extent it shows up here, commenters should make the effort not to fall back into war mode.
You're welcome on HN, and so are the users you disagree with—but you all (i.e. we all) need to stay within the site guidelines when discussing tough stuff. These include: "Comments should get more thoughtful and substantive, not less, as a topic gets more divisive." - https://news.ycombinator.com/newsguidelines.html
p.s. This comment is not just for the user I'm replying to but everyone else who's expressing strong feelings below. It's amazing, and totally human, how alive these feelings are after 80+ years, but at the same time, 80+ years of distance should give us the ability to relate to each other a little bit better than our grandfathers and great-grandfathers were able to.
I wonder, why on earth would Finland have any hostility towards the USSR in 1941? It beggars belief!
You might also want to read your own link:
https://en.wikipedia.org/wiki/Siege_of_Leningrad#Finnish_par...
Can you clear up the confusion as to whether or not the earlier user named 'gyrovague' is operated by you as well? (There was some suspicion on the earlier thread that it might not be you.)
https://en.wikipedia.org/wiki/History_of_the_Jews_in_Finland...
https://journal.fi/haik/article/view/139103/86888
Yes, sure, Finland had it's own complicated reasons for behaving the way it did. There's however no serious dispute about whether or not Finnish collaboration in the holocaust happened.
From Wikipedia
> Interim peace > ... > Defensive arrangements were attempted with Sweden and the United Kingdom, but the political and military situation in the context of the Second World War rendered these efforts fruitless. Finland then turned to Nazi Germany for military aid.
What gyrovague is doing here is obviously despicable.
It's also not clear to me who is attacking who here.
Now the owner of archive.today is attempting a rather lazy DoS attack against gyrovague.com. A rather mild response to gyrovague attempting to bring the archive.today owner physical harm by spreading potentially identifying information about them.
There's really very little to be said about this whole thing besides that Gyrovague should try to be a less awful person in the future.
This statement makes me think you're misunderstanding the person above you.
They're saying this blog author, gyrovague, is doxing¹ Archive.is. I am wondering if you are misreading that as DoSing. To "dox" is to reveal the identity of, typically for purposes of harassment. To "DoS" is to spam with requests. Archive.is is not being spammed with requests, nor do I see anyone here suggesting they are except here: "resources and ASN's … mitigate anything anyone can throw at them" … that seems to indicate you're (mis)reading it as "DoS"?
(I.e., gyrovague is doxing the Archive.today owner¹. Archive.today is, in return, DoSing gyrovague.)
(¹I'm not trying to comment on whether that term is being appropriately applied here, or not.)
> Archive.is has more money, resources and ASN's than Akamai
I assume this is a joke, but Archive.is is a shoestring operation funded through donations.
I am certain they would like people to think that. They have more IPv4 addresses under more ASN's than Akamai control which anyone who has tried to block them would know. Their controlling ASN's are in the Russian Federation which they make no attempt to hide at least for now and why I must assume they are fine with people discussing it. The GDP of the Russian Federation is somewhere north of 2 trillion dollars. Their nodes both in Russia and spread all around the world would not be permitted by Russia to mirror random sites without authorization to do so. One in or from Russia would not defy Russian leadership for very long.
> Their nodes both in Russia and spread all around the world would not be permitted by Russia to mirror random sites without authorization to do so.
This is simply not true. You can absolutely run a website like this in Russia without any authorization. Who would you even ask? The whole idea is bizarre.
Citation needed.
It's clear the doxxing attempts are getting closer now to his/her real identity. On the other hand, they do something that's really useful to so many, and it will be sad if it's gone.
gyrovague: claimed to own the blog in the last thread
rabinovich: posted last thread linking to gyrovague.com, identifying the owner as... well... "Masha Rabinovich"
I believe these accounts are all connected.
I have nothing to do with "rabinovich" but I also have no way of proving a negative.
<https://gyrovague.com/2026/02/01/archive-today-is-directing-...>
This thing is blurry, shady and I hope it will draw some more OSINT eyes on it. I am now curious.
also Archive.today: on the trail of mysterious guerrilla archivists of the Internet - https://news.ycombinator.com/item?id=37009598 August 2023
I wonder, is the newer gyrovague-com account because they lost the login for the old one? or was the old one a different person? Hopefully they can clarify, because if there's an account pretending to be them that makes this story even more confusingly weird.
>And I will not write "an OSINT investigation" on your Nazi grandfather, will not vibecode a gyrovague.gay dating app, etc
this guy means business lol
https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu...
It is very possible that `gyrovague` is not `japatokal` but an impersonator.
I cannot make head or tail of this but it's more fascinating than the usual internecine bloodbath.