Just in terms of privacy, it's worth noting that anyone who has uploaded something on IA already has their email address publicly viewable.
This isn't something that commonly known (even judging by comments here) but in the publicly viewable metadata of every upload it contains the uploader's IA account email address. So from a security perspective it's bad but from a privacy perspective a lot of users probably weren't aware of this detail if they've uploaded anything.
This raises an interesting question: should email addresses be private? Addresses of buildings aren't private, and they're somewhat analogous as with many computing concepts. (Aside: Before spam filters were quite good, it was typical to avoid scraping of addresses by mild obfuscation, but I think those days are gone, and this is distinct from privacy anyway.)
If someone wants to upload and never be found out, then they need to use a throwaway address in any case, lest they be providing their "private" address to the administrators of the service without explicitly forbidding further disclosure. If I say something to Alice without demanding that Alice keep it from Bob, then I implicitly don't mind if Alice tells Bob what I said.
Whether the email is considered private or not is completely orthogonal to whether you are allowed / should tie an action to your email. And then again completely orthogonal whether you can/should make that connection public.
Even if your email is public information and even if what is uploaded is public information that doesn't imply that the email address behind the account that uploaded that information should be public.
The same exact thing goes for physical addresses too. The fact that I live at my address is public knowledge. But the presence of my address in any particular database, mailing list, etc. is not and should not be public knowledge.
i agree. if "user contacting another user" is a feature, there should be the option to (optionally) supply a different email address than your account email or use an online form that keeps your account email hidden.
There is software which is intended to e.g. locate the GitHub profiles of people working at companies, then scrape all public repositories they've contributed to for their email address and the emails of their coworkers - to enable targeted advertising to those individuals. Very common in enterprise sales.
With ChatGPT, this can be extended to create emails that look very personal - as if someone has followed all of your work and is genuinely interested in what you are up to - with extremely low effort. And people are already doing this, I already get emails like this today.
Should emails be private? I don't know - I personally consider them to be public because I know for a fact mine will eventually be public whether I like it or not. But I am aware AI is out their slurping up every public communication I've ever had, and is likely trying to manipulate me in various ways already today.
This was a problem already before the generative AI era, it just got less expensive. The only way to reduce it is to have two work addresses: one that you rarely check and is exposed to the public, listed on your profile etc., and the real internal one just to get the work done.
Quantity is a quality. Add that the AI can profile you and do a decent job spear phishing and you're talking about a sea change.
>and the real internal one
“Three can keep a secret, if two of them are dead.”
There is no such thing as an 'internal' email you communicate to other people outside your company with. It's just an email address. Someone at some point will leak it by accident or malice.
> There is no such thing as an 'internal' email you communicate to other people outside your company with. It's just an email address. Someone at some point will leak it by accident or malice.
Sure, so personally I never use it to communicate with people outside. Also, I make sure it's never used to register with external licenses like Docker Desktop etc. as they subscribe me to their spamlist and send the usual semi-personalized messages - but as far as I can tell most of these bigger companies don't sell them outside (for a good reason). Startups, however, will do what they want and will make sure to squeeze the last drop from the info that such-and-such person works and that company and does X.
About AI slurping all information. I bet one of the first ideas organisations that spy on population had when the recent AI boom happened was: How about we just train our AI on all the intercepted data and just ask it? Is John Smith a terrorist (for our definition of terrorist)? And the AI would reply: Yes he it, he searched on Google where to buy these ingredients that can be used to make explosives. So then they go and figure out some way to "legally" arrest the guy and obtain more private info. It looks like the guy was buying the stuff because he's got a plot of land to fertilise and an old car to paint. So they ask the AI again. You said John Smith is a terrorist! And the AI would answer. I'm really sorry, I'm doing my best and I'll endeavour to do better in future. After this the agents ask for another billion $ because clearly they need more VRAM.
Personally I've been using an email aliasing service (simplelogin) and try to use a different alias for every purpose. I don't use it for my git commits but I find that email aliasing services are something to look into not just for privacy concerns but also spam mitigation
>With ChatGPT, this can be extended to create emails that look very personal - as if someone has followed all of your work and is genuinely interested in what you are up to - with extremely low effort. And people are already doing this, I already get emails like this today.
shit, now i don't feel like sending e-mails to people i'm actually interested in
> This raises an interesting question: should email addresses be private? Addresses of buildings aren't private, and they're somewhat analogous as with many computing concepts.
There are several ways to look at that.
The organization that I work for considers anything that ties two pieces of information about a person together as private information. That is to say that a person's name is not private and a phone number is not private, but connecting a phone number to a name is private. In one form or another, an email is frequently tied to a name (e.g. the email address is based on their name, or an account record includes both a name and an email address).
Another way is to consider how accessible the information is. There was a lot of information that was not considered as private prior to the widespread adoption of the internet. One issue that I remember popping up in the early 1990's involved property (i.e. land) records. Historically, people had to go to a government office to access them but they were publicly available. Since they were publicly available, some governments made them available online. Once they were available online, the barriers to access were removed (e.g. having to physically visit an office) and the ability to abuse that information was vastly increased. All of a sudden, people started considering something that used to be considered as public information as private information.
An issue is for most sites/services an email has just become a standard authentication method, rather than something that can easily be more unique per account. So any usernames across sites/services that share it identify that user as being the same person (for data broker profiling, doxxing, etc), which is the privacy issue (not the email address per se, unless it perhaps contained one's real name).
For contrast truly unique email aliases for example aren't possible on common services like free Gmail*, only things like self-hosting/certain paid email hosts, which makes less feasible for many. So from a privacy perspective while in an ideal world everyone would be able to freely create entirely unique per-account creds we're mostly stuck with the email implementation.
* One could create entirely separate accounts but it's high friction and IIRC the same phone number (now a requirement) can only be used for 2-3 accounts.
Proton Mail and iCloud’s hide my e-mail feature allow users to have unlimited e-mail addresses. You can also get unlimited e-mail addresses by running your own e-mail server or using something like Office 365’s business e-mail (costs about $4 per month).
is running your own e mail server a good idea in 2024? Security issues aside, you are at the mercy of the big email providers and whatever rules they want you to follow
For e-mail addresses as an authentication tool, you don't really need to be able to send emails at all, just receive them, and I think that is pretty feasible to not run afoul of the usual shenanigans.
I think the cost of paying for a dedicated email service is worth it. (There are plenty of smaller, privacy-oriented services such as Proton Mail or Fast Mail.)
They're better at it than I am, and it means I don't have to fill up my free time maintaining another server.
> One could create entirely separate accounts but it's high friction and IIRC the
> same phone number (now a requirement) can only be used for 2-3 accounts.
I've wondered about this. Every Android/ChromeOS device I've ever bought, I had a new Google account created for it (during setup, instead of using an existing account), and only a few actually had phone numbers (I don't generally use smartphones for telephony). Is "Google account" synonymous with "GMail account" these days?
I've had this idea for an experiment where I get such a device (without a simcard), and see how many times I can iterate the Initialize-Device-With-New-Google-Acct-PowerWash-Repeat cycle, and how many Gmail accounts I would have as a result.
(For both Android and ChromeOS) I thought it would be significantly easier to let it use a Google account, than it would be to make it proceed without one. Was I wrong? Serious question.
Links to information would be appreciated, even/especially if it's a complex task to do this.
(I never put a lot of effort into this, because having the Google account be anonymous/fake-named was generally tolerable for my privacy standards)
The search worked for me to find a single app I needed when I was setting up a single-use tablet recently, but I haven't used it hugely beyond that. YMMV
> This raises an interesting question: should email addresses be private?
I sadly don't think that's viable.
What might be, in our current world, would be having a mail server/client setup where you can generate random addresses for yourself like Wf1JJUBHLu@domain.com and never re-use an e-mail address, much like with passwords, while being able to see all of the incoming mail in the same place and respond with the corresponding accounts.
Then, when your address gets traded around, it'd be fairly obvious (with some basic bookkeeping, e.g. a text field with purpose/URL for why a certain address was created) who is to blame for it and blocking incoming traffic from somewhere would be trivial as well.
I do have a self-hosted mail server and there are commands to create new accounts pretty easily, I'd just need to figure out the configuration for collecting everything in one place, as well as maybe make a web UI for automating some of the bits. I wonder if there are any off the shelf solutions for this out there.
I also have my own mailserver and I don't create new accounts, I have a wildcard filter that drops all emails that come to my domain in my inbox. This is of course only viable when you are the only person using the domain, but I just sign up with a new mail address every time I sign up, for example my hackernews account would be hackernews-acc@xx.com That way I have a clear differentiator for every domain.
I do something similar except that I do not allow wildcard reception - I create unique service-identifying user@ for each service I give an address to, and have a simple script that immediately adds that to the Postfix virtual table.
That way the SMTP server can reject all unknown user@ without accepting them in the first place - preventing spamming and some types of denial of service through resource starvation.
I also apply greylist based on a unique tuple (From, To, client IP address) so on first connection with that tuple valid SMTP clients need to re-deliver the email after a waiting period. Any subsequent delivers are accepted immediately.
That's a pretty cool approach! I'd only be worried about the risk of leaking the main account address when responding to anything, but it's probably doable with a bit of research, like Postfix catch-all setups seem straightforward enough.
FWIW that should just be a matter of using the right configuration and mail client. With Fastmail for example I get to use a catch-all setup with my domain, and respond to whatever email it was sent to.
And the other way around as well. Send an email from an arbitrary <whatever>@domain email address.
This is true for someone manually searching for your info, but sufficient to fool spam lists and most data brokers. This really depends on your threat scenario.
> This raises an interesting question: should email addresses be private?
Yes and no. Both of them. As any powerful tool, email is going to be abused, like any other alternative would be when it will come one day.
Those services allowing creation of dynamic email addresses do their job (until they're banned, that's why I'm not mentioning them), however using them isn't automatic and most people don't even know about their existence. What if we then did upgrade email protocols to reflect current needs wrt privacy and modified existing mail servers so that they could create dynamic addresses when asked by a simple flag?
Example: I want to subscribe to a service from company XYZ, however I'm not sure how much I can trust them, therefore, when writing an email or filling a web form I can activate the option to create a new address that is tied to the recipient I'll be writing to, and will work as a dedicated proxy for my real address, that is, every mail I send to the recipient using my real address will be actually sent from the new dynamic address, then all replies to the dynamic address will be routed to my real one, but a field in its headers will always contain either a memo by me (example: "signup with XYZ") or the original recipient (example: "info@xyz_trustuswerenotspammers_yeahsure.com"). This way one can immediately spot whoever sold their address to others and blacklist them.
As said, those services work well but not being built in into mail servers and clients their adoption is quite restricted. I don't see why that function shouldn't be embedded in a new upgraded email protocol as the modification would neither be that hard nor consume any serious resource. I would however expect heavy resistance against the adoption, of course.
I think it just needs to be communicated. Some websites allow login only by login name and not by email, some people have identifying last name, others hardly identifying full name and whatnot. There's no universal or universally agreed answer to that, so it needs to be said whether your service _consider_ it public information or not.
It should, mainly because an email is not just an email, it's a channel to reach otu to you, your internet address. And we know how that is going in your inbox.
This raises an interesting question: should email addresses be private?
GDPR is clear on this and there have been significant fines for revealing email addresses against the will of their owners (e.g. using cc instead of bcc). Not saying this is the ultimate wisdom, just a data point to consider.
By itself or linked to other data?
Afaik PII is usually a set of linked data. As in common name and surname are not PII. Together with age, they can be.
I dunno. Should your personal phone number be private? Or your home address? Would you be okay if I knew it and shared it with a stranger? Or would you rather be asked permission to share it first?
Seems pretty cut and dry to me. Yeah, there's going to be someone out there (there always is) who doesn't care, but I'd wager the majority would be pretty ticked off if you gave those pieces of information out to a rando on the street.
None of that information is actually private though. Your home address and personal phone number are likely in the public record for any number of reasons, such as ownership records or court filings. Or maybe a Facebook post from 2009 that your mom made. Unless you're one of the 0.00001% of people who do things like rotate your phone number and address annually, it's out there somewhere.
But public vs private is a spectrum, not a binary true/false. My phone number is public because I get sales calls from various companies to it. It's annoying, but bearable. But there's a big gap between that and the New York Times putting my name, number and picture on the front page.
So your home address and phone number aren't private. But they're also not readily accessible unless someone is really dedicated to finding them, so they're not quite public either.
There are plenty of countries where all that is public information, back in the day there even used to be a phone book with .. name, phone number, and address. And many countries have this now in digital form.
An email (or phone number, or address) is an identifier. Asking whether this identifier is public or private misses the important thing, which is the action that can be paird with the identifier.
So therefore, there's no universal answer to whether the identifier should be public or private. It's a case by case basis, when paired with an action.
For example, i don't want a shop to see me buying condoms, so shops shouldn't get my email address (or phone number).
Interestingly, public U.S. state property records will just disclose where you live whether you like it or not. With as little as your name, a home address is trivial to find.
If I published a list of all name and addresses, that's still different than "here is harywikle's full name and address". I imagine you wouldn't be too pleased?
That's the issue I take with the "phonebook" defense. It justifies doxing people by collecting and connecting publicly available information online. All the information is out there, it's all on a phone book, your email was published online, and so on, but the end result is clearly bad so something in the process should be handled more carefully.
And they contained data of which people allowed disclosure. When you did not want your information to be published, you informed the telephony provider and the phonebooks would not include it.
For a fee. In Australia at least it cost money not to be listed in the phone book.
Numbers were however tied to a property rather than individual personal phones in our pockets. When you think about it, mobile phone technology arrived quickly and caught everyone by surprise. Back in the 80s very few people thought we'd be carrying around "pocket TV phones" in such a short time.
It's not just uploads but any item that uses the email address as a unique user identifier (I'm not technical enough to explain this clearer but [1]).
An email address will be part of the xml in his uploads but also in his profile, which anyone can access by simply changing the url from https://archive.org/details/@foobar to https://archive.org/download/foobar. So, in essence, one just needs to have a registered account, independeltly any uploads made.
> Theoretically, someone could scrape the pages and compile a list of exposed email addresses.
I laughed. Oh no! Anyways…
The people interested in identity theft are probably too busy figuring out what to do with all the SSNs they stole (not from this breach, but from the annual catastrophic breach of a credit bureau or government repository).
And the people who want your email probably already got it from one of the hundreds of other services you have to create an account for now.
I’m not really sure if there are circumstances where donating to the internet archive could be held against you and lead to persecution. Maybe in certain Luddite communities? The Amish? But then, how would they know…
One solution is to use a unique email address for every website, and change the address if the site gets compromised (with the old address getting added to a spam filter).
I have always thought about this. It would be interesting to have users actually store small amounts of redundant info on a device connected to the internet. Very similarly to what a torrent does but with more peers (more data shards than full copies) and less seeds. And try and keep a huge database for everyone. Obviously open source and it would end up something like tor where they just assist the network with security patches but they don’t actually have any real “control” (admin dashboard control) over the network at large. We already do something smaller but like that with website static file caching, but at much smaller scale. Obviously security implications of this would be very hard but maybe not impossible to overcome. ipfs comes close but it again does more seeds then peers.
if anyone knows something like what I'm suggesting, I'd love to hear about it!
IIRC there were a few storage based projects that popped up using alt coins to encourage people to offer excess storage space for other randos on there internet. The possibility you might be storing illegal content might have been what killed it/them.
Anything would be better than the current system where you basically just have one source.
Independently ran mirrors all over the world, along with snapshots.
Have the occasional fork or two. Say your from a small town in Northern Illinois. If you have 2 TB of image archives from a defunct local newspaper, it might be good for photography forks even if it wouldn't make sense for the main archive.
I believe that it would be possible to cost effectively build and implement an architecture for a distributed IA backup—this comment entails some notes.
The system that asks volunteers about their age, sex, location, and storage format details (the model, past use etc. can be used to predict the durability of a single storage) without sharing most of this data anywhere.
The downloaders are then algorithmically allocated pieces of the archive. Exampli gratia such that there is at least limited amount of overlap between the pieces, and two people same country won't provide redunancy for each other.
When a downloader verifies that they have completed the download by giving (unique, to prevent fake-download sabotage) SHA hashes of the data, the information that these pieces have been downloaded in this or that country, plus an estimate of the reliability of the storage, is added to a public database, for the algorithm to use in the future.
Every downloader is then generated a public and private key so that they can give the hash of their download again once in a while or just verify that the piece is still there. The reliability estimates (based on storage / hardware details) would be empirically calibrated based on the data about the actual storage failures.
A public counter, estimating how well the archive is currently backed up via this scheme, could be displayed.
For copyright issues, it would be possible to encrypt some of the data, e.g. such that normally borrowable items become readable files only when X% of downloads are pieced together.
The scheme would be primarily based on existing designs and algorithms but work roughly as depicted above. I am not an expert of what compression, hashing and other algorithms should be used, and it needs lots of good work, to determine how to avoid errors in the scientific part of estimating the reliability of the downloads—and generally a situation where it would turn out that lots of data was lost when attempting to put the pieces back together again.
Remark (engineering): To empirically validate the correctness of the software of the backup architecure by testing it on grids of real hard drives in single places will probably give safety against catastrophic failure. Even better would be to obtain large amount of old hard drives and SSDs kept in a single place for a long time, to validate that the software works over time.
Remark (integrity): That a downloader actually has the downloads can be verified efficiently by IA server adding small part to the piece the downloader has, hashing it again, and requesting the new hash.
Remark (redunancy): It may be possible to develop a social program that analyzes whether a volunteer in certain place can provide more redunancy by buying themselves a hard drive or by supporting the acquisition of hard drives for volunteers who have proved themselves realiable elsewhere. This is speculative and the benefit may be lower than the risks.
Finally, instead of "public database" it may be much more optimal to decide to use a blockchain of some sort. Not a cryptocurrency, but a blockchain. This is because if the idea is to distribute copies over the world to ensure continguency in case of IA main architecture collapse, then the more parts of the distributed backup architecture (which must actually not be "the backup architecture" but "a scheme", that no everyday IA decisions rely upon, and that just exists out there) are on a blockchain network run by a "decentralized" system, the more reliable it will be.
My heuristic plausibility analysis:
0. IA backup would not need to be constantly accessed or changed (this makes storage easier, cheaper and prolongs the maximun age of the storage)
1. Not all IA has to be backed up: a distrobuted backup that successfully recovers 10% of IA in a catastrophe is by all means a great success (consequently priorization of what might / should be stored should probably be part of the algorithm that decides what volunteers download; and what existing "big" archives already store that overlaps with IA should be taken into account in this analysis)
2. I recall you estimated 30-40 M USD ballparks for a single copy: a properly led open source project may be able to develop this for free, and fairly compensated one could be ~ 0.1% to 1% of the cost.
3. The Sia network https://siascan.com/ has space for 7PB; and it's for storage where one can download their own files at any time; and they have had very little publicity.
4. 2TB hard drive costs 50-100 USD and 20PB would be 10 000 humans buying one 2TB hard drive which by itself is possible. Hobbyists and organizations may be able to provide even larger capacities.
5. Most IT projects fail, but since lots of technology already exists and in this we know what we are doing and IA might be able to recruit above talent we can conservatively, give conservatively 50% chance the groundwork development to succeed, or 45% without funding.
6. If the develoment succeeds, then there may already be around ~ 100 potential volunteers. I estimated that 0.1% IA visitors may volunteer, plus 1% from Hacker News traffick were to project to be mentioned there, plus growth over first few years and traffick from elsewhere. Perhaps 75% chance to get 10% of IA backed up by volunteers, given development succeeds.
7. If that much is backed up, there is perhaps 5% of attaining 200 TB in next few decades.
Conservatively, given that open-source development starts, one gets apprx. 33% - 38% chance that 10% backup is achieved & apprx. 1-2% that 100% of what is now in the IA, could be backed up. These are of course rather meaningless numbers, but the fact seems that in the lack of funding to build a complete backup IA can best guarantee continguency by starting to build a distributed one. Perhaps this was needlessly lots of words for a simple proposal.
- X
---
Note: It's probable that at least the NSA has a private full IA backup.
This is why BitTorrent and other P2P solutions were invented, but alas:
A. The RIAA, MPAA, and ESA have given these technologies a terrible reputation.
B. Nobody likes to seed. Some kind of seeding-based crypto would have been a great incentive if cryptocurrency wasn't also demonized by now.
Part of the reason people don't/didn't like seeding is that many residential lines are so terribly asymmetric. If you had 100down/5up, seeding your torrent at a useful speed was often enough to degrade your connection into unusability.
It's called torrent protocol and it doesn't work, no one wants to spend money and bandwidth hosting a god forsaken movie or book that only a handful of people care about.
Not much money and bandwidth if you aren't on a metered connection. You can share tens of gigabytes or more on a cheap read only flash plugged into into a $25 single board computer that draws way less than a full PC and can be left sitting there near the router. Just limit its bandwidth on the torrent client and you won't even notice it during online gaming. The client can be as small as the Transmission daemon running headless on one of the many Debian based embedded distros: all control through either the web interface or from its client: no monitor, mouse, keyboard etc. just a small cheap box.
I see 24 seeders for the entire 72-episode run of the 1991 sitcom "Herman's Head" which was so poorly rated that it's never seen a home media or streaming release, your premise doesn't hold any water at all.
People are pirating comic books and cookbooks from the 30s; there are a lot of people in this world, if something goes on the web and you tell everyone you put it there, it's pretty much preserved. It's only law enforcement that kills free availability of everything all the time online, for better or for worse.
With copyright, as individuals we get to trade all of the wonderful stuff already made (and long paid for) for the flood of minute-old shit and sludge inundating us online constantly. It's a bad trade. Maybe copyright should stop encouraging creativity; the answer to how "artists" would get paid post-copyright might be "who cares, quit if you want."
We already have Herman's Head, we don't need any more crap.
I never thought about UBI and copyright - but as soon as you say that, it is immediately obvious to me that when we have some kind of UBI, copyright should be dramatically reduced.
> With copyright, as individuals we get to trade all of the wonderful stuff already made (and long paid for) for the flood of minute-old shit and sludge inundating us online constantly.
What does this have to do with copyright? People post sludge online even in chaotic meme environments where copyright is irrelevant and people constantly take and repost each others' stuff.
It does work, when you don't notice it. We need sane limits and permanent seeders. This is why so many regular people get hit with ISP notices, they don't know they've seeded Captain America for the last six months every time they started their PC.
Yup. If browsers built in support for magnet links and (on desktop) defaulted to seeding with some capped bandwidth then a lot of centralized hosting platforms would become unnecessary.
You can build something very similar with WebRTC. Browsers already have P2P networking capability, it's just not immediately interoperable with BitTorrent clients. Standardizing some sort of BitTorrent over WebRTC bridge and adding it to BT clients would fix this problem.
That being said, please do not host content this way. P2P blows away the already thin privacy guarantees that the web provides. Anyone seeding the site gets the IP addresses of everyone on that site, and can trivially correlate that with other sites to build detailed dossiers on, if not individual people, at least households[0] of people. After all, that's how the MAFIAA[1] sent your ISP DMCA scare letters back in the 2000s P2P wars.
[0] IPv4 CGNAT would frustrate this level of tracking, but IPv6 is still subnet per subscriber. Note that you can't use individual v6 addresses because we realized very early on that the whole "put the MAC in the lower 64 bits of the address" thing was also a privacy nightmare, so IPv6 hosts rotate addresses every hour or so.
[1] Music And Film Industry Association of America, a ficticious merger of the MPAA and RIAA in a hoax article
I hadn't considered the privacy implications. For this to be workable, you'd need to pair it with near-ubiquitous use of some anonymizing overlay network.
I've been seeding some unpopular torrents for ten years (would have done for even longer if I did not change the torrent client a decade ago). "No one" is too strong a word, as usual with these absolutist things.
Agree, shouldn't have said no one. But you got to recognize that some torrent are most popular than other.
I would have absolutely no trouble downloading the latest marvel movie but if you are looking for some old Soviet movie, Iranian movie or even old American movie then you're in bad luck. I've never seen more than 0 seeder on thepiratebay.
I keep wanting to do this for old sites, make like a personal mini IA. Besides just using wget or curl, any tips for pulling down useable complete websites from IA?
> the Have I Been Pwned data breach notification service created by Troy Hunt, with whom threat actors commonly share stolen data to be added to the service
This. Typically HIBP attribution includes the email of the "submitter". Various data aggregators will contact them and buy the stolen data. Everybody wins*.
Doesn't the value drop dramatically if it has already been shared with Troy and the HIBP database? Or is there a time frame where it has been authenticated by Troy but not yet added to the database?
Many hackers will remove addresses that are obviously unique, including tags, to keep silent which database has been hacked, but it seems inconsistent.
I have checked and known my address was in a hack and it isn't there, while other times it is there. I also wonder if they start filtering out by domain, as they see a domain across multiple databases with unique addresses in each database exactly one time.
Yes, without exception. I want to know who is leaking/selling my address, and usually stop doing business with those who do. It also makes filtering really easy. People sometimes have strange reactions when I verbally give them an email address with their company name in it, especially when I'm a new customer.
All you need is a domain and an email provider that allows catch-all addresses, both of which are easy and cheap.
I always see people claiming they use this strategy, but I never ever ever see people blaming services saying "this and this company sold my data to spammers". Where are the name-and-shame people? Have you ever caught anybody doing anything?
It's hard to distinguish between leaking and selling, but I think leaking is much more common. Dropbox famously leaked a lot of emails in ~2012, including mine - I was never a paying customer and that put me off becoming one or using them (to this day most spam sent to my domain is to that Dropbox address). Two local PC parts companies leaked or sold my email. I confronted one about it and they claimed they hadn't had a data breach, so either they sold it, or they were too incompetent to know they'd been hacked, or they lied - I suspect incompetence but whatever happened they lost my business. A couple more incidents long ago too.
Real estate agents can be pretty aggressive with emailing, but IME respect unsubscribes and don't seem to share/leak emails. I kind of wish I'd used an address per agent instead of per company to see what was happening better.
Non-company uses can also reveal issues. I had an address scraped from a flatmate finding site, and one apparently lifted from a relative's contact list somehow (I only have one I use for family, so that was a concern, but spam to it petered out quickly).
Yes, I was one time suddebly getting whine ads on an E-Mail for a service I signed up. I contacted the service (rather unfriendly) and they apologized and the unwanted E-Mails stopped.
It's a separate address that can have its own mailbox if need be, but unless you want to keep meticulous records on the go, and refer to them constantly, some sort of pattern is required.
Yeah we run this on our own Proton Mail whitelabel, and for a few customers who have us manage it, mostly for the filtering aspect, and the occasional customer who has the wrong/mis-spelled address in their system and won't change it.
Same here, only issue I’ve ever had was when my email address had the name of the company in it in the format of spamlklcompanyname@domain.com
CS people are sometimes confused by that and I’ve been accused of attempting to hack them by a small shop online because of my email.
Major SMTP provider refused my email address as login because of this. Luckily my moaning eventually made its way to one of their developers who fixed it.
You can't sign up for a Samsung account with the name Samsung anywhere in your e-mail address. Aliexpress another offender. There my email is just spam@domain.
2. Buy a /24 ipv4 block with good reputation (maybe like $10k)
3. Get a rack in a nearby datacenter, rack up a BGP-capable router and your servers for redundancy to run email. Takes about $30k initial setup costs if you buy all new, and about $5k initial setup costs if you cut corners and buy used. It'll be $2k/mo after that, so less than the cost of 1 $100 avocado toast per day, quite affordable.
4. Setup your mailserver of choice, such as dovecot + postfix. Enable either a catch-all address, or use recipient_delimiters. The former means "anything@domain.com" works, and the latter means "user-anything@domain.com" works (assuming your recipiient_delimiters are '-'). I recommend using a real catchall.
5. Setup your spam setup, this is the hardest part. I have no guidance here.
6. Point your DNS over, setup SPF and DKIM records, test, and off you go! This should all take about 1 to 3 days if you know what you're doing.
7. Find out that some email will go to spam anyway because you're not using one of the big 4 email providers, but it can't be helped, and anyway no one uses email anymore.
And after that, for less than $30k/year, you have email with catchall or subadressing support. Nice and easy.
Then, after you do this, you can simply give internet archive the email address "internet-archive@mydomain.com", or generate a random string. If you forget the email you used, you can search your email history for the first email they sent you, and check the To field.
This is hacker news, we're all either founders who have 2 billion dollars in (illiquid) stock options, or FAANG employees making 600k/year, what else are we going to do if we want email?
Sure, you could pay fastmail $40/year for this, but that's not really the hacker news spirit, and no one on this site knows how to count as low as $40.
The real justifications you can give yourself:
Shared VPS hosting pretty much all bans email, AWS, DO, etc all have ToS that say "no email" as anti-spam measures.
Shared IP space will go straight to spam due to people having spammed on it in the past. Buy a /24 to ensure you don't go straight to spam.
Rackspace ensures you actually own your email, at least moreso than with other shared hosting, and owning your email is important.
> Shared IP space will go straight to spam due to people having spammed on it in the past. Buy a /24 to ensure you don't go straight to spam.
I have had no problems with deliverability to Google from an IP on a shared block. I don't send marketing mails or any other kind of spam though. Microsoft blocks my IP but they are too small (outside businesses) for me to care to give them special snowflake treatment.
Deliverability of your own mails is also irrelevant for the original discussion about using unique email addresses for signing up to services - you don't need to be able to send at all for that.
For the “least painful” self-hosted email setup, you can’t be hosting on an IP in a subnet that’s ever sent spam, if you want to avoid being blackholed occasionally. This means you can’t have an IP allocated to you by a hosting provider, or a residential ISP, or a “business” ISP, or any cloud provider. That leaves very few options.
Note that I am speaking from personal experience here. I have been self-hosting email for over a decade, from the same IP, with (roughly) the same DNS records. Occasionally, for no reason, I will end up on the global spam list for Gmail, Outlook, or iCloud - never more than one at the same time, and never with a discernible reason. The best I can figure is that the IP is allocated to me by a hosting provider that occasionally sends out spam from its subnet (aka any hosting provider that doesn’t block smtp). I have also tried self-hosting a different mail server from a variety of residential IPs in different cities and countries, and ran into the same problem.
Not sure if mobile carriers would allow the required ports to be routed, and the connection is usually behind CGNAT, so you can't accept connections from the outside to receive emails. Many home ISPs however can give you a (mostly) unfiltered public IP that once paired with a dynamic DNS service can be reached from the outside. Once the network part is solved, a small cheap box (*Pi like board, mini PC, etc) can be set up to act as mail server, with firewall rules on the router that don't expose anything else to the outside.
I meant just in terms of compute power. Like my isp gives me a static IP with forward and reverse dns, and the box lets me put the phone WiFi ip address in the DMZ so all traffic is handled by the phone. Then the termux app lets me run sshd and other stuff.
And actually I think this is a kind of setup people could get into: an Android dist that focuses on self hosting off an older device.
Some providers allow you to use Alias emails (I think google redirects mail to ia+mymail@gmail.com to mymail@gmail.com), and if you use your own domain, you can just use a catchall redirect and enter a random address (ia@mydomain.com which goes to catchall@mydomain.com).
1/ Buy a domain of your choice
2/ Register an account on Migadu.com and pay them $20/year
3/ Configure your domain nameserver with the settings provided by Migadu
4/ Done.
Voluntary sharing, since afaik they don't pay the criminals to get the data. Either the criminals share it directly (fat chance, usually), or someone else bought it and shared it either publicly, privately with HIBP, or privately with someone who then reported it to HIBP
How this specific instance unfolded, time will have to tell. The leak may have occurred in 2020 for all we know at this point
There is a strange dynamic between the threat actors who conduct these breaches and researchers.
When not used for extortion and for "status" in the hacking community, they share them with researchers (commonly HIBP) to warn people about a site's security and so that site is forced to fix things.
2a = bcrypt, 10 = 2^10 rounds, Bho2e2ptPnFRJyJKIn5Bie is the 22 character salt, hIDiEwhjfMZFVRM9fRCarKXkemA3Pxu is the 31 character hash value, and then there's ScottHelme. Best guess is that the archive.org folks just appended the user name to the stored hash. Maybe once upon a time they didn't have a username column in their table and this was a creative way of adding it.
Friendly reminder to generate a unique password for every account you create so database leaks like this one don't bother you (besides on the site they're used).
I think pretty much the same argument for old-world POTS. While nothing was encrypted, nothing was recorded and someone had to physically access the local copper, which in reality provided more privacy than the future (today) where everything is recorded forever and you can bribe, extort, hack, blackmail, or just for fun leak everything recorded.
Having unique passwords isn’t something you should rely on either. Good MFA practices limits the impact of breaches like this. It isn't an either/or thing, do both.
> Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!
It's all good, as long as you're not in that recent AI Girlfriend breach which exposed a ton of users who were trying to coax it into generating CSAM images.
“I went to the site to jerk off (to an adult scenario, to be clear) and noticed that it looked like it [the Muah.ai website] was put together pretty poorly,” the hacker told 404 Media. “It's basically a handful of open-source projects duct-taped together. I started poking around and found some vulnerabilities relatively quickly. At the start it was mostly just curiosity but I decided to contact you once I saw what was in the database.”
Not sure if you're being sarcastic or not, but pentesting is not a particularly evil activity — and you often have to look at data to see if you actually found something.
What is evil is the way that he's ensured that the predators in the dataset will never face any consequences by making the data available to HaveIBeenPwned, making it trivial for predators to protect themselves (the method through which this is possible intentionally left as an exercise for the reader), and making the data available to a news website for...some reason, but it's bound to ensure that the vulnerability will be patched out quickly and no one else will be able to access the data.
I find it much more likely that this hacker who sought out a website for uncensored AI erotica isn't actually a good guy, and might even have something to hide within the dataset. Hopefully, I'm wrong and we'll see more of this.
> Create a new email address for every service we sign up for?
Exactly that, yes! Various services like icloud or proton offer "hide-my-email" addresses, or you can use any email service and just leverage a dedicated email aliasing service like SimpleLogin (paid but cheaper).
This way your email addresses are always random, and since these are shared services, the fact that it's random doesn't identify you either. In proton's / simplelogin's case, you can even set the display name used and email first, so from the outside it's not going to appear as strange, or have any real limitations.
If you think about it, modern email services don't really allow for easily testing if an email address is valid or not, so pretty much the only way your email is ever found out is if you share it on. So never share it on. Always share an alias instead. With automated systems, you may even want to rotate it every so often, so that if there's a leak, you can identify not just who leaked, but also roughly when.
Fixed identifiers, like an email address, are terrible, as their lifetime is always significantly longer than whatever context they're being used in for.
Truly unique email addresses and passwords per service is the strongest approach, but there may be alternatives. For instance, Gmail allows address+tag@gmail.com, which will save you from the lowest hanging fruit (block the +tag when it’s compromised to prevent the laziest spam from reaching you). iCloud also allows automatically generating a new email address that forwards to your inbox for a new account when using iCloud Keychain (possibly when using other password managers too, but I haven’t tried).
Gmail's +tag (and the .) is nice in theory, but terrible in practice. It's super easy for malicious actors to just drop them and there are a few services out there that simply are not able to work with the +tag, potentially getting you locked you out of your own account. Not gmail's fault, but I would recommend against using it.
I feel like it's safe to assume the official Internet Archive would not write a "friendly"/attempt-at-humurous/unprofessional/confusing/delivered-by-popup message advertising a devastating security breach. Oh also while announcing that nowhere else.
Obv an attackers ability to insert a message does imply a breach beyond a DoS. But I am pretty confident that message was not from the IA.
Verge reports someone has taken credit for an ongoing DDOS against IA.
"An account on X called SN_Blackmeta said it was behind the attack and implied that another attack was planned for tomorrow"
https://www.theverge.com/2024/10/9/24266419/internet-archive...
That class of sites generally is, yes. But on HN we go by article quality, not site quality (https://hn.algolia.com/?dateRange=all&page=0&prefix=false&so...) and I didn't see a better specific article on this. If there is a better one, we can change the link again.
One of those instances when you really wish curses worked on whoever was pulling this stunt “may you and your descendants suffer the bites of 10000 fleas for 10000 nights as punishment for your misdeeds”
Probably not the best time to say this, but it's surprisingly easy to go through a collection with items and grab every email along with the usernames.
One way or another, there was going to be someone who would take loads of emails with a username attached to it. A bit intrigued by how the hacker compromised the database and got the passwords.
I have had an IA account for a number of years, with a gmail address. Nine months ago, I changed the email address to a masked address using my own domain. Now I find that my gmail address was still stored, and was involved in the breach. Why? I get that they might store change history, but why?
BTW, for the current account details, I changed the password to another random string generated by my password manager, and also deleted the masked email address and generated another one, so going forward this sort of thing isn't that much of an issue for me.
I have a similar situation, where I signed up with my main account and later changed IA's email to a more private address. It was the first email I checked on HaveIBeenPwned and it doesn't show up in this leak. The other couple IA accounts I have, whose emails and passwords are exclusive to them, they all show in this leak alright.
I have no explanation to your situation but this was also my immediate though and I also wanted to give the opposite perspective.
How long does an average hard drive last? You'd have to spend that 700k every that many years (plus the extra bits you mentioned). Quite an operation actually
I actually find that fairly tame. For a point of comparison, Wikipedia gets ~$150M in revenue a year, an "asset rise" (I presume this is what non-profits call profit?) of ~$15M a year, and is sitting on about a quarter billion in the bank.
Not that they want to, but I think Wikipedia could fund this using their current donations if they wanted. Hell, I almost wonder if one of the big storage providers would do it for free if they could do it in their staging environment so they get real traffic. It would be less good than real backups, but extra copies are still extra copies even if they're unreliable.
A good portion of the text on Wikipedia relies on Wayback Machine links to remain verifiable. If they lose that, I guess the editors might have to comb every page for information which would need to be either resourced or deleted.
You're right, I guess it is tame and achievable so far as organisations go. I was imagining trying to get some friends together to have a decent percentage of the IA backed up, but that seems out of reach based on this napkin math. Not that that is necessarily demotivating, but it's going to depend on a lot of people intuitively seeing the value and keeping up their share
Yeah, as a sort of pet project I don’t think backing up the whole thing is possible.
You might be able to back up a significant portion of the unique data in IA if you limited it to text files. I think they probably have the highest information to file size ratio.
It’s also probably the most likely to already be back up, though. Interesting issue; you might also get somewhere by cutting the 50TB up into 10GB torrents (or 100GB or whatever, something reasonable for a consumer hard drive) and maybe adding a script that checks the torrent swarm stats to recommend a torrent to download.
Something where I run it, tell it I want to let it use 600GB, and it hands me torrent files for the least seeded 600GB. Maybe a super basic web UI so people can see how well backed up it is?
Unsure if people would sign on or not; I probably would. I’ve got 10 or so TB of NFS I’m not using I could chuck at it. I would guess there are other data hoarders out there who would do the same, but only if it were somewhat easy. I’m probably not going to volunteer to do an hour of rtorrent cleanup a week to make sure I’m backing up the right things.
This is a great question, and a state of the art kind of thing.
HDDs are sold with a lifetime drive read/write amount and power cycle warranty, along with usually some environmental operating envelope. read/write relates to the quality/space of the platter, power cycle is usually the actuator & read/write head being reseated/wearing out. Environment is the same as all other devices in a DC.
Most folks replace drives when they die (reads/writes stall or return garbage), or when the warranty runs out. Some will pay for a warranty exception, and some will just use the drive outside of warranty. Depending on how you use the drive, what environment it's in, etc changes how much you can push things.
I'd say anywhere from 4-8 years, depending on how it's used. In many cases it can be cheaper to have a worse environment for your fleet (thus using less power on hvac) and replace devices more frequently.
I tried for 6 weeks. Eventually, it just stops functioning. The same program and arguments spits out "segmentation fault" 33% of the time I run it, with the other 67% working perfectly. The only way I could explain it was that it was in a function outside the main, because when I put the exact same code in the main, compiled and ran, it worked.
I have no other explanation. At some point, having too many nested loops and variables causes segmentation faults, whereas less complex code functioned without error. I needed to have certain things performed, and it only functioned in the main.
Why would you try to do this in C of all languages? It's one of the worst choices, especially for a self-learner and a beginner like you. Consider: choosing another language could, on its own, 100% eliminate any possibility of getting a segfault! With just that, you'd be spared from having to produce an abomination of many thousands of loc inside a single function, which is never (unless you're Donald Knuth) a good programing practice.
Python is slower but easier, and less likely to segfault out of blue! You don't even have to have a main() loop. If you just have an idea worth demoing quick, I'd recommend switching to Python 3.
There's also the fact that hard drive capacities keep increasing and increasing significantly faster that the power required, and sooner or later for very long term storage it'd become cheaper to migrate all your data from those 5 year old 4TB drives to more modern 16TB ones. That's assuming you want hot access to the data and don't plan on spinning them down as soon as you've written to them, like you'd do for a cold backup of the whole IA.
I remember for a long time (I'm talking 20-ish years back here), every hard drive I bought had double or more the capacity of every drive I'd ever bought previously combined. My first ever 40MB (yes, megabyte) drive got upgraded to an 80MB one, that got updated to a 250MB one, then a 750MB, and then a whopping 2GB drive (how would I _ever_ fill that up???) - and so on. That's slowed down some, but I'm currently starting to think about upgrading my 8TB drives (Raid1 pair) with 20TB drives when the prices start to drop a bit more.
Do people really replace their drives when the warranty runs out? Hard drive manufacturers won't provide data recovery on drives that fail under warranty[1]. It makes more economical sense to just run a drive until it dies. You'll end up paying the price for a new drive either way, but less often if you ignore the warranty expiring.
1: I discovered this myself when a Seagate drive containing some important data failed under warranty. If you're foolish enough to send them a failed drive with data you need recovered (like I was), all they'll do is throw it in the bin and send you a replacement drive.
If this is a backup, you don't need it to be powered up and available 24x7.
So the question becomes more like "how long does an average hard drive last while powered down and still reliably be able to power back up and be read?".
I'm fairly sure that is a lot longer than the single digit years that'd be the probably answer to your question.
I wonder if there are useful guidelines for long term storage of powered down hard drives? My gut feel is the major failure modes would be electrolytic capacitor failure, bearings sticking as the lubrication ages, and obseleting of the interfaces. I wonder how hard it'd be to find hardware that'd read my Mac SCSI hard drives from 25 years ago?
> How long does an average hard drive last? You'd have to spend that 700k every that many years (plus the extra bits you mentioned). Quite an operation actually
You'd have to spend a lot more, because with that many drives, you need redundancy now.
True, that would be an up front cost. At the same time, the IA is still live. This initial expense can be softened by building up redundancy over some years rather than trying to do everything at once
> True, that would be an up front cost. At the same time, the IA is still live. This initial expense can be softened by building up redundancy over some years rather than trying to do everything at once
I think with that many drives, you'd be losing them constantly, and I suppose you wouldn't know which ones until later (assuming you're doing an offline backup, if you aren't you have to factor in power costs).
IA stores lots of redundant stuff in 5 file formats and none of them are particularly well-compressed, I think. There are (big) savings to be had, but maybe figuring that out (software dev and compute time) isn't worth it?
Electricity, bandwidth, and generally running a business is not free. Also for these pay-as-you-go setups you'd need a considerable amount of free space available on demand.
That said, it's not an especially cheap option. Hetzner has storage boxes for EUR 2.5/TB/mo (in fixed 5 and 10TB boxes though)
Oh no! I didn't know their IPFS initiative didn't pan out. What happened to it? I am surprised how hard it is to google. I remember interviewing for a role on that team at the archive to help move it to filecoin. Was so happy to hear that the effort was underway to decentralize their datastore. We need this more than ever.
There are people still working on trying to make it happen but it's just a collosal amount of data and filesystems are notoriously hard, so it's very slow going.
From my own personal experience doing distributed archiving with no relation to Archive.org, Filecoin/IPFS's UX isn't quite there yet. They still don't let you serve data to the network from a normal filesystem, you have to let their system ingest all of your stuff so you end up double-storing data or you have to give into everything being stored as inscrutable binary blobs.
That's why I still haven't integrated ArchiveBox with IPFS/Filecoin/Storj, let my data live in a normal filesystem dammit!
> They still don't let you serve data to the network from a normal filesystem, you have to let their system ingest all of your stuff so you end up double-storing data or you have to give into everything being stored as inscrutable binary blobs.
I don't understand this part. What data would you have to give them? Why can't it just live next to your stuff on your OS' filesystem?
For IPFS, I'm fairly sure you can now serve from your normal filesystem, rather than load it into their blockstorage -- or at least the blockstorage has pointers to real data blocks that are part of your existing files (it's the nocopy option[1]; it's marked as experimental, so there may be some sharp edges.)
For Filecoin, if you want fast access, you do need to keep a second hot plaintext copy, as well as the sealed Filecoin copy. But that works for the backup case for IA, because the hot copy would be served from the archive's existing infrastructure (and/or a distributed IPFS hot cache) -- you'd just use Filecoin for the proven safe backup.
The project to back up IA to Filecoin is still ongoing. The IA dashboard that shows the current state is (perhaps predictably) down at the moment, but it crossed the 1PiB line last year[2], and they've been optimising the onboarding flow recently.
(Disclosure: I work at the Filecoin Foundation/Filecoin Foundation for the Decentralized Web, which partners with the Archive on this project, as well as supporting other Internet Archive backup projects.)
Needing to keep a separate hot copy at 220PiB is already ~$7M/yr, and multiples much more than that if you factor in labor and redundancy. The --nocopy option looks great though, I didn't see it last time I was looking around for an MFS/FUSE solution, I'll try it.
I appreciate your effort and I hope the project continues.
They're saying that the client software (the servers that speak the IPFS protocols) has to load the files to be served into their own local storage database, it can't just keep a "metadata file" and read the existing files off disk. Presumably somebody could write a client that spoke the IPFS protocol and did this, or fork the main Go or JS one, but until someone does that they're stuck with the software that's already been written
"Based on historical records from the first half of the last century, Mr Musk (inventor of the car and the rocket) and President Xi were the most respected and popular individuals on earth."
Backup / duplication is not an easy project for sure. But meanwhile for now IA is a single organization operating under one legal system. And one technical setup, would be relevant today. That's a major weakness.
A few minutes ago (22:48 UTC), I got three emails from HIBP about accounts of mine breached on the Internet Archive. Troy is quick! And I'm surprised the author of that alert() actually had the data as well as followed through
Bit of a shame the emails contain an ad for a password manager, saying there's two easy steps to become more secure: Step 1: use our password manager (fair enough), "Step 2: Enable 2 factor authentication and store the codes inside your [password manager]" ehh now it's back to 1 factor or am I missing something?
I think it is safer to have 2FA in your password manager than not using 2FA at all. Because even if they got your password, if they don't have access to your password manager they can't login.
If you protect your password manager with a yubikey or any other hardware key, then your 2FA inside your password manager is quite secure and convenient. But this is very individual, what your threat model is and how secure you want/need to be.
> even if they got your password, if they don't have access to your password manager they can't login.
Wouldn't the same argument go for a non-2fa password? What's the difference between a randomly generated 2fa secret and a randomly generated password here?
An eavesdropper able to intercept connections could record your password in transit but would only get the current 2FA token which quickly becomes useless. But with TLS eavesdroppers are not a realistic concern for most people so the actual benefit is still questionable.
I was going to disagree with you (and I sort of do about password managers and storing 2FA in them, but I also unlock my password manager with a yubikey).
But, doesn't a DB compromise mean that the attacker would have the TOTP seed as well? It can only increase your account security elsewhere, but also not re-using password prevents the IA leak from hurting you elsewhere as well?
> I was going to disagree with you (and I sort of do about password managers and storing 2FA in them
Note I'm quoting HIBP's advice from the email they've sent me! I'm absolutely not recommending to store one's 2FA secrets in the same place as the password!
Even if one uses 2FA for the password manager, it stops proving "something you have" in addition to something you know and you're one unlock away from malware vacuuming it all up. The point of 2FA is to be on a separate device you need to have on hand
Of course, the same logic goes for a password manager in the first place, but password reuse is a big enough problem that (for most people's threat model) it seems to be a net positive. 2FA tokens don't have that reuse issue
Besides being slow, there's also an implicit salt, so rainbow tables to quickly check every account for "password" don't exist. Still, if you just used a simple dictionary word present in e.g. /usr/share/dict/words (my system has 234,937 entries), you don't have as much time. I have a Ryzen 9 5900X, 12 cores; using a random Go implementation of bcrypt I found with default work factor of 10 and going through that dictionary with 24 threads, it takes my machine about 18 minutes to get through every entry. A thousand years if I wanted to go through 31 million accounts and each one was a worst-case at-the-end value. But there are quite a few more than a thousand of my CPU or better out there, some surely part of botnets which routinely number in the thousands of devices, and probably faster bcrypt implementations. Earlier this year, the FBI dismantled a botnet with 19 million infected devices globally and over 600,000 US IP addresses. Surely some of those were weak IoT devices, but still, there's a lot of compute available to bad actors such that you shouldn't necessarily rely on bcrypt et al. to protect a very weak password. (They are rather good at protecting normally weak and mid passwords, though, and there's opportunity cost for all that compute.)
If you don't reuse that password anymore, does it matter tho. Some services might use older hashing for older passwords without updating the hash algorithm. But I don't know what is the case here.
I would hope that a system competent enough to migrate to bcrypt would also be competent enough to rehash the entire database as well. Logins check bcrypt(oldHash(pw)); if it matters they can be updated to bcrypt(pw). Of course, "Hope is not a strategy".
As of 01:09 GMT on October 10, the Internet Archive is back up.
In fact, the Wayback Machine and the book archives are responding more quickly than they did for me a week ago, when I showed the Archive to the students in an online class I teach. I gave the students a homework assignment that involves accessing some old books at the Archive. That assignment is due in about 12 hours, and I was just getting ready to e-mail the students about the outage when I saw that the site is working again.
Confused about this breach... I received a notification from HIBP about this hack, but I don't recall ever creating an account on archive.org (was creating an account there even a thing?).
What info does archive.org have on people? Is this info scraped from other websites and stored in the archive.org database? Or is this info related to personal archive.org accounts (as I said I don't recall making an account)?
Thank you.. was worried at first as I didn't understand the true scope of the breach. For such a vital website, the info gleaned seems relatively harmless (for those of us who don't reuse passwords that is)
Now I'll have to dig through my IA account and remember if I donated to them directly via credit card (and if they stored it), or if it was through PayPal.
HaveIbeenpwnd says it was just passwords/usernames/emails, so seemingly not. (My company just got an email from them about the breach and I confirmed I'm in there with a quick search on their website.)
If you're a blackhat and you want to be annoying, you can use Stripe tokens to charge your target's customers. The target is the payee, so you won't make any money, but it'll add to the chaos.
> Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!
But is this an official message from the company? It sounds odd and unprofessional, especially the "See 31 million of you on HIBP!" part, which jokingly refers to a huge privacy issue for users. Could it also be that the site was hacked, with hackers posting that message in addition to the data breach and DDoS attack?
Troy Hunt's tweet mentions the IA getting breached, defaced AND DDoSed. Here it is, in case you don't want to use that site:
>>>
Let me share more on the chronology of this:
30 Sep: Someone sends me the breach, but I'm travelling and didn't realise the significance
5 Oct: I get a chance to look at it - whoa!
6 Oct: I get in contact with someone at IA and send the data, advising it's our goal to load within 72 hours
7 Oct: They confirm and I ask for a disclosure notice
8 Oct: I follow up on the disclosure notice and advise we'll load tomorrow
9 Oct: They get defaced and DDoS'd, right as the data is loading into HIBP
The timing on the last point seems to be entirely coincidental. It may also be multiple parties involved and when we're talking breach + defacement + DDoS, it's clearly not just one attack.
> The timing on the last point seems to be entirely coincidental. It may also be multiple parties involved and when we're talking breach + defacement + DDoS, it's clearly not just one attack.
It could also be that the attacker has compromised IA communication channels and timed it for maximum dramatic effect and confusion.
this was coordinated. several archive services hit around the same date. ddosecrets was the first to be hacked, as far as i can tell. span of one week.
It's a thankless job to be always begging for donations to keep something working when the Internet at large doesn't value it as much as it should. And now getting targeted like that? I wouldn't judge them if this is an official communication coming from exhausted and frustrated staff.
Just a reminder that AI tried pivoting to much more clear-cut legitimate piracy, presumably because they got bored or something, and certainly put ‘donations’ toward that effort.
IA is an incredibly valuable resource, but let’s not put them on a pedestal.
heh, if they went 100% "we're operating our service from international waters and won't be taking any DMCA requests" i would donate $1000 on the spot (anonymously, of course, but entirely serious).
What's "legitimate piracy"? As a reminder, the scheme was designed to work exactly like typical lending libraries. Publishers were unable to show any harm, and the only evidence available proved they actually benefited from better sales thanks to the Internet Archive. Authors were clearly benefited.
https://www.techdirt.com/2024/09/05/second-circuit-says-libr...
But I agree, no need to put them on a pedestal. Nobody is perfect.
The funny thing is the internet archive is more connected to hacker culture than cracking a website will ever be. I hate posers more than anything. Hopefully the internet archive comes back stronger than ever.
By "working idea" do you mean something that you made up in your head which has no basis in reality, but works for you?
Edit: I had only seen the one post on X in which responsibility for the attack was claimed when I made this comment, but looking at the account further they do make many politically motivated comments.
With this new insight my comment now seems unnecessarily dismissive because it's not completely unreasonable to suspect false flag attacks when political motivations are being broadcast. To be clear I'm not making any assumptions for this specific case one way or the other, but I am acknowledging that the political speech presented by the attackers does add some merit to your suspicion.
That sucks, I was reading my email in the morn and saw the news from haveibeenpwned.com, and I'm indeed effected by it.
Consolation is that I used a randomly generated unique password, tried to reset my credentials and see of any 2FA options but the site is overloaded throwing 504s.
I’ve been mentioning this a lot lately but it’s also a good idea to use email forwarding services like Firefox relay, icloud/apple “hide my email”, duckduckgo has a free one, simplelogin you can host yourself…
In an email breach you can confirm who was breached if you used a unique email, and it also means your actual email remains at least as secure as those services I mentioned
Should we be linking to the site that is very likely to be breached? Could start to host any type of malware until the access can be definitively revoked
That's just about article quality though. Is there a policy about linking to known compromised sites? Should one flag the submission for moderator attention?
Even if we assume folks are using up-to-date browsers (and many aren't!), a compromised site could deliver payloads to browsers ranging from zero-days to phishing content to browser extension compromises (esp. for crypto wallets etc.), that might be delivered differently to different viewers. We don't want to amplify the spread of an attack, especially to our community!
There are too many things to add if we start adding things like that. Each one is important in its own context, of course—like here—but once you start making lists of important things, you end up in a whole-is-less-than-the-sum-of-its-parts situation. I don't think such lists are likely to be effective in the long run.
That's also why the site guidelines (https://news.ycombinator.com/newsguidelines.html) are nowhere near as long as they would be if we tried to include all the important things. Better a shorter list that people can actually read.
I hope that doesn't come across as dismissive—I do see your point!
Fun fact: this is the first time using a password manager (Bitwarden) protyected me from a security breach! Now I only have to update my archive.org password instead of all of them lol
There is no US, there are just a bunch of interest groups. Some interest group definitely wants IA down. I wouldn't be surprised this is a paid attack.
Just for completeness sake and my own opinion based on my own witnessing of history, every political party of every government of every country would love to see all the archives gone. It's easier to twist the truth if one can memory hole reports and make the original source go offline or pressure them to change their words. There will always be individuals that archive stories they find interesting, but many stories are uninteresting until people learn what more may have been left out at a later time as part of a much bigger story. That is when the archives become a treasure trove and big archives sites are the first that people turn to for the original reporting. As a generic example, many news sites will redact what they knew to be false after the vast majority saw their misinformation but they can't redact an archive of their twisted truth. The internet has made it a little harder to control a narrative. It was so much easier to control when it was just a few big newspaper publishers that owned the smaller ones and a few big cable companies that owned most of the smaller ones. They would all literally parrot the same lines.
People in other parts of the thread say it's Israel. (Which certainly is "aligned with US interests abroad", as the powerful see it anyway). I think it is ridiculous conspiracism, right now anything anyone doesn't like they think Israel is behind it.
The crazy rise of conspiracism in our society in general, combined with Israel really is doing some nasty stuff (but not controlling everything you don't like), combined with the latent antisemitism in most conspiracism.
And I say this as a strong supporter of and activist on Palestinian rights and liberation. Free Palestine. (But there is no reasonable reason to think Israel is behind an IA hack. Or the fact that your mail came late, or anything else except what they're actually doing which is bad enough. Call your senators and tell them to vote for Bernie's JRD resolutions).
There are so many well documented awful things IL has done that most people don't know about (many still haven't even heard of the Sde Teiman video) that folks could be spreading the word about instead. It's a shame to see this kind of conspiracy mindset from at least some people who probably mean well. There is no harm in waiting a little bit for facts to emerge.
The undertone was intended to be: that's an insane amount of money, something one with quadruple that amount of experience would maybe earn in a for-profit organisation, but I guess your reaction further proves it's different where you're from
It's not high for bay area software jobs; there are new grads who were paid more than that 10 years ago and I assume new grad wages have gone up since. Of course cost of living (particularly rent) and taxes are high there too, but if you don't blow it all on renting a higher-end place or luxuries you can still save a lot.
Does this mean you get benefits (like free housing, healthcare, and money to buy food with) if you earn less than 105k/year? Or what does low income threshold mean here
It's one criteria for eligibility for social benefits that can include being able to live in certain kinds of public housing. Usually there's a lot more criteria that go into it, but income is a fairly major one.
Right in most southern states in rural areas that would be pretty good and you could enjoy fresh air and nature while working from your back porch and scanning a few acres of land and wildlife, sipping on sweet tea.
Reporting on security issues is always so terrible. Is it a data breach or is it a DDoS? (Or both). Those are opposite things. One is trying to release secret information one is trying to make the site inaccessible.
Which is pretty common. While the org is running around dealing with the DDoS, they're not doing anything to fix their systems. In this case, I can't even get to my account page on IA to change my password.
That's like complaining the reporting on the weather forecast channel is so often wrong. This news broke about an hour ago and the IA is down, what witchcraft do you expect news media to practice! Nobody yet has the answers you're looking for, give it some time and log files will be audited and the reporting becomes useful :)
> or at least say how confident they are in what they know
This I can very much underwrite. Error bars or rough confidence indicators are missing far too often, also from sites reporting on e.g. benchmark values of hardware they've been testing... such professional organisations yet such basic omissions
In case anyone would like these benefits but doesn't want to actually run an email server: All you actually need to accomplish this is a domain name and a decent provider. Fastmail is what I use and it's been great for me.
That's not easier, that's the same but with a worse scale fit.
If you need free, you need free.
But if you can pay, you want to pay a vendor whose scale is such that you mean something to them while still being mature enough to rely on.
This applies to pretty much everything, not just email.
With Google and Apple, you service needs are overhead and with Google in particular, your value is entirely in them being able to monitor as much as they legally can about your activity.
With Fastmail, Protonmail, etc, you are a customer already and they're invested in making you a bigger happy cuatomer in the future. They have staff that will service your support tickets, you represent profit on their books, and the services they offer you are generally designed for your scale more precisely.
It’s risky to let your online identity be controlled by a single large provider. Distribute out the services you use as much as possible. Use a different email provider from your domain registrar, and different from the providers of any other online account you have.
Google has it, though I think you need the paid Workspace version? I’m paying around $15/month now ever since google killed the free tier for custom domains.
It’s user+ia@gmail.com, and it’s a poor substitute for a dedicated domain. For one, every attacker knows about plus addressing and that those addresses are really all the same email account.
You can do this easily (and for free) via Cloudflare [1]. Works great, I've been using it across several domains for quite some time. Migrated from Google.
I don't know their reasons, but for me, I do use cloudflare, but only in a way that I have a transfer-off plan.
So far as I can tell, Cloudflare seems to still be in the early stages of enshittification [1], and while I as a business customer am probably going to be taken for a ride later than most customers, I'm also small fry, so I'm guessing at some point in the next 5 years, some of the "for free" features like zero trust / tunnels are going to become prohibitively expensive for me.
I assume Cloudflare will enshittify because too much of its services are free or too cheap to make sense, so my guess is they're trying to achieve massive market capture and dependency so they can later start squeezing customers for way more money.
I prefer more transparent cost structures, like what I get through Migadu for example.
Cloudflare isn't even that big. They're 1/100th the size of Google or MS. They're not even the biggest CDN—Akamai has twice the revenue, but it depends on what you measure. Cloudflare gets brought up disproportionately often on HN because they have generous free tiers and cater to indie hackers more. So it feels a little ironic that they're perceived as "the big dog" by the indie hackers.
It feels like every website uses them as a web proxy, meaning they get to 1) decide which users can access the site using their own opaque methodology and 2) MITM/inspect a large percentage of web traffic.
I used to do this, now I use icloud and the 'hide my email' tool and it works without any hassle. Even asks me when signing up for something if I want to hide my email. It is easier than adding it to my old setup. Even easier than when I was using my free Google for Business setup.
The rest of apple's email landscape sucks. It is pretty poor at managing spam, the client is terrible, it doesn't sync rules between the desktop app, icloud email, and iphone.
I hate email in general. It is getting to be 1 in a 100 type scenario of anything of value and likely worse if I knew all the emails that were deleted before I saw them.
I recently ran into an issue where Toyota’s app/site was detecting and refusing Apple iCloud hide-my-email addresses when trying to sign up.
The error message was very clear: hide-my-email was not permitted.
I was just trying to check for available service appointments near me and didn’t want the spam. But I guess sending spam is very very important to Toyota.
I often use custom domains for email and haven't encountered this. From what I know, the best practice is to use a domain that you have had for a while and to use nameservers or MX records from an established service (basically). I don't run my own server but I am sure there are tricks to getting it to work that way too.
Use a commercial service then, they're cheap and provide every benefit mentioned by GP. The thing that you really need is not your own server, but your own domain.
You don't need to deal with the hassle of your own email server for this. Just buy a domain and use Fastmail, Protonmail, or any other service you trust.
Great until you need to give someone an email address in real life and awkwardness ensues.
Cashier: "What's your email?"
Me: "walmart@somedomain.com"
Cashier: "No I meant YOUR email address."
Me: "Yeah walmart@somedomain.com"
Cashier: "Oh do you work for Walmart???"
Me: "No see I set up my email so... oh nevermind, 420BLAZEIT@GMAIL.COM"
i have a similar setup for the past 20 years or so. I rarely get a raised eyebrow at giving X.yourcompany@mydomain.com, and if i do i state it upfront “this is for categorization” and never had to explain it again.
Zero problem. I have used this exact setup with my domain for over 23 years. First, it's rare that I had to give my email over the phone or something. And in the couple of times someone raised an eyebrow, it was an opportunity to educate the person that yes, "donotspamYOURCOMPANY@" is indeed a valid address (not exactly what I use, but similar).
The advantages are numerous: tracking who leaked my data (many times before the company even noticed it), easier to spot spam (20 years ago spam filters were a lot less sophisticated), minimize credential stuffing (before Pwd Managers became the norm), etc.
I recently started getting "targeted" bitcoin extortion emails that have your home address (or what they scraped from public records) and a picture of Google Street view, but they're all going to the email I used for a now-defunct online grocery
Ha, same here. Including photos of my house (well, actually my neighbor's house) and everything.
I'd be worried if 1) I hadn't seen many versions of similarly creative extortion emails over the years, and 2) if they hadn't use some obvious "donotspamCompanyThatWasHacked@mydomain".
Sadly, I can see how this may trick some people into sending money to scammers.
I have this same setup and this conversation happens often, you get used to it happening and navigating it.
ON only one occasion in ~20 years, someone refused to do business with me because they thought I was impersonating them and told me I was being disrespectful by using their brand as my email, and even after explaining how it works they weren't happy.
Meh, it’s not that bad. I have a short domain and usually use an abbreviated version for user part. If it’s a big corp, just the stock ticker will suffice and nobody bats an eye. Some boomers raise an eye if it’s not @gmail.com or one of the big providers, but otherwise nobody cares.
But better than giving them an iCloud “hide my email” generated addy ;)
If an attractive story takes precedence over fact, then we will repeat the story of a James Bond film. Maybe the one with that bikini scene, bikinis are attractive after all.
https://blog.archive.org/2021/02/04/thank-you-ubuntu-and-lin...
"The Internet Archive is wholly dependent on Ubuntu and the Linux communities that create a reliable, free (as in beer), free (as in speech), rapidly evolving operating system. It is hard to overestimate how important that is to creating services such as the Internet Archive." Maybe CUPS?
"Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!"
I wonder how they got access the their database? I read in this thread that they likely used a supply chain attack by replacing some polyfill scripts. So they could've injected malicious code (XSS) that logged email and password to a remote server which they could have gone through. With a bit of luck they couldve gotten access to an admin account or whatever…
That much is not clear yet. It's possible the polyfill is an unrelated red herring, but it's also possible they somehow managed to elevate permissions. Seems the polyfill use was self hosted as well.
Maybe they managed to convince some critical service like an SSL cert provider that they were the owners of the subdomain? I don't know still wouldn't explain access to user and password database.
Does IA have much information on users? I’ve been in dozens of these HIBP leaks (including this one) but still none have concerned me, since they were mostly just email/password and nothing else.
Does IA store anything sensitive for any users?p physical addresses, credit cards, etc?
Does anybody know the details of the attack via the JS library? Was that the exploit of a bug that could affect every site or a chain of supply attack targeted at the Internet Archive?
The conspiracy theorist in me wonders what was accidentally copied into the archive that powerful interests want removed and if this is all smoke and mirrors while they make that happen.
No. It’s not clear who runs Archive.is (there are domains registered by a ‘Denis Petrov’ with an address in Prague), but the Internet Archive (archive.org) is run by a non-profit foundation.
Is it safe to assume the hacker want to erase the evidence?
Forcing the service offline also means they want to prevent people from archiving evidence in the next how-ever-long hours. Combining with the spoken language they used in that video, are they planning some online disinformation campaign?
>SN\_BLACKMETA has operated its Telegram channel since November 2023, boasting of DDoS incidents and cyberattacks on infrastructure in Israel, the Palestinian Territories and elsewhere. While all of the group’s messages focus on the Palestinian Territories and perceived opponents to Palestine, many of its posts are written in Russian.
>The group’s account on X also shows that it was created by someone in Staraya, a town in Novgorod Oblast, Russia. The account’s initial language was also set to Russian.
>The researchers added that analysis of timestamps and activity patterns showed possible evidence that the actors within the group are operating in a timezone “close to Moscow Standard Time (MSK, UTC+3) or other Middle Eastern or Eastern European time zones (UTC+2 to UTC+4).”
~~Attacks include pro palestine sites and groups, so~~ take that "pro palestine" with a grain of salt.
EDIT: edited for clarity on what is actually in the article and not in outside anonymous sources. If you want to read more, [there's a clearer report on one of their attacks and their usual targets.](https://www.radware.com/security/threat-advisories-and-attac...)
How is someone stupid enough to post this? Warrant for the account's IP is probably already issued. I don't know how many proxies the guy is behind, but it's playing with fire.
Also at some point the account of a malicious hacker has to be banned right?
They have a Telegram channel and there's some blurb about it being pushback on US support of Israel, but it reads as bullshit. Probably a script kiddie.
I was disappointed to discover that https://haveibeenpwned.com does not report an email as pwned if it is subaddressed/plus addressed. myemail@gmail.com is reported as still safe, but myemail+archive@gmail.com is pwned. I wonder if my email has been leaked by any other websites without me knowing.
I don't think they can do that, because they do not store plaintext addresses in their database, merely hashes. It certainly reduces the impact of someone hacking HIBP.
In unrelated news, apparently most world leaders in the Internet era, from Thatcher to GHWB to Mitterand to Rabin, expressed great admiration for Vladimir Putin.
So now the data also has off-site third-party archive. Isn't this along the goals of organization. It is less likely now to be destroyed in many eventualities.
I use several, but I dream about a world with no passwords. Managers or not, passwords are always at risk and it is only a matter of time before one of the 300 sites leaks your data.
I’m feeling extremely conflicted on all of this with IA right now.
On one hand, I love IA
On the other hand…I’m in a long thread with their support right now on removing old snapshots of a social media account I have. Creeps are actively using the old snapshots to dox me and send me death threats using my PII.
It’s incredibly frustrating and IA keeps insisting they cannot do anything about it.
A small part of me hoped IA didn’t recover from today because I knew my info would be finally deleted :/
Isn't the point of IA to retain information? How can you, without hypocrisy, love IA if you don't agree with it happening to you, that you benefit from happening to others. There's a conflict here.
It's an uncommon opinion for someone to be in favor of IA to retain all information, and it's also not their stated purpose.
It's a perfectly reasonable opinion to wish for retention of old sources of knowledge without retaining pages containing personal information of non-public people, or sensitive non-newsworthy information about anyone at all.
Here in Australia we've had so many large data leaks I just assume all my PII is accessible to anyone motivated to find it. I'd guess folks from many other countries are in the same boat.
Not downplaying or excusing; just adding context that IA aren't the only ones and it's difficult to prevent (since the cause can be well outside of the individual's control).
Once you have been doxed, isn’t the cat kinda out of the bag at that point? Creeps already have the snapshots now, deleting them from IA is just closing the barn door after the livestock has already escaped.
Bear in mind that is the doxxing and doxxers that have happened now. There are plenty of future opportunities to be doxxed and plenty of other potential victims.
Not that I'd cheer for the loss of IA, but it'd probably be nice if they took down PII on request.
Can I ask why they're trying to dox you? I have literally never inspired this kind of passion on the internet--and I'm usually pretty blunt. I'm genuinely curious what it takes.
Attacks like that tend to have little to do with bluntness. They occur when you've touched something they consider to be theirs, and you are not entitled to. Usually that's some matter of group identity, where they feel the need to show off for each other just how angry they are at you.
It has less to do with what you say or how you say it, but with who you are.
It sounds like it takes a lot of effort by intelligent people. Why would someone go to effort like that unless it was for something they believed was really important (I can't accept that it's just to show off your cronies / jelousy).
>They are under attack because the archive belongs to the USA, and as we all know, this horrendous and hypocritical government supports the genocide that is being carried out by the terrorist state of “Israel”.
Ah yes, known arm of the US military-industrial complex, The Internet Archive
It may not even be that nefarious — perhaps they did the hack “for the lulz” then had pangs of conscience afterward and scrabbled around for a (false) excuse.
In any case, the IA was in some cases the only public host of important documents about Palestinian history, which are currently inaccessible, to say nothing about how important the Wayback Machine has been over the past year.
Sounds more like they hacked it for the lulz and then put up the tweets for even more lulz. Attacking the IA to support palestine is about as nonsensical as you can get.
So just to play devils advocate, since Zionism is being critically received all across the Internet - it is more likely that IA was attacked in order to censor those materials, and then a sockpuppet was created to shift the blame to pro-palestinian voices - which makes no sense, since pro-palestinian voices would want IA to stay up so that embarassing Zionist material was made more available - but such is the nature of agitprop campaigns during war time: through subterfuge and obfuscation, deny your enemy the materials it requires to continue its campaigns, and also deny them the ability to identify the cause of that material going missing, also - or, at the very least, obfuscate the actors responsible for denying it, using sockpuppetry ..
Is there more embarrassing pro-Zionist material on IA than there is embarrassing pro-Palestine (for lack of a better term for whatever "the opposite" is) material?
I would not know a mathematically accurate response to this question - but I did see a lot of references to embarrassing pro-Zionist (i.e. historically racist, colonialist, pro-Zionist) materials at the IA in the last week in various other forums, which are now no longer able to discuss the materials as they are unavailable.
If there is "pro-Palestinian" materials at the IA, I would imagine it being based on materials collected over the past year documenting the genocide, war crimes, and crimes against humanity being committed against them.
There is a definite effort to censor any and all reporting of Israeli crimes against humanity on the Internet - IA was probably a last refuged for those collecting this material.
Actually, there's plenty of obnoxious "pro-Palestinian" material out there as well, glorifying Operation al-Aqsa Flood, "martyrs" from other random attacks on civilians, not to mention the propaganda that there's no such thing as "Israeli civilian" anyway, and so forth. There's no need to go looking for it on the IA because they're quite proud of this stuff and are churning it out constantly. See also: https://news.ycombinator.com/item?id=41692193
BTW I'm a non-Zionist and strongly opposed to the occupation, etc. So please don't make any assumptions that I'm a hasbarist coming at you with their usual stuff. The depressingly tragic fact of this conflict is that there are legions of assholes and extremely naive, easily manipulated people on all sides.
i hate how Zionism has become a bad word, like it's some world domination conspiracy theory. as a Zionist myself, it's not at all likely that IA was attacked to take down Zionist-related material as these material are neither embarrassing nor damaging to Israel. on the contrary, I would like for them to stay up and be archived for all eternity.
what is more likely is that these pro-Palestinian hacktivists are once more engaging in misplaced activism, targeting those they perceive as tied to Israel, regardless of whether those targets have any direct connection. just see the boycott movements... they're boycotting Gal Gadot, McDonalds, and Starbucks
I don't think anything will ever be embarrassing to the Genocidal regime. And no damage will be done either, as long as its creators-protectors goes out of their way to protect it.
The note currently displayed to my account disputes the claims made in the linked tweet (that the Internet Archive is run by the US government(???)), not the supposed motivation of the attackers.
That said, this just seems to me like the attackers are trying to come up with some justification after the fact to explain why they would go after something as universally beloved as the Internet Archive. Actual pro-Palestine activists are not happy, eg (strong language): https://x.com/Aldanmarki/status/1844155616199413969
The script kiddies their contractor hired might though. I see no reason to believe that this was the doing of those organizations but if they did want to see the IA hacked then surely the ones doing the actual deed would be far removed.
How do you know what countries' actors are attacking your honeypot in face of IP address obfuscation (VPNs, jumpservers rented in a different country, etc.)?
Ah the only conspiracy theory we’re encouraged to believe. Wouldn’t that be convenient. A perpetual enemy far away that’s responsible for all of our failures, infiltrating and puppeteering western democracies on the other side of the world. Even the Russian propaganda machine loves this narrative – it makes them seem powerful and dangerous. Not like a corrupt and broken former empire sending off their young to the meat grinder for a bit of loot and territorial ambitions from a lost era.
He or she is still a clown. What difference does it make who hired him or her? At an individual level one can always disagree to do things that only destroy value.
reasonable people disagree on whether some things are positive or negative value.
IA is one of the go-to examples for that. is it good to make every book ever written freely downloadable (as they were trying with their library project a while back), or is that bad? you and i might think the answer is obvious. we might even agree on it. but we would occupy a rather different world if even a supermajority agreed on that question, in either direction.
Now, it depends what the "it" is referring to here, but so far all I've heard is about an alert() message saying the usernames will be sent to a breach alerting site. If they're doing it just for the heck of it, it's still costing a lot of people a lot of time that they could have spent doing better things, but I'd reserve special places in hell for the people who do plan this out carefully and make malicious demands
There is a big difference between doing something for pure curiosity, love, or exploration and doing something directly harmful to other people for the same reasons. One is art; the other is sadism.
I'm not sure that placing free long distance calls isn't harmful to the org whose infrastructure you're using for your own benefit, but 2600 (Hz) is a respected hacker magazine and phreaking and Cap'n crunch whistles are seen as cool
Hacking the Internet Archive and only placing an alert with a provocative message, I could see my teenage self do that. My judgment of the character is going to depend on what it turns out they've actually done
Of course, my grown up self (or late teen also, as I've done responsible disclosures back then as well) would rather have seen them do a coordinated vulnerability disclosure, but alas, I just meant to remark upon the "special place in hell" for not having a plan or motive bit
*Edit:* wait, I just saw in the article (I opened the thread before the link was changed) that this quote refers to a DDoS, not the alert() message that the thread was initially about
> the site was experiencing a DDoS attack, posting on Mastodon that “According to their twitter, they’re doing it just to do it.
That's indeed just destructive and not related to (hacker) curiosity...
There's a spectrum and case by case judgement. I'd agree your examples are harmless even if technically they harm the phone company. Taking down the internet archive just for the hell of it has a distinctly less "cool" or "fun" flavor, to my eye.
> I'm not sure that placing free long distance calls isn't harmful to the org whose infrastructure you're using for your own benefit,
If there's a call you wouldn't make unless it was free, the infrastructure isn't at capacity, and you're not acting otherwise in a detrimental fashion to other users of the infrastructure-- there's no harm to that organization.
Certainly a fair point, but it also costs a lot of person-hours to patch up that infrastructure's security and trace who's placing the calls when one could just choose not to do this fraud in the first place. I am not old enough to know whether carriers also charged each other back then, but at least nowadays it could also incur charges for the originating party; costs which the caller isn't covering
Toying with the system, learning how it works and finding what you can make it do, there's a certain art to it and I'd encourage anyone to at least tinker with the systems they own (and everything else within reason and ethics), but there's two sides to nearly everything
I get your point and your edit. I think most people reaction is less because of the destruction itself and more because The Internet Archive is being targeted. It is a place that most would say are representing the hacker values, and few such places exist on current internet landscape.
There are so many other possible targets that would get even positive reactions from people. The only kind of people that might be happy about TIA being down is maybe some big corporations that want to control and sell the information being freely preserved there.
Is it better to deface a website for ransom or to support a scam than it is to deface a website because you're bored?
The action is reprehensible either way, but if this is truly just an old-fashioned Anonymous attack with no ulterior motive beyond just being bad that's honestly kind of refreshing.
For all I know, they've given the private data to an organisation dedicated to alerting people about breaches. If they fear that the data may also have been accessed by others, that's not a reprehensible thing to do by itself. Besides the DDoS apparently being from the same author (which seems odd because those ethics are incongruous), I don't know what else they've done so I don't know that it's in violation of what you linked
If god is the good guy and satan is the bad guy - why do bad people sent to hell? They would just chill with the devil laughing about all the DDoS they did for the lulz.
Satan is canonical for one thing in particular out of most things - he does not like humanity. Getting sent there isn't a fun field trip where you get to hang out with your buddies/partners in crime after the game is over, presumably.
Think of it more along the lines of you having a blinding hatred of mosquitos, and then they keep getting sent to you, and at the same time you're a very powerful, capable individual who can deal with hordes of mosquitos in fantastically wicked ways.
I did actually, since the quote didn't specify and the submission's link changed after I opened the comments. Thanks for pointing it out in case I hadn't seen it in the meantime!
100% the result of boredom. Visit website, notice its design is old and crusty and you start to dig deeper. That's all it takes. Funny how we just expect hackers to have a manifesto now.
Yes? For society in general, for professionals in criminal justice system and also to some extent even victim as well, it is lot harder when there is no motive.
Perpetrators without motive can not be negotiated with, punishment may not a strong deterrent, rehabilitation is lot harder. Economic crimes or crimes of passion or ones as a result of addiction can have a path to rehabilitation and recidivism can be solved by tackling the underlying issue like poverty, addition etc. Even solving crimes without motive can be harder as there is less assumptions we can make about the perpetrator.
I think the existing collateral damage examples were pretty actual already. By burying terrorist headquarters under civilian apartment buildings, Hezbollah guarantees collateral damage.
No it doesn't. The US does not deliberately hide it's drone pilots among civilians and targeting their place of work or the drone storages would not harm civilians.
This Twitter account is suspicious and odd. I don't think anyone doing this is stupid enough to actually believe that they're doing it to "help Palestine." Seems like a job by Israel or supporting countries pretending to be supporters of Palestine.
We have an entire generation of activists who have somehow been programmed into believing that disruptive, moronic, antisocial acts of “protest” are a way to effect change, whether it’s vandalizing historic artwork or blockading a freeway. And the Internet Archive is even a museum of sorts, so you can see how the rationale would track.
Are you suggesting something similar along the lines of murdering your own citizens and showcasing them as victims? Something akin to 911 being an insider job?
Just in terms of privacy, it's worth noting that anyone who has uploaded something on IA already has their email address publicly viewable.
This isn't something that commonly known (even judging by comments here) but in the publicly viewable metadata of every upload it contains the uploader's IA account email address. So from a security perspective it's bad but from a privacy perspective a lot of users probably weren't aware of this detail if they've uploaded anything.
This raises an interesting question: should email addresses be private? Addresses of buildings aren't private, and they're somewhat analogous as with many computing concepts. (Aside: Before spam filters were quite good, it was typical to avoid scraping of addresses by mild obfuscation, but I think those days are gone, and this is distinct from privacy anyway.)
If someone wants to upload and never be found out, then they need to use a throwaway address in any case, lest they be providing their "private" address to the administrators of the service without explicitly forbidding further disclosure. If I say something to Alice without demanding that Alice keep it from Bob, then I implicitly don't mind if Alice tells Bob what I said.
Whether the email is considered private or not is completely orthogonal to whether you are allowed / should tie an action to your email. And then again completely orthogonal whether you can/should make that connection public.
Even if your email is public information and even if what is uploaded is public information that doesn't imply that the email address behind the account that uploaded that information should be public.
The same exact thing goes for physical addresses too. The fact that I live at my address is public knowledge. But the presence of my address in any particular database, mailing list, etc. is not and should not be public knowledge.
i agree. if "user contacting another user" is a feature, there should be the option to (optionally) supply a different email address than your account email or use an online form that keeps your account email hidden.
There is software which is intended to e.g. locate the GitHub profiles of people working at companies, then scrape all public repositories they've contributed to for their email address and the emails of their coworkers - to enable targeted advertising to those individuals. Very common in enterprise sales.
With ChatGPT, this can be extended to create emails that look very personal - as if someone has followed all of your work and is genuinely interested in what you are up to - with extremely low effort. And people are already doing this, I already get emails like this today.
Should emails be private? I don't know - I personally consider them to be public because I know for a fact mine will eventually be public whether I like it or not. But I am aware AI is out their slurping up every public communication I've ever had, and is likely trying to manipulate me in various ways already today.
This was a problem already before the generative AI era, it just got less expensive. The only way to reduce it is to have two work addresses: one that you rarely check and is exposed to the public, listed on your profile etc., and the real internal one just to get the work done.
>it just got less expensive
Quantity is a quality. Add that the AI can profile you and do a decent job spear phishing and you're talking about a sea change.
>and the real internal one
“Three can keep a secret, if two of them are dead.”
There is no such thing as an 'internal' email you communicate to other people outside your company with. It's just an email address. Someone at some point will leak it by accident or malice.
> There is no such thing as an 'internal' email you communicate to other people outside your company with. It's just an email address. Someone at some point will leak it by accident or malice.
Sure, so personally I never use it to communicate with people outside. Also, I make sure it's never used to register with external licenses like Docker Desktop etc. as they subscribe me to their spamlist and send the usual semi-personalized messages - but as far as I can tell most of these bigger companies don't sell them outside (for a good reason). Startups, however, will do what they want and will make sure to squeeze the last drop from the info that such-and-such person works and that company and does X.
About AI slurping all information. I bet one of the first ideas organisations that spy on population had when the recent AI boom happened was: How about we just train our AI on all the intercepted data and just ask it? Is John Smith a terrorist (for our definition of terrorist)? And the AI would reply: Yes he it, he searched on Google where to buy these ingredients that can be used to make explosives. So then they go and figure out some way to "legally" arrest the guy and obtain more private info. It looks like the guy was buying the stuff because he's got a plot of land to fertilise and an old car to paint. So they ask the AI again. You said John Smith is a terrorist! And the AI would answer. I'm really sorry, I'm doing my best and I'll endeavour to do better in future. After this the agents ask for another billion $ because clearly they need more VRAM.
Personally I've been using an email aliasing service (simplelogin) and try to use a different alias for every purpose. I don't use it for my git commits but I find that email aliasing services are something to look into not just for privacy concerns but also spam mitigation
>With ChatGPT, this can be extended to create emails that look very personal - as if someone has followed all of your work and is genuinely interested in what you are up to - with extremely low effort. And people are already doing this, I already get emails like this today.
shit, now i don't feel like sending e-mails to people i'm actually interested in
> This raises an interesting question: should email addresses be private? Addresses of buildings aren't private, and they're somewhat analogous as with many computing concepts.
There are several ways to look at that.
The organization that I work for considers anything that ties two pieces of information about a person together as private information. That is to say that a person's name is not private and a phone number is not private, but connecting a phone number to a name is private. In one form or another, an email is frequently tied to a name (e.g. the email address is based on their name, or an account record includes both a name and an email address).
Another way is to consider how accessible the information is. There was a lot of information that was not considered as private prior to the widespread adoption of the internet. One issue that I remember popping up in the early 1990's involved property (i.e. land) records. Historically, people had to go to a government office to access them but they were publicly available. Since they were publicly available, some governments made them available online. Once they were available online, the barriers to access were removed (e.g. having to physically visit an office) and the ability to abuse that information was vastly increased. All of a sudden, people started considering something that used to be considered as public information as private information.
An issue is for most sites/services an email has just become a standard authentication method, rather than something that can easily be more unique per account. So any usernames across sites/services that share it identify that user as being the same person (for data broker profiling, doxxing, etc), which is the privacy issue (not the email address per se, unless it perhaps contained one's real name).
For contrast truly unique email aliases for example aren't possible on common services like free Gmail*, only things like self-hosting/certain paid email hosts, which makes less feasible for many. So from a privacy perspective while in an ideal world everyone would be able to freely create entirely unique per-account creds we're mostly stuck with the email implementation.
* One could create entirely separate accounts but it's high friction and IIRC the same phone number (now a requirement) can only be used for 2-3 accounts.
Proton Mail and iCloud’s hide my e-mail feature allow users to have unlimited e-mail addresses. You can also get unlimited e-mail addresses by running your own e-mail server or using something like Office 365’s business e-mail (costs about $4 per month).
is running your own e mail server a good idea in 2024? Security issues aside, you are at the mercy of the big email providers and whatever rules they want you to follow
For e-mail addresses as an authentication tool, you don't really need to be able to send emails at all, just receive them, and I think that is pretty feasible to not run afoul of the usual shenanigans.
I think the cost of paying for a dedicated email service is worth it. (There are plenty of smaller, privacy-oriented services such as Proton Mail or Fast Mail.)
They're better at it than I am, and it means I don't have to fill up my free time maintaining another server.
> One could create entirely separate accounts but it's high friction and IIRC the
> same phone number (now a requirement) can only be used for 2-3 accounts.
I've wondered about this. Every Android/ChromeOS device I've ever bought, I had a new Google account created for it (during setup, instead of using an existing account), and only a few actually had phone numbers (I don't generally use smartphones for telephony). Is "Google account" synonymous with "GMail account" these days?
I've had this idea for an experiment where I get such a device (without a simcard), and see how many times I can iterate the Initialize-Device-With-New-Google-Acct-PowerWash-Repeat cycle, and how many Gmail accounts I would have as a result.
Why did you do that? Android doesn't require an account to work.
(For both Android and ChromeOS) I thought it would be significantly easier to let it use a Google account, than it would be to make it proceed without one. Was I wrong? Serious question.
Links to information would be appreciated, even/especially if it's a complex task to do this.
(I never put a lot of effort into this, because having the Google account be anonymous/fake-named was generally tolerable for my privacy standards)
I think it does if you want to install anything from the Play Store.
Aurora store gets around that
the search doesn't really work does it? you have to search on Google and then click on it to open with aurora.
but you're right, it does help!
The search worked for me to find a single app I needed when I was setting up a single-use tablet recently, but I haven't used it hugely beyond that. YMMV
> This raises an interesting question: should email addresses be private?
I sadly don't think that's viable.
What might be, in our current world, would be having a mail server/client setup where you can generate random addresses for yourself like Wf1JJUBHLu@domain.com and never re-use an e-mail address, much like with passwords, while being able to see all of the incoming mail in the same place and respond with the corresponding accounts.
Then, when your address gets traded around, it'd be fairly obvious (with some basic bookkeeping, e.g. a text field with purpose/URL for why a certain address was created) who is to blame for it and blocking incoming traffic from somewhere would be trivial as well.
I do have a self-hosted mail server and there are commands to create new accounts pretty easily, I'd just need to figure out the configuration for collecting everything in one place, as well as maybe make a web UI for automating some of the bits. I wonder if there are any off the shelf solutions for this out there.
I also have my own mailserver and I don't create new accounts, I have a wildcard filter that drops all emails that come to my domain in my inbox. This is of course only viable when you are the only person using the domain, but I just sign up with a new mail address every time I sign up, for example my hackernews account would be hackernews-acc@xx.com That way I have a clear differentiator for every domain.
I do something similar except that I do not allow wildcard reception - I create unique service-identifying user@ for each service I give an address to, and have a simple script that immediately adds that to the Postfix virtual table.
That way the SMTP server can reject all unknown user@ without accepting them in the first place - preventing spamming and some types of denial of service through resource starvation.
I also apply greylist based on a unique tuple (From, To, client IP address) so on first connection with that tuple valid SMTP clients need to re-deliver the email after a waiting period. Any subsequent delivers are accepted immediately.
That's a pretty cool approach! I'd only be worried about the risk of leaking the main account address when responding to anything, but it's probably doable with a bit of research, like Postfix catch-all setups seem straightforward enough.
FWIW that should just be a matter of using the right configuration and mail client. With Fastmail for example I get to use a catch-all setup with my domain, and respond to whatever email it was sent to.
And the other way around as well. Send an email from an arbitrary <whatever>@domain email address.
Yes, but privacy suffers with this approach, because if one of emails ending in @domain.com is tied to your identity, all are.
That's not really my use case, but seems like an important concern for many!
At that point, you probably want to use whatever features one of the big providers use, like: https://proton.me/support/aliases-mail
Maybe even something that'd sit in front of a mail server that you yourself control, I wonder what the variety of options out there is.
This is true for someone manually searching for your info, but sufficient to fool spam lists and most data brokers. This really depends on your threat scenario.
> This raises an interesting question: should email addresses be private?
Yes and no. Both of them. As any powerful tool, email is going to be abused, like any other alternative would be when it will come one day. Those services allowing creation of dynamic email addresses do their job (until they're banned, that's why I'm not mentioning them), however using them isn't automatic and most people don't even know about their existence. What if we then did upgrade email protocols to reflect current needs wrt privacy and modified existing mail servers so that they could create dynamic addresses when asked by a simple flag? Example: I want to subscribe to a service from company XYZ, however I'm not sure how much I can trust them, therefore, when writing an email or filling a web form I can activate the option to create a new address that is tied to the recipient I'll be writing to, and will work as a dedicated proxy for my real address, that is, every mail I send to the recipient using my real address will be actually sent from the new dynamic address, then all replies to the dynamic address will be routed to my real one, but a field in its headers will always contain either a memo by me (example: "signup with XYZ") or the original recipient (example: "info@xyz_trustuswerenotspammers_yeahsure.com"). This way one can immediately spot whoever sold their address to others and blacklist them. As said, those services work well but not being built in into mail servers and clients their adoption is quite restricted. I don't see why that function shouldn't be embedded in a new upgraded email protocol as the modification would neither be that hard nor consume any serious resource. I would however expect heavy resistance against the adoption, of course.
In a world where email costs ten cents to send (per receiver) email addresses need not be private. In our world? They kinda need to for sanity.
even 1/100 of a cent would solve the problem - but create a bunch more!
I think it just needs to be communicated. Some websites allow login only by login name and not by email, some people have identifying last name, others hardly identifying full name and whatnot. There's no universal or universally agreed answer to that, so it needs to be said whether your service _consider_ it public information or not.
Pr definition the email address is considered as private information and should be protected accordingly.
It should, mainly because an email is not just an email, it's a channel to reach otu to you, your internet address. And we know how that is going in your inbox.
>Addresses of buildings aren't private, and they're somewhat analogous as with many computing concepts.
Buildings are analogous to domains, not email addresses.
This raises an interesting question: should email addresses be private?
GDPR is clear on this and there have been significant fines for revealing email addresses against the will of their owners (e.g. using cc instead of bcc). Not saying this is the ultimate wisdom, just a data point to consider.
By itself or linked to other data? Afaik PII is usually a set of linked data. As in common name and surname are not PII. Together with age, they can be.
> should email addresses be private?
I dunno. Should your personal phone number be private? Or your home address? Would you be okay if I knew it and shared it with a stranger? Or would you rather be asked permission to share it first?
Seems pretty cut and dry to me. Yeah, there's going to be someone out there (there always is) who doesn't care, but I'd wager the majority would be pretty ticked off if you gave those pieces of information out to a rando on the street.
None of that information is actually private though. Your home address and personal phone number are likely in the public record for any number of reasons, such as ownership records or court filings. Or maybe a Facebook post from 2009 that your mom made. Unless you're one of the 0.00001% of people who do things like rotate your phone number and address annually, it's out there somewhere.
But public vs private is a spectrum, not a binary true/false. My phone number is public because I get sales calls from various companies to it. It's annoying, but bearable. But there's a big gap between that and the New York Times putting my name, number and picture on the front page.
So your home address and phone number aren't private. But they're also not readily accessible unless someone is really dedicated to finding them, so they're not quite public either.
There are plenty of countries where all that is public information, back in the day there even used to be a phone book with .. name, phone number, and address. And many countries have this now in digital form.
The missing part is the action part.
An email (or phone number, or address) is an identifier. Asking whether this identifier is public or private misses the important thing, which is the action that can be paird with the identifier.
So therefore, there's no universal answer to whether the identifier should be public or private. It's a case by case basis, when paired with an action.
For example, i don't want a shop to see me buying condoms, so shops shouldn't get my email address (or phone number).
Interestingly, public U.S. state property records will just disclose where you live whether you like it or not. With as little as your name, a home address is trivial to find.
We used to get these big books delivered to our doorsteps that had your name, your address and your personal phone number. You could pay to opt out.
If I published a list of all name and addresses, that's still different than "here is harywikle's full name and address". I imagine you wouldn't be too pleased?
The link between online identity and offline identity is a sacred barrier. And I'm not sure that archive.org breached that particular barrier.
That's the issue I take with the "phonebook" defense. It justifies doxing people by collecting and connecting publicly available information online. All the information is out there, it's all on a phone book, your email was published online, and so on, but the end result is clearly bad so something in the process should be handled more carefully.
Phonebooks were a thing not so long ago...
And they contained data of which people allowed disclosure. When you did not want your information to be published, you informed the telephony provider and the phonebooks would not include it.
For a fee. In Australia at least it cost money not to be listed in the phone book.
Numbers were however tied to a property rather than individual personal phones in our pockets. When you think about it, mobile phone technology arrived quickly and caught everyone by surprise. Back in the 80s very few people thought we'd be carrying around "pocket TV phones" in such a short time.
This question could not be more academic
It's not just uploads but any item that uses the email address as a unique user identifier (I'm not technical enough to explain this clearer but [1]).
An email address will be part of the xml in his uploads but also in his profile, which anyone can access by simply changing the url from https://archive.org/details/@foobar to https://archive.org/download/foobar. So, in essence, one just needs to have a registered account, independeltly any uploads made.
[1] https://help.archive.org/help/accounts-a-basic-guide-2/
This is bad enough. This alone is a privacy bug/data leak.
Theoretically, someone could scrape the pages and compile a list of exposed email addresses.
> Theoretically, someone could scrape the pages and compile a list of exposed email addresses.
I laughed. Oh no! Anyways…
The people interested in identity theft are probably too busy figuring out what to do with all the SSNs they stole (not from this breach, but from the annual catastrophic breach of a credit bureau or government repository).
And the people who want your email probably already got it from one of the hundreds of other services you have to create an account for now.
I’m not really sure if there are circumstances where donating to the internet archive could be held against you and lead to persecution. Maybe in certain Luddite communities? The Amish? But then, how would they know…
One solution is to use a unique email address for every website, and change the address if the site gets compromised (with the old address getting added to a spam filter).
A pulled an old friends website down from Internet Archive.
He's moved on the next stage, but I was glad I was able to put his site back up.
It'll be a shame if IA goes down permanently, but we need a decentralized solution anyway.
Having a single mega organization in charge of our collective heritage isn't a good idea.
I have always thought about this. It would be interesting to have users actually store small amounts of redundant info on a device connected to the internet. Very similarly to what a torrent does but with more peers (more data shards than full copies) and less seeds. And try and keep a huge database for everyone. Obviously open source and it would end up something like tor where they just assist the network with security patches but they don’t actually have any real “control” (admin dashboard control) over the network at large. We already do something smaller but like that with website static file caching, but at much smaller scale. Obviously security implications of this would be very hard but maybe not impossible to overcome. ipfs comes close but it again does more seeds then peers.
if anyone knows something like what I'm suggesting, I'd love to hear about it!
IIRC there were a few storage based projects that popped up using alt coins to encourage people to offer excess storage space for other randos on there internet. The possibility you might be storing illegal content might have been what killed it/them.
https://en.wikipedia.org/wiki/Cooperative_storage_cloud gives a few examples, like Filecoin.
In my opinion, IPFS was killed by a few things:
1) wedding itself to crypto with FileCoin.
2) terrible performance due to architectural choices (basically: too much pointer-chasing, except every pointer was back out to the DHT).
3) No serious attempts to integrate with existing software distribution strategies.
I think it's still a good core idea.
Its DHT implementation was shit. Ignoring all existing wisdom, it uses persistent connections, rates peers and has far too many special nodes.
Does https://ipfs.tech/ fit the bill?
Are you, by any chance, named Richard Hendricks?
The main issue that such hosting faces is that it's less efficient and more expensive than just regular centralized servers.
Anything would be better than the current system where you basically just have one source.
Independently ran mirrors all over the world, along with snapshots.
Have the occasional fork or two. Say your from a small town in Northern Illinois. If you have 2 TB of image archives from a defunct local newspaper, it might be good for photography forks even if it wouldn't make sense for the main archive.
This was a plot line in Silicon Valley.
I believe that it would be possible to cost effectively build and implement an architecture for a distributed IA backup—this comment entails some notes.
The system that asks volunteers about their age, sex, location, and storage format details (the model, past use etc. can be used to predict the durability of a single storage) without sharing most of this data anywhere.
The downloaders are then algorithmically allocated pieces of the archive. Exampli gratia such that there is at least limited amount of overlap between the pieces, and two people same country won't provide redunancy for each other.
When a downloader verifies that they have completed the download by giving (unique, to prevent fake-download sabotage) SHA hashes of the data, the information that these pieces have been downloaded in this or that country, plus an estimate of the reliability of the storage, is added to a public database, for the algorithm to use in the future.
Every downloader is then generated a public and private key so that they can give the hash of their download again once in a while or just verify that the piece is still there. The reliability estimates (based on storage / hardware details) would be empirically calibrated based on the data about the actual storage failures.
A public counter, estimating how well the archive is currently backed up via this scheme, could be displayed.
For copyright issues, it would be possible to encrypt some of the data, e.g. such that normally borrowable items become readable files only when X% of downloads are pieced together.
The scheme would be primarily based on existing designs and algorithms but work roughly as depicted above. I am not an expert of what compression, hashing and other algorithms should be used, and it needs lots of good work, to determine how to avoid errors in the scientific part of estimating the reliability of the downloads—and generally a situation where it would turn out that lots of data was lost when attempting to put the pieces back together again.
Remark (engineering): To empirically validate the correctness of the software of the backup architecure by testing it on grids of real hard drives in single places will probably give safety against catastrophic failure. Even better would be to obtain large amount of old hard drives and SSDs kept in a single place for a long time, to validate that the software works over time.
Remark (integrity): That a downloader actually has the downloads can be verified efficiently by IA server adding small part to the piece the downloader has, hashing it again, and requesting the new hash.
Remark (redunancy): It may be possible to develop a social program that analyzes whether a volunteer in certain place can provide more redunancy by buying themselves a hard drive or by supporting the acquisition of hard drives for volunteers who have proved themselves realiable elsewhere. This is speculative and the benefit may be lower than the risks.
Finally, instead of "public database" it may be much more optimal to decide to use a blockchain of some sort. Not a cryptocurrency, but a blockchain. This is because if the idea is to distribute copies over the world to ensure continguency in case of IA main architecture collapse, then the more parts of the distributed backup architecture (which must actually not be "the backup architecture" but "a scheme", that no everyday IA decisions rely upon, and that just exists out there) are on a blockchain network run by a "decentralized" system, the more reliable it will be.
My heuristic plausibility analysis: 0. IA backup would not need to be constantly accessed or changed (this makes storage easier, cheaper and prolongs the maximun age of the storage) 1. Not all IA has to be backed up: a distrobuted backup that successfully recovers 10% of IA in a catastrophe is by all means a great success (consequently priorization of what might / should be stored should probably be part of the algorithm that decides what volunteers download; and what existing "big" archives already store that overlaps with IA should be taken into account in this analysis) 2. I recall you estimated 30-40 M USD ballparks for a single copy: a properly led open source project may be able to develop this for free, and fairly compensated one could be ~ 0.1% to 1% of the cost. 3. The Sia network https://siascan.com/ has space for 7PB; and it's for storage where one can download their own files at any time; and they have had very little publicity. 4. 2TB hard drive costs 50-100 USD and 20PB would be 10 000 humans buying one 2TB hard drive which by itself is possible. Hobbyists and organizations may be able to provide even larger capacities. 5. Most IT projects fail, but since lots of technology already exists and in this we know what we are doing and IA might be able to recruit above talent we can conservatively, give conservatively 50% chance the groundwork development to succeed, or 45% without funding. 6. If the develoment succeeds, then there may already be around ~ 100 potential volunteers. I estimated that 0.1% IA visitors may volunteer, plus 1% from Hacker News traffick were to project to be mentioned there, plus growth over first few years and traffick from elsewhere. Perhaps 75% chance to get 10% of IA backed up by volunteers, given development succeeds. 7. If that much is backed up, there is perhaps 5% of attaining 200 TB in next few decades.
Conservatively, given that open-source development starts, one gets apprx. 33% - 38% chance that 10% backup is achieved & apprx. 1-2% that 100% of what is now in the IA, could be backed up. These are of course rather meaningless numbers, but the fact seems that in the lack of funding to build a complete backup IA can best guarantee continguency by starting to build a distributed one. Perhaps this was needlessly lots of words for a simple proposal.
- X
---
Note: It's probable that at least the NSA has a private full IA backup.
This is why BitTorrent and other P2P solutions were invented, but alas: A. The RIAA, MPAA, and ESA have given these technologies a terrible reputation. B. Nobody likes to seed. Some kind of seeding-based crypto would have been a great incentive if cryptocurrency wasn't also demonized by now.
Part of the reason people don't/didn't like seeding is that many residential lines are so terribly asymmetric. If you had 100down/5up, seeding your torrent at a useful speed was often enough to degrade your connection into unusability.
It's called torrent protocol and it doesn't work, no one wants to spend money and bandwidth hosting a god forsaken movie or book that only a handful of people care about.
Not much money and bandwidth if you aren't on a metered connection. You can share tens of gigabytes or more on a cheap read only flash plugged into into a $25 single board computer that draws way less than a full PC and can be left sitting there near the router. Just limit its bandwidth on the torrent client and you won't even notice it during online gaming. The client can be as small as the Transmission daemon running headless on one of the many Debian based embedded distros: all control through either the web interface or from its client: no monitor, mouse, keyboard etc. just a small cheap box.
https://www.friendlyelec.com/index.php?route=product/product...
(just an example, as it's way overkill for the task)
https://transmissionbt.com/
https://github.com/transmission-remote-gui/transgui
I see 24 seeders for the entire 72-episode run of the 1991 sitcom "Herman's Head" which was so poorly rated that it's never seen a home media or streaming release, your premise doesn't hold any water at all.
People are pirating comic books and cookbooks from the 30s; there are a lot of people in this world, if something goes on the web and you tell everyone you put it there, it's pretty much preserved. It's only law enforcement that kills free availability of everything all the time online, for better or for worse.
With copyright, as individuals we get to trade all of the wonderful stuff already made (and long paid for) for the flood of minute-old shit and sludge inundating us online constantly. It's a bad trade. Maybe copyright should stop encouraging creativity; the answer to how "artists" would get paid post-copyright might be "who cares, quit if you want."
We already have Herman's Head, we don't need any more crap.
I never thought about UBI and copyright - but as soon as you say that, it is immediately obvious to me that when we have some kind of UBI, copyright should be dramatically reduced.
Copyright should be reduced in general. 20 years was already excessive for exclusive control over culture, 200 is just absurd.
I 100% agree. Just pointing out that UBI changes the discourse on this subject.
> With copyright, as individuals we get to trade all of the wonderful stuff already made (and long paid for) for the flood of minute-old shit and sludge inundating us online constantly.
What does this have to do with copyright? People post sludge online even in chaotic meme environments where copyright is irrelevant and people constantly take and repost each others' stuff.
It does work, when you don't notice it. We need sane limits and permanent seeders. This is why so many regular people get hit with ISP notices, they don't know they've seeded Captain America for the last six months every time they started their PC.
Yup. If browsers built in support for magnet links and (on desktop) defaulted to seeding with some capped bandwidth then a lot of centralized hosting platforms would become unnecessary.
You can build something very similar with WebRTC. Browsers already have P2P networking capability, it's just not immediately interoperable with BitTorrent clients. Standardizing some sort of BitTorrent over WebRTC bridge and adding it to BT clients would fix this problem.
That being said, please do not host content this way. P2P blows away the already thin privacy guarantees that the web provides. Anyone seeding the site gets the IP addresses of everyone on that site, and can trivially correlate that with other sites to build detailed dossiers on, if not individual people, at least households[0] of people. After all, that's how the MAFIAA[1] sent your ISP DMCA scare letters back in the 2000s P2P wars.
[0] IPv4 CGNAT would frustrate this level of tracking, but IPv6 is still subnet per subscriber. Note that you can't use individual v6 addresses because we realized very early on that the whole "put the MAC in the lower 64 bits of the address" thing was also a privacy nightmare, so IPv6 hosts rotate addresses every hour or so.
[1] Music And Film Industry Association of America, a ficticious merger of the MPAA and RIAA in a hoax article
> You can build something very similar with WebRTC.
Isn't that exactly what WebTorrent is?
I hadn't considered the privacy implications. For this to be workable, you'd need to pair it with near-ubiquitous use of some anonymizing overlay network.
iirc opera browser tried that
If the whole world has bandwidth available for TikTok, it can make the same available for sharing torrent files.
I've been seeding some unpopular torrents for ten years (would have done for even longer if I did not change the torrent client a decade ago). "No one" is too strong a word, as usual with these absolutist things.
Agree, shouldn't have said no one. But you got to recognize that some torrent are most popular than other.
I would have absolutely no trouble downloading the latest marvel movie but if you are looking for some old Soviet movie, Iranian movie or even old American movie then you're in bad luck. I've never seen more than 0 seeder on thepiratebay.
In addition to the costs, I'd say it's also that no one wants to risk getting sued like the IA is getting.
I keep wanting to do this for old sites, make like a personal mini IA. Besides just using wget or curl, any tips for pulling down useable complete websites from IA?
Agreed, especially an organziation that has already shown to not always be impartial.
A decentralized solution, doesn't that scream internet archive on blockchain? What could go wrong.
This is one of the very few real use-cases I can think of for the blockchain
torrents maybe
More details here about the data breach. Stolen database contains 31 million records.
https://www.bleepingcomputer.com/news/security/internet-arch...
> the Have I Been Pwned data breach notification service created by Troy Hunt, with whom threat actors commonly share stolen data to be added to the service
Do they? Why?
Proves they really did hack something. There's other sites where hackers register defacements etc.
If Troy authenticates the data, they can use that as an 'endorsement' when trying to sell it.
This. Typically HIBP attribution includes the email of the "submitter". Various data aggregators will contact them and buy the stolen data. Everybody wins*.
* Exceptions apply.
Where on HIBP can I see the email of the submitter?
It's not available in this case, or every case. When available, you can search "The data was provided by" in https://haveibeenpwned.com/PwnedWebsites
Thanks! Slight correction: only 2 breaches say "provided by" with a source, but a ton of breaches say "provided to" HIBP with a source.
Is there a way to modify the HIBP reporting process to avoid aiding the sale of stolen data?
Doesn't the value drop dramatically if it has already been shared with Troy and the HIBP database? Or is there a time frame where it has been authenticated by Troy but not yet added to the database?
I don't think so.
Troy isnt publicly sharing the credentials and that's what's valuable — especially having "exclusive" access.
He blogged or tweeted about this at some point. Sadly, I can't find the link.
Anyone who buys it or finds it in the wild can also upload it.
> The data will soon be added to HIBP
My unique-to-archive.org email address is not there yet.
I just checked and my unique-to-archive.org email is showing up in the breach as of 2024-08-09.
Mine isn't, but I've created my account only a week ago, so maybe I've created the account after the breach.
EDIT: Should've read TFA more thoroughly, it says the breach happened before the 30th September. And I created my account around the 2nd October
Mine too.
Many hackers will remove addresses that are obviously unique, including tags, to keep silent which database has been hacked, but it seems inconsistent.
I have checked and known my address was in a hack and it isn't there, while other times it is there. I also wonder if they start filtering out by domain, as they see a domain across multiple databases with unique addresses in each database exactly one time.
Out of curiosity, do you use a unique email address for every single service?
Yes, without exception. I want to know who is leaking/selling my address, and usually stop doing business with those who do. It also makes filtering really easy. People sometimes have strange reactions when I verbally give them an email address with their company name in it, especially when I'm a new customer.
All you need is a domain and an email provider that allows catch-all addresses, both of which are easy and cheap.
I do the same but use initials and random chars so hackers or employees can’t assume my email addresses for other sites/services.
e.g.: hn_t47fb@my.domain
I also use @my.other.domain for websites, so my human contacts won't assume it is me if they see it.
I love doing that, when someone asks me for an email address, it’s always their-name@my.domain - always gets strange looks!
Edit: even more fun with catch all domains then it’s company-name@spam.my.domain
I always see people claiming they use this strategy, but I never ever ever see people blaming services saying "this and this company sold my data to spammers". Where are the name-and-shame people? Have you ever caught anybody doing anything?
It's hard to distinguish between leaking and selling, but I think leaking is much more common. Dropbox famously leaked a lot of emails in ~2012, including mine - I was never a paying customer and that put me off becoming one or using them (to this day most spam sent to my domain is to that Dropbox address). Two local PC parts companies leaked or sold my email. I confronted one about it and they claimed they hadn't had a data breach, so either they sold it, or they were too incompetent to know they'd been hacked, or they lied - I suspect incompetence but whatever happened they lost my business. A couple more incidents long ago too.
Real estate agents can be pretty aggressive with emailing, but IME respect unsubscribes and don't seem to share/leak emails. I kind of wish I'd used an address per agent instead of per company to see what was happening better.
Non-company uses can also reveal issues. I had an address scraped from a flatmate finding site, and one apparently lifted from a relative's contact list somehow (I only have one I use for family, so that was a concern, but spam to it petered out quickly).
Yes, I was one time suddebly getting whine ads on an E-Mail for a service I signed up. I contacted the service (rather unfriendly) and they apologized and the unwanted E-Mails stopped.
is each address truly unique or are you doing something like username+archive@gmail.com, username+facebook@gmail.com, etc.
It's a separate address that can have its own mailbox if need be, but unless you want to keep meticulous records on the go, and refer to them constantly, some sort of pattern is required.
Yeah we run this on our own Proton Mail whitelabel, and for a few customers who have us manage it, mostly for the filtering aspect, and the occasional customer who has the wrong/mis-spelled address in their system and won't change it.
Not the author but yes, I do. It’s trivially easy so why not?
Same here, only issue I’ve ever had was when my email address had the name of the company in it in the format of spamlklcompanyname@domain.com CS people are sometimes confused by that and I’ve been accused of attempting to hack them by a small shop online because of my email.
Major SMTP provider refused my email address as login because of this. Luckily my moaning eventually made its way to one of their developers who fixed it.
You can't sign up for a Samsung account with the name Samsung anywhere in your e-mail address. Aliexpress another offender. There my email is just spam@domain.
I used ali@domain for aliexpress, which was accepted.
"Are you from corporate?" is what I often get when I need to give my email to a store associate.
Curious, how trivially easy is that?
It's quite trivial.
1. Buy a domain. About $10/year for a .com
2. Buy a /24 ipv4 block with good reputation (maybe like $10k)
3. Get a rack in a nearby datacenter, rack up a BGP-capable router and your servers for redundancy to run email. Takes about $30k initial setup costs if you buy all new, and about $5k initial setup costs if you cut corners and buy used. It'll be $2k/mo after that, so less than the cost of 1 $100 avocado toast per day, quite affordable.
4. Setup your mailserver of choice, such as dovecot + postfix. Enable either a catch-all address, or use recipient_delimiters. The former means "anything@domain.com" works, and the latter means "user-anything@domain.com" works (assuming your recipiient_delimiters are '-'). I recommend using a real catchall.
5. Setup your spam setup, this is the hardest part. I have no guidance here.
6. Point your DNS over, setup SPF and DKIM records, test, and off you go! This should all take about 1 to 3 days if you know what you're doing.
7. Find out that some email will go to spam anyway because you're not using one of the big 4 email providers, but it can't be helped, and anyway no one uses email anymore.
And after that, for less than $30k/year, you have email with catchall or subadressing support. Nice and easy.
You can also pay Fastmail for email and use their "catchall" feature https://www.fastmail.help/hc/en-us/articles/1500000277942-Ca...
Or Google Apps also has a catchall feature.
Then, after you do this, you can simply give internet archive the email address "internet-archive@mydomain.com", or generate a random string. If you forget the email you used, you can search your email history for the first email they sent you, and check the To field.
Hold on.
Why do you need a dc rackspace and a /24 just to have your email ?
This is hacker news, we're all either founders who have 2 billion dollars in (illiquid) stock options, or FAANG employees making 600k/year, what else are we going to do if we want email?
Sure, you could pay fastmail $40/year for this, but that's not really the hacker news spirit, and no one on this site knows how to count as low as $40.
The real justifications you can give yourself:
Shared VPS hosting pretty much all bans email, AWS, DO, etc all have ToS that say "no email" as anti-spam measures.
Shared IP space will go straight to spam due to people having spammed on it in the past. Buy a /24 to ensure you don't go straight to spam.
Rackspace ensures you actually own your email, at least moreso than with other shared hosting, and owning your email is important.
> Shared VPS hosting pretty much all bans email, AWS, DO, etc all have ToS that say "no email" as anti-spam measures.
Complete FUD.
Here is DO's acceptable use policy:
https://www.digitalocean.com/legal/acceptable-use-policy
You can see that they explicitly have policies for email hosts.
Here is a guide they host on how to setup a mail server:
https://www.digitalocean.com/community/tutorials/how-to-run-...
They forbid spamming, not all mail.
> Shared IP space will go straight to spam due to people having spammed on it in the past. Buy a /24 to ensure you don't go straight to spam.
I have had no problems with deliverability to Google from an IP on a shared block. I don't send marketing mails or any other kind of spam though. Microsoft blocks my IP but they are too small (outside businesses) for me to care to give them special snowflake treatment.
Deliverability of your own mails is also irrelevant for the original discussion about using unique email addresses for signing up to services - you don't need to be able to send at all for that.
been using racknerd.com vps for last 3 years for running miab. ZERO problems so far.
costs around $12/year+domain
For the “least painful” self-hosted email setup, you can’t be hosting on an IP in a subnet that’s ever sent spam, if you want to avoid being blackholed occasionally. This means you can’t have an IP allocated to you by a hosting provider, or a residential ISP, or a “business” ISP, or any cloud provider. That leaves very few options.
Note that I am speaking from personal experience here. I have been self-hosting email for over a decade, from the same IP, with (roughly) the same DNS records. Occasionally, for no reason, I will end up on the global spam list for Gmail, Outlook, or iCloud - never more than one at the same time, and never with a discernible reason. The best I can figure is that the IP is allocated to me by a hosting provider that occasionally sends out spam from its subnet (aka any hosting provider that doesn’t block smtp). I have also tried self-hosting a different mail server from a variety of residential IPs in different cities and countries, and ran into the same problem.
It’s a joke ! You can run an email server off your phone
Not sure if mobile carriers would allow the required ports to be routed, and the connection is usually behind CGNAT, so you can't accept connections from the outside to receive emails. Many home ISPs however can give you a (mostly) unfiltered public IP that once paired with a dynamic DNS service can be reached from the outside. Once the network part is solved, a small cheap box (*Pi like board, mini PC, etc) can be set up to act as mail server, with firewall rules on the router that don't expose anything else to the outside.
I meant just in terms of compute power. Like my isp gives me a static IP with forward and reverse dns, and the box lets me put the phone WiFi ip address in the DMZ so all traffic is handled by the phone. Then the termux app lets me run sshd and other stuff.
And actually I think this is a kind of setup people could get into: an Android dist that focuses on self hosting off an older device.
Satire
Hold on.
Where are you finding $100 avocado toast?
I have an even easier approach:
- have an iphone/mac w/ icloud+
- go into settings
- add custom email
- get redirected to login to cloudflare
- buy/pick a domain for $12
- icloud+ automatically sets up the MX records on the domain via cloudflare
- enable catch-all emails in icloud settings
- Done!
Takes about 10 minutes & icloud provides the email hosting without any additional fees
I use Bitwarden coupled with AnonAddy (0) for simple and free on demand email alias generation.
0. https://bitwarden.com/help/generator/#username-types
Some providers allow you to use Alias emails (I think google redirects mail to ia+mymail@gmail.com to mymail@gmail.com), and if you use your own domain, you can just use a catchall redirect and enter a random address (ia@mydomain.com which goes to catchall@mydomain.com).
1/ Buy a domain of your choice 2/ Register an account on Migadu.com and pay them $20/year 3/ Configure your domain nameserver with the settings provided by Migadu 4/ Done.
1. Register domain on Cloudflare
2. Configure a catch-all forwarding address to your private GMail
Done.
Many providers support plus addresses like bob+servicename@example.com. Servicename can be anything and doesn’t require any setup.
The +, however is just a comment delimiter.
All a service provider or malicious actor has to do is simply not include it when storing or publishing it to evade tracking.
Stripping it is not uncommon for services to prevent duplicate accounts.
Register an account on spamgourmet.com, move on with life.
Purelymail allows it
How do they get a hold of all these leaks so fast?
Voluntary sharing, since afaik they don't pay the criminals to get the data. Either the criminals share it directly (fat chance, usually), or someone else bought it and shared it either publicly, privately with HIBP, or privately with someone who then reported it to HIBP
How this specific instance unfolded, time will have to tell. The leak may have occurred in 2020 for all we know at this point
There is a strange dynamic between the threat actors who conduct these breaches and researchers.
When not used for extortion and for "status" in the hacking community, they share them with researchers (commonly HIBP) to warn people about a site's security and so that site is forced to fix things.
Definitely a strange dynamic.
A form of ‘counting coup’ I imagine. [https://en.m.wikipedia.org/wiki/Counting_coup]
"Breach date: 28 September 2024" - I'm assuming they've checked with some recent signups to confirm the timeframe.
https://haveibeenpwned.com/PwnedWebsites#InternetArchive
My question is: How did Scott Helme end up with a password hash that features his own name?
He didn't. If you break down that field you see:
2a = bcrypt, 10 = 2^10 rounds, Bho2e2ptPnFRJyJKIn5Bie is the 22 character salt, hIDiEwhjfMZFVRM9fRCarKXkemA3Pxu is the 31 character hash value, and then there's ScottHelme. Best guess is that the archive.org folks just appended the user name to the stored hash. Maybe once upon a time they didn't have a username column in their table and this was a creative way of adding it.Friendly reminder to generate a unique password for every account you create so database leaks like this one don't bother you (besides on the site they're used).
https://xkcd.com/2176/
I think pretty much the same argument for old-world POTS. While nothing was encrypted, nothing was recorded and someone had to physically access the local copper, which in reality provided more privacy than the future (today) where everything is recorded forever and you can bribe, extort, hack, blackmail, or just for fun leak everything recorded.
I hadn't seen that one, I love it!
MFA
... is not something your should rely on.
… but something you should do anyway.
Having unique passwords isn’t something you should rely on either. Good MFA practices limits the impact of breaches like this. It isn't an either/or thing, do both.
I use login with google, idk if it is safe
Just noticed the site now alerts this:
> Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!
Jokes on them... I'm already on HIBP countless of times...
It's all good, as long as you're not in that recent AI Girlfriend breach which exposed a ton of users who were trying to coax it into generating CSAM images.
https://x.com/troyhunt/status/1843788319785939422
“I went to the site to jerk off (to an adult scenario, to be clear) and noticed that it looked like it [the Muah.ai website] was put together pretty poorly,” the hacker told 404 Media. “It's basically a handful of open-source projects duct-taped together. I started poking around and found some vulnerabilities relatively quickly. At the start it was mostly just curiosity but I decided to contact you once I saw what was in the database.”
What a nice guy.
True penetration testing.
Well, only success with one kind.
Not sure if you're being sarcastic or not, but pentesting is not a particularly evil activity — and you often have to look at data to see if you actually found something.
What is evil is the way that he's ensured that the predators in the dataset will never face any consequences by making the data available to HaveIBeenPwned, making it trivial for predators to protect themselves (the method through which this is possible intentionally left as an exercise for the reader), and making the data available to a news website for...some reason, but it's bound to ensure that the vulnerability will be patched out quickly and no one else will be able to access the data.
I find it much more likely that this hacker who sought out a website for uncensored AI erotica isn't actually a good guy, and might even have something to hide within the dataset. Hopefully, I'm wrong and we'll see more of this.
How would that protect predators?
Did you miss the joke? Parent poster means penetration as in penetrative sex
I'm also on HIBP over 10x. What are we supposed to do? Create a new email address for every service we sign up for?
I don't know what the best practice is for keeping our personal data safe anymore.
> Create a new email address for every service we sign up for?
Exactly that, yes! Various services like icloud or proton offer "hide-my-email" addresses, or you can use any email service and just leverage a dedicated email aliasing service like SimpleLogin (paid but cheaper).
This way your email addresses are always random, and since these are shared services, the fact that it's random doesn't identify you either. In proton's / simplelogin's case, you can even set the display name used and email first, so from the outside it's not going to appear as strange, or have any real limitations.
If you think about it, modern email services don't really allow for easily testing if an email address is valid or not, so pretty much the only way your email is ever found out is if you share it on. So never share it on. Always share an alias instead. With automated systems, you may even want to rotate it every so often, so that if there's a leak, you can identify not just who leaked, but also roughly when.
Fixed identifiers, like an email address, are terrible, as their lifetime is always significantly longer than whatever context they're being used in for.
Using unique email addresses makes phishing attempts extremely obvious…
(No, this official looking email from my bank is fake since it was sent to Grocery@my.domain …)
I get a ton of "This is your email administrator -- your email password needs to be reset" to github@mydomain
Hey at least after they fill your account up with spam they also send you warnings that you are running out of space.
Truly unique email addresses and passwords per service is the strongest approach, but there may be alternatives. For instance, Gmail allows address+tag@gmail.com, which will save you from the lowest hanging fruit (block the +tag when it’s compromised to prevent the laziest spam from reaching you). iCloud also allows automatically generating a new email address that forwards to your inbox for a new account when using iCloud Keychain (possibly when using other password managers too, but I haven’t tried).
Gmail's +tag (and the .) is nice in theory, but terrible in practice. It's super easy for malicious actors to just drop them and there are a few services out there that simply are not able to work with the +tag, potentially getting you locked you out of your own account. Not gmail's fault, but I would recommend against using it.
> Create a new email address for every service we sign up for?
Yes! Just get a domain and have every email it go to you. Mine is something like “@super-secure-no-viruses.email”
There are probably people that would sign up for such a mail. Like urlify.io and other similar URL "shorteners".
Yep. ~300 addresses on my domain, 0 breaches across all of them on HIBP domain search over >6 years.
I guess internet security is not as bad these days. :)
Password manager + unique password per site + 2FA for anything of value.
And my SSN's probably available for purchase with 9 types of crypto, too.
I assume that if this is a bad actor, then account email/name will be leaked?
Is it a genuine alert, or hacking artifact?
Sometimes with friendly / attempt-at-humorous error messages it’s difficult to tell
I feel like it's safe to assume the official Internet Archive would not write a "friendly"/attempt-at-humurous/unprofessional/confusing/delivered-by-popup message advertising a devastating security breach. Oh also while announcing that nowhere else.
Obv an attackers ability to insert a message does imply a breach beyond a DoS. But I am pretty confident that message was not from the IA.
It's a literal window.alert()
But was that code placed there by IA or by the malicious party?
Verge reports someone has taken credit for an ongoing DDOS against IA. "An account on X called SN_Blackmeta said it was behind the attack and implied that another attack was planned for tomorrow" https://www.theverge.com/2024/10/9/24266419/internet-archive...
Ok, let's switch to that link. Thanks!
Submitted URL was https://archive.org/.
The verge generally is clickbait, another site choice would have been better.
That class of sites generally is, yes. But on HN we go by article quality, not site quality (https://hn.algolia.com/?dateRange=all&page=0&prefix=false&so...) and I didn't see a better specific article on this. If there is a better one, we can change the link again.
This bad actor has videos of them supposedly “ddosing” Spotify by pinging 1.1.1.1 in two terminal windows on their Twitter.
Is there any link between them and the real attack or are they just unrelated people claiming credit for it?
Sounds snarky to me. I'll bet it was the malicious party.
it wouldn’t be a window.alert if it were IA
It looks like someone has compromised one of their subdomains for Polyfill
Update: Subdomain seems to be returning normal responses again now.
You mean the IA included some JS polyfill from a subdomain and that's what's compromised / where the alert is coming from?
Yup.
https://news.ycombinator.com/item?id=41792651
yes, "https://polyfill.archive.org/v3/polyfill.min.js?features=fet..." is the URL with the malicious code
It looks like it is running the service that was part of the supply chain attacker earlier this year. https://github.com/polyfillpolyfill/polyfill-service/issues/...
The service was fine, it was the "official" hosted instance of the service which was compromised. IA appears to be running their own instance.
That was a DNS hack of polyfill.io though right? This looks like it was/is self hosted.
Yeah I'm getting this exact response from the above URL now:
https://sourcegraph.com/github.com/polyfillpolyfill/polyfill...
Seems like they self hosted that service
Correct. The source subdomain of the popup seems to be hxxps[:]//polyfill[.]archive[.]org
That would perhaps explain how they managed to inject the JS alert popup, right?
Yeah, but the leak has been confirmed by HIBP, I found my address in there.
DOH. I hadn't heard this.
One of those instances when you really wish curses worked on whoever was pulling this stunt “may you and your descendants suffer the bites of 10000 fleas for 10000 nights as punishment for your misdeeds”
Probably not the best time to say this, but it's surprisingly easy to go through a collection with items and grab every email along with the usernames.
https://archive.org/metadata/naturally_a_girl/metadata
One way or another, there was going to be someone who would take loads of emails with a username attached to it. A bit intrigued by how the hacker compromised the database and got the passwords.
Damn, I had no idea about this. Definitely would've changed some things had I known that emails were public.
This honestly seems like a bit of a design flaw.
Yeah, they have ignored everyone's concerns about the email thing. https://github.com/internetarchive/iaux/issues/892
Why go for the Internet Archive go for something else not the fucking archive!
We all need our easily accessible decentralized archive of some sort...
yes
This thread is looking like it'll be one of the first places this incident will be documented (seems to be on the top of Google).
Already there are two new users just for this.
i see more than 2
Yeah, I was looking around, but saw no mention of it anywhere until I realized it just happened.
[flagged]
[flagged]
now internet archive is offline. uh-oh?
I have had an IA account for a number of years, with a gmail address. Nine months ago, I changed the email address to a masked address using my own domain. Now I find that my gmail address was still stored, and was involved in the breach. Why? I get that they might store change history, but why?
BTW, for the current account details, I changed the password to another random string generated by my password manager, and also deleted the masked email address and generated another one, so going forward this sort of thing isn't that much of an issue for me.
I have a similar situation, where I signed up with my main account and later changed IA's email to a more private address. It was the first email I checked on HaveIBeenPwned and it doesn't show up in this leak. The other couple IA accounts I have, whose emails and passwords are exclusive to them, they all show in this leak alright. I have no explanation to your situation but this was also my immediate though and I also wanted to give the opposite perspective.
It's also possible that the breach was earlier or going on for longer than reported.
https://www.reddit.com/r/DataHoarder/comments/h02jl4/lets_sa...
I found this reddit thread from /r/DataHoarder about backing up the internet archive particularly interesting, given the circumstances
50 PB * $0.014/GB = $0.7M. $0.014/GB is from[1], bare drive cost without chassis, power, or redundancy.
1: https://www.backblaze.com/blog/hard-drive-cost-per-gigabyte/
How long does an average hard drive last? You'd have to spend that 700k every that many years (plus the extra bits you mentioned). Quite an operation actually
I actually find that fairly tame. For a point of comparison, Wikipedia gets ~$150M in revenue a year, an "asset rise" (I presume this is what non-profits call profit?) of ~$15M a year, and is sitting on about a quarter billion in the bank.
Not that they want to, but I think Wikipedia could fund this using their current donations if they wanted. Hell, I almost wonder if one of the big storage providers would do it for free if they could do it in their staging environment so they get real traffic. It would be less good than real backups, but extra copies are still extra copies even if they're unreliable.
They should probably consider it, really.
A good portion of the text on Wikipedia relies on Wayback Machine links to remain verifiable. If they lose that, I guess the editors might have to comb every page for information which would need to be either resourced or deleted.
You're right, I guess it is tame and achievable so far as organisations go. I was imagining trying to get some friends together to have a decent percentage of the IA backed up, but that seems out of reach based on this napkin math. Not that that is necessarily demotivating, but it's going to depend on a lot of people intuitively seeing the value and keeping up their share
Yeah, as a sort of pet project I don’t think backing up the whole thing is possible.
You might be able to back up a significant portion of the unique data in IA if you limited it to text files. I think they probably have the highest information to file size ratio.
It’s also probably the most likely to already be back up, though. Interesting issue; you might also get somewhere by cutting the 50TB up into 10GB torrents (or 100GB or whatever, something reasonable for a consumer hard drive) and maybe adding a script that checks the torrent swarm stats to recommend a torrent to download.
Something where I run it, tell it I want to let it use 600GB, and it hands me torrent files for the least seeded 600GB. Maybe a super basic web UI so people can see how well backed up it is?
Unsure if people would sign on or not; I probably would. I’ve got 10 or so TB of NFS I’m not using I could chuck at it. I would guess there are other data hoarders out there who would do the same, but only if it were somewhat easy. I’m probably not going to volunteer to do an hour of rtorrent cleanup a week to make sure I’m backing up the right things.
I think a part of the scope of this project may have already been solved by The FreeNet Project (now HyphaNet) [0].
[0]: https://www.hyphanet.org/
For archival, if you use tape, it comes out cheaper (~225k) and ought to last longer (~30 years).
> How long does an average hard drive last?
This is a great question, and a state of the art kind of thing.
HDDs are sold with a lifetime drive read/write amount and power cycle warranty, along with usually some environmental operating envelope. read/write relates to the quality/space of the platter, power cycle is usually the actuator & read/write head being reseated/wearing out. Environment is the same as all other devices in a DC.
Most folks replace drives when they die (reads/writes stall or return garbage), or when the warranty runs out. Some will pay for a warranty exception, and some will just use the drive outside of warranty. Depending on how you use the drive, what environment it's in, etc changes how much you can push things.
I'd say anywhere from 4-8 years, depending on how it's used. In many cases it can be cheaper to have a worse environment for your fleet (thus using less power on hvac) and replace devices more frequently.
I'm a new user, is this a good time to plug my project that hopes to put 200 GB on a piece of paper? https://sourceforge.net/u/acaiblue44/blog/2024/09/gigapaper0...
> I learned that I can't use file i/o in a function outside the main, which is an unspoken rule that no tutorial elucidated.
is for sure not true, that would be crazypants
I tried for 6 weeks. Eventually, it just stops functioning. The same program and arguments spits out "segmentation fault" 33% of the time I run it, with the other 67% working perfectly. The only way I could explain it was that it was in a function outside the main, because when I put the exact same code in the main, compiled and ran, it worked.
I have no other explanation. At some point, having too many nested loops and variables causes segmentation faults, whereas less complex code functioned without error. I needed to have certain things performed, and it only functioned in the main.
Why would you try to do this in C of all languages? It's one of the worst choices, especially for a self-learner and a beginner like you. Consider: choosing another language could, on its own, 100% eliminate any possibility of getting a segfault! With just that, you'd be spared from having to produce an abomination of many thousands of loc inside a single function, which is never (unless you're Donald Knuth) a good programing practice.
Python is slower but easier, and less likely to segfault out of blue! You don't even have to have a main() loop. If you just have an idea worth demoing quick, I'd recommend switching to Python 3.
It's obviously just skill issue
What the fuck am I reading?
There's also the fact that hard drive capacities keep increasing and increasing significantly faster that the power required, and sooner or later for very long term storage it'd become cheaper to migrate all your data from those 5 year old 4TB drives to more modern 16TB ones. That's assuming you want hot access to the data and don't plan on spinning them down as soon as you've written to them, like you'd do for a cold backup of the whole IA.
I remember for a long time (I'm talking 20-ish years back here), every hard drive I bought had double or more the capacity of every drive I'd ever bought previously combined. My first ever 40MB (yes, megabyte) drive got upgraded to an 80MB one, that got updated to a 250MB one, then a 750MB, and then a whopping 2GB drive (how would I _ever_ fill that up???) - and so on. That's slowed down some, but I'm currently starting to think about upgrading my 8TB drives (Raid1 pair) with 20TB drives when the prices start to drop a bit more.
> ...or when the warranty runs out.
Do people really replace their drives when the warranty runs out? Hard drive manufacturers won't provide data recovery on drives that fail under warranty[1]. It makes more economical sense to just run a drive until it dies. You'll end up paying the price for a new drive either way, but less often if you ignore the warranty expiring.
1: I discovered this myself when a Seagate drive containing some important data failed under warranty. If you're foolish enough to send them a failed drive with data you need recovered (like I was), all they'll do is throw it in the bin and send you a replacement drive.
Backblaze keeps good stats. https://www.backblaze.com/cloud-storage/resources/hard-drive...
1.71% a year failure rate if you care for the hardware as much as they do.
But that number would increase year on year, a 10 year old drive is far more likely to fail than a 1 year old drive
Internet archive is going for long enough that I'd expect it to stabilise by now. If you replace enough of the drivers, you get a good mix.
If this is a backup, you don't need it to be powered up and available 24x7.
So the question becomes more like "how long does an average hard drive last while powered down and still reliably be able to power back up and be read?".
I'm fairly sure that is a lot longer than the single digit years that'd be the probably answer to your question.
I wonder if there are useful guidelines for long term storage of powered down hard drives? My gut feel is the major failure modes would be electrolytic capacitor failure, bearings sticking as the lubrication ages, and obseleting of the interfaces. I wonder how hard it'd be to find hardware that'd read my Mac SCSI hard drives from 25 years ago?
> I wonder how hard it'd be to find hardware that'd read my Mac SCSI hard drives from 25 years ago?
Easy… that original Mac is sitting in my basement and it worked like a charm last time it was powered on 4 years ago.
For that purpose you might want to use magnetic tape like they use in long term archival services
They are cheaper per Gio, and last significantly longer
> How long does an average hard drive last? You'd have to spend that 700k every that many years (plus the extra bits you mentioned). Quite an operation actually
You'd have to spend a lot more, because with that many drives, you need redundancy now.
True, that would be an up front cost. At the same time, the IA is still live. This initial expense can be softened by building up redundancy over some years rather than trying to do everything at once
> True, that would be an up front cost. At the same time, the IA is still live. This initial expense can be softened by building up redundancy over some years rather than trying to do everything at once
I think with that many drives, you'd be losing them constantly, and I suppose you wouldn't know which ones until later (assuming you're doing an offline backup, if you aren't you have to factor in power costs).
IA stores lots of redundant stuff in 5 file formats and none of them are particularly well-compressed, I think. There are (big) savings to be had, but maybe figuring that out (software dev and compute time) isn't worth it?
Interesting to compare their stated drive $/GB to their B2 offering: $6/TB/mo for "pay-as-you-go",
hard-drive price: $0.014/GB
B2 price (12*6/1024): $0.070/GB/year
Electricity, bandwidth, and generally running a business is not free. Also for these pay-as-you-go setups you'd need a considerable amount of free space available on demand. That said, it's not an especially cheap option. Hetzner has storage boxes for EUR 2.5/TB/mo (in fixed 5 and 10TB boxes though)
Yeah, I wasn't trying to point out that it's a bad price. I think it's pretty good: same price for two years with all the maintenance.
It's been tried several times, but it's hard because it's such a massive quantity of data. The IPFS backup never really got off the ground.
They have their own backups which I think is good enough for now unless someone plans on donating a few hundred million.
Oh no! I didn't know their IPFS initiative didn't pan out. What happened to it? I am surprised how hard it is to google. I remember interviewing for a role on that team at the archive to help move it to filecoin. Was so happy to hear that the effort was underway to decentralize their datastore. We need this more than ever.
There are people still working on trying to make it happen but it's just a collosal amount of data and filesystems are notoriously hard, so it's very slow going.
From my own personal experience doing distributed archiving with no relation to Archive.org, Filecoin/IPFS's UX isn't quite there yet. They still don't let you serve data to the network from a normal filesystem, you have to let their system ingest all of your stuff so you end up double-storing data or you have to give into everything being stored as inscrutable binary blobs.
That's why I still haven't integrated ArchiveBox with IPFS/Filecoin/Storj, let my data live in a normal filesystem dammit!
> They still don't let you serve data to the network from a normal filesystem, you have to let their system ingest all of your stuff so you end up double-storing data or you have to give into everything being stored as inscrutable binary blobs.
I don't understand this part. What data would you have to give them? Why can't it just live next to your stuff on your OS' filesystem?
For IPFS, I'm fairly sure you can now serve from your normal filesystem, rather than load it into their blockstorage -- or at least the blockstorage has pointers to real data blocks that are part of your existing files (it's the nocopy option[1]; it's marked as experimental, so there may be some sharp edges.)
For Filecoin, if you want fast access, you do need to keep a second hot plaintext copy, as well as the sealed Filecoin copy. But that works for the backup case for IA, because the hot copy would be served from the archive's existing infrastructure (and/or a distributed IPFS hot cache) -- you'd just use Filecoin for the proven safe backup.
The project to back up IA to Filecoin is still ongoing. The IA dashboard that shows the current state is (perhaps predictably) down at the moment, but it crossed the 1PiB line last year[2], and they've been optimising the onboarding flow recently.
[1] https://docs.ipfs.tech/reference/kubo/cli/#ipfs-add
[2] https://blog.archive.org/2023/10/20/celebrating-1-petabyte-o...
(Disclosure: I work at the Filecoin Foundation/Filecoin Foundation for the Decentralized Web, which partners with the Archive on this project, as well as supporting other Internet Archive backup projects.)
Needing to keep a separate hot copy at 220PiB is already ~$7M/yr, and multiples much more than that if you factor in labor and redundancy. The --nocopy option looks great though, I didn't see it last time I was looking around for an MFS/FUSE solution, I'll try it.
I appreciate your effort and I hope the project continues.
They're saying that the client software (the servers that speak the IPFS protocols) has to load the files to be served into their own local storage database, it can't just keep a "metadata file" and read the existing files off disk. Presumably somebody could write a client that spoke the IPFS protocol and did this, or fork the main Go or JS one, but until someone does that they're stuck with the software that's already been written
IPFS is all content-hash-addressed, so my guess is the IPFS service spirits the files away to a (hopefully) immutable store for the sake of sanity.
Perhaps you can persuade Elon that it owns the libs?
I don't want Elon anywhere near Archive.org, please don't give him any ideas. There are plenty of other people in the world with money.
Yes please, we need this lunatic out of our life, not the other way around
"Based on historical records from the first half of the last century, Mr Musk (inventor of the car and the rocket) and President Xi were the most respected and popular individuals on earth."
History is written by the winners...
Maybe in the immediate aftermath, but not long after. King Leopold "won" but we now all think he was terrible.
Backup / duplication is not an easy project for sure. But meanwhile for now IA is a single organization operating under one legal system. And one technical setup, would be relevant today. That's a major weakness.
Suppose we each backed up sites we cared about rather than trying to mirror the whole thing...
A few minutes ago (22:48 UTC), I got three emails from HIBP about accounts of mine breached on the Internet Archive. Troy is quick! And I'm surprised the author of that alert() actually had the data as well as followed through
Bit of a shame the emails contain an ad for a password manager, saying there's two easy steps to become more secure: Step 1: use our password manager (fair enough), "Step 2: Enable 2 factor authentication and store the codes inside your [password manager]" ehh now it's back to 1 factor or am I missing something?
Edit: according to https://www.bleepingcomputer.com/news/security/internet-arch... (via https://news.ycombinator.com/item?id=41793669), Troy Hunt / HIBP already received and verified this "three days ago" as of yesterday 6pm AoE
I think it is safer to have 2FA in your password manager than not using 2FA at all. Because even if they got your password, if they don't have access to your password manager they can't login.
If you protect your password manager with a yubikey or any other hardware key, then your 2FA inside your password manager is quite secure and convenient. But this is very individual, what your threat model is and how secure you want/need to be.
See also the considerations mentioned in the sibling thread btw: https://news.ycombinator.com/item?id=41793846
> even if they got your password, if they don't have access to your password manager they can't login.
Wouldn't the same argument go for a non-2fa password? What's the difference between a randomly generated 2fa secret and a randomly generated password here?
An eavesdropper able to intercept connections could record your password in transit but would only get the current 2FA token which quickly becomes useless. But with TLS eavesdroppers are not a realistic concern for most people so the actual benefit is still questionable.
I was going to disagree with you (and I sort of do about password managers and storing 2FA in them, but I also unlock my password manager with a yubikey).
But, doesn't a DB compromise mean that the attacker would have the TOTP seed as well? It can only increase your account security elsewhere, but also not re-using password prevents the IA leak from hurting you elsewhere as well?
> I was going to disagree with you (and I sort of do about password managers and storing 2FA in them
Note I'm quoting HIBP's advice from the email they've sent me! I'm absolutely not recommending to store one's 2FA secrets in the same place as the password!
Even if one uses 2FA for the password manager, it stops proving "something you have" in addition to something you know and you're one unlock away from malware vacuuming it all up. The point of 2FA is to be on a separate device you need to have on hand
Of course, the same logic goes for a password manager in the first place, but password reuse is a big enough problem that (for most people's threat model) it seems to be a net positive. 2FA tokens don't have that reuse issue
They use bcrypt and I always use a really long password so I’m not gonna freak out over this one for once.
Are bcrypt password hashes difficult to crack? I signed up for IA over 10 years ago with a much weaker password than those I use today.
The difficulty is configurable. You can play around with it at https://bcrypt-generator.com/
I found this, not sure if it's still up-to-date:
◉ PHP's default implementation of bcrypt uses 10 rounds.
◉ Python's bcrypt library uses 12 rounds by default.
◉ Node.js's bcrypt library uses 10 rounds by default.
See also: https://gist.github.com/Chick3nman/32e662a5bb63bc4f51b847bb4...
Besides being slow, there's also an implicit salt, so rainbow tables to quickly check every account for "password" don't exist. Still, if you just used a simple dictionary word present in e.g. /usr/share/dict/words (my system has 234,937 entries), you don't have as much time. I have a Ryzen 9 5900X, 12 cores; using a random Go implementation of bcrypt I found with default work factor of 10 and going through that dictionary with 24 threads, it takes my machine about 18 minutes to get through every entry. A thousand years if I wanted to go through 31 million accounts and each one was a worst-case at-the-end value. But there are quite a few more than a thousand of my CPU or better out there, some surely part of botnets which routinely number in the thousands of devices, and probably faster bcrypt implementations. Earlier this year, the FBI dismantled a botnet with 19 million infected devices globally and over 600,000 US IP addresses. Surely some of those were weak IoT devices, but still, there's a lot of compute available to bad actors such that you shouldn't necessarily rely on bcrypt et al. to protect a very weak password. (They are rather good at protecting normally weak and mid passwords, though, and there's opportunity cost for all that compute.)
If you don't reuse that password anymore, does it matter tho. Some services might use older hashing for older passwords without updating the hash algorithm. But I don't know what is the case here.
brypt passwords are very slow to crack.
I would hope that a system competent enough to migrate to bcrypt would also be competent enough to rehash the entire database as well. Logins check bcrypt(oldHash(pw)); if it matters they can be updated to bcrypt(pw). Of course, "Hope is not a strategy".
As of 01:09 GMT on October 10, the Internet Archive is back up.
In fact, the Wayback Machine and the book archives are responding more quickly than they did for me a week ago, when I showed the Archive to the students in an online class I teach. I gave the students a homework assignment that involves accessing some old books at the Archive. That assignment is due in about 12 hours, and I was just getting ready to e-mail the students about the outage when I saw that the site is working again.
As of 08:34 GMT on October 10, the Internet Archive is down again.
Thanks. I e-mailed my students to let them know.
Confused about this breach... I received a notification from HIBP about this hack, but I don't recall ever creating an account on archive.org (was creating an account there even a thing?).
What info does archive.org have on people? Is this info scraped from other websites and stored in the archive.org database? Or is this info related to personal archive.org accounts (as I said I don't recall making an account)?
They are actual archive.org accounts. Maybe you made an account to upload something, or to check out a digitized book from their library?
Thank you.. was worried at first as I didn't understand the true scope of the breach. For such a vital website, the info gleaned seems relatively harmless (for those of us who don't reuse passwords that is)
Yea, it is pretty harmless. I suppose someone might be interested in any books you currently have checked out, but beyond that there isn't much.
Well this should be fun.
Now I'll have to dig through my IA account and remember if I donated to them directly via credit card (and if they stored it), or if it was through PayPal.
Even if you paid by credit card, there's zero chance they processed the payment themselves.
HaveIbeenpwnd says it was just passwords/usernames/emails, so seemingly not. (My company just got an email from them about the breach and I confirmed I'm in there with a quick search on their website.)
That's what Troy got sent. It's not necessarily all the attacker took.
Good point and thank you for the reminder. Time to go check my email archives...
they use Stripe
If you're a blackhat and you want to be annoying, you can use Stripe tokens to charge your target's customers. The target is the payee, so you won't make any money, but it'll add to the chaos.
If Stripe hasn't already, it won't be long until they revoke all of IA's tokens in the event they start using them.
If they stored your email from your donation the IA would have already used it to spam you themselves, no attackers needed.
The reported alert on the site states:
> Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!
But is this an official message from the company? It sounds odd and unprofessional, especially the "See 31 million of you on HIBP!" part, which jokingly refers to a huge privacy issue for users. Could it also be that the site was hacked, with hackers posting that message in addition to the data breach and DDoS attack?
Troy Hunt's tweet mentions the IA getting breached, defaced AND DDoSed. Here it is, in case you don't want to use that site:
>>>
Let me share more on the chronology of this:
30 Sep: Someone sends me the breach, but I'm travelling and didn't realise the significance
5 Oct: I get a chance to look at it - whoa!
6 Oct: I get in contact with someone at IA and send the data, advising it's our goal to load within 72 hours
7 Oct: They confirm and I ask for a disclosure notice
8 Oct: I follow up on the disclosure notice and advise we'll load tomorrow
9 Oct: They get defaced and DDoS'd, right as the data is loading into HIBP
The timing on the last point seems to be entirely coincidental. It may also be multiple parties involved and when we're talking breach + defacement + DDoS, it's clearly not just one attack.
<<<
> The timing on the last point seems to be entirely coincidental. It may also be multiple parties involved and when we're talking breach + defacement + DDoS, it's clearly not just one attack.
It could also be that the attacker has compromised IA communication channels and timed it for maximum dramatic effect and confusion.
very likely compromised comms.
this was coordinated. several archive services hit around the same date. ddosecrets was the first to be hacked, as far as i can tell. span of one week.
here's list of suspects i guess https://en.m.wikipedia.org/wiki/List_of_material_published_b...
It's a thankless job to be always begging for donations to keep something working when the Internet at large doesn't value it as much as it should. And now getting targeted like that? I wouldn't judge them if this is an official communication coming from exhausted and frustrated staff.
Just a reminder that AI tried pivoting to much more clear-cut legitimate piracy, presumably because they got bored or something, and certainly put ‘donations’ toward that effort.
IA is an incredibly valuable resource, but let’s not put them on a pedestal.
heh, if they went 100% "we're operating our service from international waters and won't be taking any DMCA requests" i would donate $1000 on the spot (anonymously, of course, but entirely serious).
What's "legitimate piracy"? As a reminder, the scheme was designed to work exactly like typical lending libraries. Publishers were unable to show any harm, and the only evidence available proved they actually benefited from better sales thanks to the Internet Archive. Authors were clearly benefited. https://www.techdirt.com/2024/09/05/second-circuit-says-libr...
But I agree, no need to put them on a pedestal. Nobody is perfect.
> As a reminder, the scheme was designed to work exactly like typical lending libraries.
Wasn't the issue precisely that they removed that limitation and then never added it again?
The hackers wrote that.
https://www.bleepingcomputer.com/news/security/internet-arch...
The alert is gone now. It appears the attacker compromised their front end deployment
The funny thing is the internet archive is more connected to hacker culture than cracking a website will ever be. I hate posers more than anything. Hopefully the internet archive comes back stronger than ever.
Yeah, this is hacker news, not hacking news
https://x.com/Sn_darkmeta/status/1844080692772401399?t=j3xDz...
Annoying
What are they looking for here? Negative karma?
[flagged]
This makes absolutely no sense.
It makes sense when you look at the age of the commenter's account.
By "working idea" do you mean something that you made up in your head which has no basis in reality, but works for you?
Edit: I had only seen the one post on X in which responsibility for the attack was claimed when I made this comment, but looking at the account further they do make many politically motivated comments.
With this new insight my comment now seems unnecessarily dismissive because it's not completely unreasonable to suspect false flag attacks when political motivations are being broadcast. To be clear I'm not making any assumptions for this specific case one way or the other, but I am acknowledging that the political speech presented by the attackers does add some merit to your suspicion.
Probably want it wants to purge incriminating documents against a nation state?
That sucks, I was reading my email in the morn and saw the news from haveibeenpwned.com, and I'm indeed effected by it.
Consolation is that I used a randomly generated unique password, tried to reset my credentials and see of any 2FA options but the site is overloaded throwing 504s.
I’ve been mentioning this a lot lately but it’s also a good idea to use email forwarding services like Firefox relay, icloud/apple “hide my email”, duckduckgo has a free one, simplelogin you can host yourself… In an email breach you can confirm who was breached if you used a unique email, and it also means your actual email remains at least as secure as those services I mentioned
Should we be linking to the site that is very likely to be breached? Could start to host any type of malware until the access can be definitively revoked
This - dang/mods is there a policy for this?
Verge article as possible replacement: https://www.theverge.com/2024/10/9/24266419/internet-archive...
https://news.ycombinator.com/item?id=41793081
That's just about article quality though. Is there a policy about linking to known compromised sites? Should one flag the submission for moderator attention?
We don't have policies really, but the way to get moderator attention is hn@ycombinator.com.
As a first step, it might be a good idea to add an indication to https://news.ycombinator.com/submit or https://news.ycombinator.com/newsguidelines.html to not submit links to sites that are known to be hacked/compromised, and to use a text post instead if making a public service announcement!
Even if we assume folks are using up-to-date browsers (and many aren't!), a compromised site could deliver payloads to browsers ranging from zero-days to phishing content to browser extension compromises (esp. for crypto wallets etc.), that might be delivered differently to different viewers. We don't want to amplify the spread of an attack, especially to our community!
There are too many things to add if we start adding things like that. Each one is important in its own context, of course—like here—but once you start making lists of important things, you end up in a whole-is-less-than-the-sum-of-its-parts situation. I don't think such lists are likely to be effective in the long run.
That's also why the site guidelines (https://news.ycombinator.com/newsguidelines.html) are nowhere near as long as they would be if we tried to include all the important things. Better a shorter list that people can actually read.
I hope that doesn't come across as dismissive—I do see your point!
Fun fact: this is the first time using a password manager (Bitwarden) protyected me from a security breach! Now I only have to update my archive.org password instead of all of them lol
Let's hope it was someone dumb enough to be extraditable.
No one gets extradited when the attack aligns with US interests abroad.
What weird conspiracy is this? US interests dont involve taking down archive.org
There is no US, there are just a bunch of interest groups. Some interest group definitely wants IA down. I wouldn't be surprised this is a paid attack.
I'd probably believe attribution to either Israel or the MPA with only a little evidence.
(I still haven't forgiven Sony for the album on CD I bought with a rootkit on it...)
Just curious why Israel? MPA is reasonable though... And a rootkit on CD? Interesting...
>https://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootk...
The bad old days before music companies just gave up and started selling un-DRMd mp3 files, and then Spotify solved THAT problem for them.
Just for completeness sake and my own opinion based on my own witnessing of history, every political party of every government of every country would love to see all the archives gone. It's easier to twist the truth if one can memory hole reports and make the original source go offline or pressure them to change their words. There will always be individuals that archive stories they find interesting, but many stories are uninteresting until people learn what more may have been left out at a later time as part of a much bigger story. That is when the archives become a treasure trove and big archives sites are the first that people turn to for the original reporting. As a generic example, many news sites will redact what they knew to be false after the vast majority saw their misinformation but they can't redact an archive of their twisted truth. The internet has made it a little harder to control a narrative. It was so much easier to control when it was just a few big newspaper publishers that owned the smaller ones and a few big cable companies that owned most of the smaller ones. They would all literally parrot the same lines.
Curious to see if they go after archive.is next.
People in other parts of the thread say it's Israel. (Which certainly is "aligned with US interests abroad", as the powerful see it anyway). I think it is ridiculous conspiracism, right now anything anyone doesn't like they think Israel is behind it.
The crazy rise of conspiracism in our society in general, combined with Israel really is doing some nasty stuff (but not controlling everything you don't like), combined with the latent antisemitism in most conspiracism.
And I say this as a strong supporter of and activist on Palestinian rights and liberation. Free Palestine. (But there is no reasonable reason to think Israel is behind an IA hack. Or the fact that your mail came late, or anything else except what they're actually doing which is bad enough. Call your senators and tell them to vote for Bernie's JRD resolutions).
There are so many well documented awful things IL has done that most people don't know about (many still haven't even heard of the Sde Teiman video) that folks could be spreading the word about instead. It's a shame to see this kind of conspiracy mindset from at least some people who probably mean well. There is no harm in waiting a little bit for facts to emerge.
How much of the archive is affected? Could be a targeted effort to tamper with historical records.
If they wanted to do that they'd probably not try to draw this much attention.
They're hiring, if you're looking for a job.
https://www.indeed.com/viewjob?jk=3bb8222ccd9a88ea
> Software Engineer, Archiving & Data Services (Remote) [...] Preliminary duties of the role will primarily focus on developing Archive-It
That is. Paying over 100k at the lower end of the range for 3y experience as software engineer
It's a non profit. You're probably not choosing to work for the IA for high compensation.
The undertone was intended to be: that's an insane amount of money, something one with quadruple that amount of experience would maybe earn in a for-profit organisation, but I guess your reaction further proves it's different where you're from
It's not high for bay area software jobs; there are new grads who were paid more than that 10 years ago and I assume new grad wages have gone up since. Of course cost of living (particularly rent) and taxes are high there too, but if you don't blow it all on renting a higher-end place or luxuries you can still save a lot.
For context someone making less than $105k is classified as "low income" in San Francisco. https://www.sfgate.com/local/article/under-100k-low-income-s...
To put the reaction into context, the individual low income threshold in that area is 105k USD [0].
[0] https://www.hcd.ca.gov/sites/default/files/docs/grants-and-f...
What area, precisely, is '(Remote)'? Why does the Californian government track income information on Remotistan?
FTR that page just says 403 forbidden
Does this mean you get benefits (like free housing, healthcare, and money to buy food with) if you earn less than 105k/year? Or what does low income threshold mean here
It's one criteria for eligibility for social benefits that can include being able to live in certain kinds of public housing. Usually there's a lot more criteria that go into it, but income is a fairly major one.
The way you worded it was confusing to read, I thought it was a complaint about "only 100k".
Thanks for clarifying your intent.
The IA is located in the Inner Richmond, which is a ~ medium income area of SF. Rent alone is ~ $4K, or ~ $60K of your income before taxes.
They might be there, but the position was remote-friendly.
Not even in the 10th % for the area per https://www.levels.fyi/heatmap/
It says it's remote though, so doesn't seem too bad?
Right in most southern states in rural areas that would be pretty good and you could enjoy fresh air and nature while working from your back porch and scanning a few acres of land and wildlife, sipping on sweet tea.
[dead]
[dead]
Reporting on security issues is always so terrible. Is it a data breach or is it a DDoS? (Or both). Those are opposite things. One is trying to release secret information one is trying to make the site inaccessible.
It is both. They got attacked by a DDOS after the security breach.
Which is pretty common. While the org is running around dealing with the DDoS, they're not doing anything to fix their systems. In this case, I can't even get to my account page on IA to change my password.
That's like complaining the reporting on the weather forecast channel is so often wrong. This news broke about an hour ago and the IA is down, what witchcraft do you expect news media to practice! Nobody yet has the answers you're looking for, give it some time and log files will be audited and the reporting becomes useful :)
Actually figure out what is happening, or at least say how confident they are in what they know.
They aren't predicting the future, they are reporting on an ongoing event.
> or at least say how confident they are in what they know
This I can very much underwrite. Error bars or rough confidence indicators are missing far too often, also from sites reporting on e.g. benchmark values of hardware they've been testing... such professional organisations yet such basic omissions
Does the IA publish hashes of its data to a 3rd party, so we could (in principle) verify that nothing has been tampered with?
Wouldn't be surprised if the service was purchased by some publishing empires. This kind of things usually costs some $$$.
Good. Maybe this will get them to reconsider their website changes that make the IA unusable without javascript.
[dead]
Lets attack one of the bastions of information freedom...in the name of Palestine, sigh. Ass-hat hackers.
One of the many benefits of owning my own email server:
- I have a catch all setup to forward all emails to specific user on mail server
- able to setup adhoc email addresses for each online service (ie, iarch@example.com)
- able to claim example.com in haveibeenpwned
Now I get breach emails from hibp for the whole domain. Unfortunately, I was exposed in this IA breach
In case anyone would like these benefits but doesn't want to actually run an email server: All you actually need to accomplish this is a domain name and a decent provider. Fastmail is what I use and it's been great for me.
To be even easier, you can just have Apple or Google hold your domain and provide mail.
That's not easier, that's the same but with a worse scale fit.
If you need free, you need free.
But if you can pay, you want to pay a vendor whose scale is such that you mean something to them while still being mature enough to rely on.
This applies to pretty much everything, not just email.
With Google and Apple, you service needs are overhead and with Google in particular, your value is entirely in them being able to monitor as much as they legally can about your activity.
With Fastmail, Protonmail, etc, you are a customer already and they're invested in making you a bigger happy cuatomer in the future. They have staff that will service your support tickets, you represent profit on their books, and the services they offer you are generally designed for your scale more precisely.
They mean getting a Gmail account
It’s risky to let your online identity be controlled by a single large provider. Distribute out the services you use as much as possible. Use a different email provider from your domain registrar, and different from the providers of any other online account you have.
I'm not 100% sure that that gets you wildcard email addresses that all point to the same inbox, but if they support that, sure!
Google has it, though I think you need the paid Workspace version? I’m paying around $15/month now ever since google killed the free tier for custom domains.
Not sure about Apple, but Google calls has that and calls it catch-all-routing.
I don’t know about Google, but I know iCloud supports domain wildcarding
Proxy address ie user@gmail.com you would use ia+user@gmail.com and have rules to match that
It’s user+ia@gmail.com, and it’s a poor substitute for a dedicated domain. For one, every attacker knows about plus addressing and that those addresses are really all the same email account.
They still don't know what you put after the "+" to log into another service.
You can do this easily (and for free) via Cloudflare [1]. Works great, I've been using it across several domains for quite some time. Migrated from Google.
[1] https://www.cloudflare.com/en-ca/developer-platform/email-ro...
yea, but now i rely on cloudflare which is no-go for me.
Would you elaborate why it’s a no-go for you? Just curious for my own sake
Cloudflare CEO Matthew Prince is bffs with ex CIA Mike Janke https://www.reddit.com/r/TrueAnon/comments/p0wifx/here_is_mi...
I don't know their reasons, but for me, I do use cloudflare, but only in a way that I have a transfer-off plan.
So far as I can tell, Cloudflare seems to still be in the early stages of enshittification [1], and while I as a business customer am probably going to be taken for a ride later than most customers, I'm also small fry, so I'm guessing at some point in the next 5 years, some of the "for free" features like zero trust / tunnels are going to become prohibitively expensive for me.
[1] https://pluralistic.net/2023/01/21/potemkin-ai/#hey-guys
I assume Cloudflare will enshittify because too much of its services are free or too cheap to make sense, so my guess is they're trying to achieve massive market capture and dependency so they can later start squeezing customers for way more money.
I prefer more transparent cost structures, like what I get through Migadu for example.
Too much centralization is a single point of failure?
decentralization.
I don’t want these massive entities (Google, MS, CF) controlling my data.
Cloudflare isn't even that big. They're 1/100th the size of Google or MS. They're not even the biggest CDN—Akamai has twice the revenue, but it depends on what you measure. Cloudflare gets brought up disproportionately often on HN because they have generous free tiers and cater to indie hackers more. So it feels a little ironic that they're perceived as "the big dog" by the indie hackers.
It feels like every website uses them as a web proxy, meaning they get to 1) decide which users can access the site using their own opaque methodology and 2) MITM/inspect a large percentage of web traffic.
I think spreading out between them is a good strategy. Cloudflare has been flawless for me for email.
I used to do this, now I use icloud and the 'hide my email' tool and it works without any hassle. Even asks me when signing up for something if I want to hide my email. It is easier than adding it to my old setup. Even easier than when I was using my free Google for Business setup.
The rest of apple's email landscape sucks. It is pretty poor at managing spam, the client is terrible, it doesn't sync rules between the desktop app, icloud email, and iphone.
I hate email in general. It is getting to be 1 in a 100 type scenario of anything of value and likely worse if I knew all the emails that were deleted before I saw them.
I recently ran into an issue where Toyota’s app/site was detecting and refusing Apple iCloud hide-my-email addresses when trying to sign up.
The error message was very clear: hide-my-email was not permitted.
I was just trying to check for available service appointments near me and didn’t want the spam. But I guess sending spam is very very important to Toyota.
https://c-command.com/spamsieve/
Worth every penny.
Google workspace lets you do it if they mange emails for your domain (and it will cost ~5-10$/month if you are the only user)
https://support.google.com/a/answer/12943537?hl=en
it “works”, but handing over this control to Google is a no-go for me.
The only drawback being that all of your outgoing email is sent directly to the receiver’s spam folder..?
Memes are fun and all but this one is both untrue and just serves to entrench the big bastards, who don't need any more help.
I often use custom domains for email and haven't encountered this. From what I know, the best practice is to use a domain that you have had for a while and to use nameservers or MX records from an established service (basically). I don't run my own server but I am sure there are tricks to getting it to work that way too.
Use a commercial service then, they're cheap and provide every benefit mentioned by GP. The thing that you really need is not your own server, but your own domain.
I've never had this issue, been running my own email server for almost 10 years.
I do the same thing. Absolutely worth the small hassle.
You don't need to deal with the hassle of your own email server for this. Just buy a domain and use Fastmail, Protonmail, or any other service you trust.
Simplelogin can do the first two. The third matters little anyways if you don't reuse passwords.
Great until you need to give someone an email address in real life and awkwardness ensues.
I do this. I just say "this will sound strange but my email is ..." and then spell it.
I think if you are at the level of catch-alls and your own domain(s) then you tell the cashier "no thanks!"
i have a similar setup for the past 20 years or so. I rarely get a raised eyebrow at giving X.yourcompany@mydomain.com, and if i do i state it upfront “this is for categorization” and never had to explain it again.
Zero problem. I have used this exact setup with my domain for over 23 years. First, it's rare that I had to give my email over the phone or something. And in the couple of times someone raised an eyebrow, it was an opportunity to educate the person that yes, "donotspamYOURCOMPANY@" is indeed a valid address (not exactly what I use, but similar).
The advantages are numerous: tracking who leaked my data (many times before the company even noticed it), easier to spot spam (20 years ago spam filters were a lot less sophisticated), minimize credential stuffing (before Pwd Managers became the norm), etc.
I recently started getting "targeted" bitcoin extortion emails that have your home address (or what they scraped from public records) and a picture of Google Street view, but they're all going to the email I used for a now-defunct online grocery
Ha, same here. Including photos of my house (well, actually my neighbor's house) and everything.
I'd be worried if 1) I hadn't seen many versions of similarly creative extortion emails over the years, and 2) if they hadn't use some obvious "donotspamCompanyThatWasHacked@mydomain".
Sadly, I can see how this may trick some people into sending money to scammers.
I have this same setup and this conversation happens often, you get used to it happening and navigating it.
ON only one occasion in ~20 years, someone refused to do business with me because they thought I was impersonating them and told me I was being disrespectful by using their brand as my email, and even after explaining how it works they weren't happy.
almartway@somedomain.com
Meh, it’s not that bad. I have a short domain and usually use an abbreviated version for user part. If it’s a big corp, just the stock ticker will suffice and nobody bats an eye. Some boomers raise an eye if it’s not @gmail.com or one of the big providers, but otherwise nobody cares.
But better than giving them an iCloud “hide my email” generated addy ;)
Just like how some people think GitHub is git.
All things that aren’t remotely unique to running your own mail server.
I've made a timeline of events: https://gist.github.com/xproot/b574dc868a9db012bbe07252a1f7f...
Fun fact! Troy actually got this database back in Sep. 30th.
That's a shame.
We need not one but many internet archives. Just one and we will repeat the outcome of the Library of Alexandria.
The Library of Alexandria wasn't that significant and likely wasn't destroyed in one cataclysmic event, but rather centuries of neglect.
The metaphor takes precedence over the fact.
If an attractive story takes precedence over fact, then we will repeat the story of a James Bond film. Maybe the one with that bikini scene, bikinis are attractive after all.
Here is a great video on the subject in case folks want to learn more: https://m.youtube.com/watch?v=M4WU8gqrgsQ
Then you have to write legislation in multiple countries to do so, including large carveouts in DMCA and copyright law.
"Goodwill and donations" will never be robust against an entire industry that makes profit off of artificial digital scarcity.
More like the library of Baghdad.
https://archive.today/ is another one
They reported a DDOS attack yesterday, wonder if this is their alert as they manage the fallout?
https://blog.archive.org/2021/02/04/thank-you-ubuntu-and-lin... "The Internet Archive is wholly dependent on Ubuntu and the Linux communities that create a reliable, free (as in beer), free (as in speech), rapidly evolving operating system. It is hard to overestimate how important that is to creating services such as the Internet Archive." Maybe CUPS?
Archive.org is now down. Could anyone explain what it used to show?
A pop-up that said,
"Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!"
I had to look it up, but I guess HIBP refers to https://haveibeenpwned.com/
Yes. Not the hacker but as a hacker, that's what hibp refers to
Why should an Archive need accounts anyways? This is like a public library: you don't need to authenticate yourself to enter a public library, do you?
I created an account there because https://web.archive.org/save requires an account to set "Save outlinks" checkbox on.
Don’t you? That’s what a library card is.
Anyone who contributes by uploading material needs an account
How do you think they keep track of late fees?
To enter? No. To borrow? Yes.
What are you "borrowing" from the Archive?
Books. (Until they're vanished by publishers. https://www.techdirt.com/2024/06/20/500000-books-have-been-d... )
How is viewing some bytes on your monitor "borrowing"? Whose copy of the book goes missing when you do that?
Related submission: https://news.ycombinator.com/item?id=41792614
I just got a Discord "breaking news" notification about this from a server I am, said it may not show on Have I Been Pwned as it is so new.
shows now
I wonder how they got access the their database? I read in this thread that they likely used a supply chain attack by replacing some polyfill scripts. So they could've injected malicious code (XSS) that logged email and password to a remote server which they could have gone through. With a bit of luck they couldve gotten access to an admin account or whatever…
That much is not clear yet. It's possible the polyfill is an unrelated red herring, but it's also possible they somehow managed to elevate permissions. Seems the polyfill use was self hosted as well.
Maybe they managed to convince some critical service like an SSL cert provider that they were the owners of the subdomain? I don't know still wouldn't explain access to user and password database.
Does IA have much information on users? I’ve been in dozens of these HIBP leaks (including this one) but still none have concerned me, since they were mostly just email/password and nothing else.
Does IA store anything sensitive for any users?p physical addresses, credit cards, etc?
Strange I just received this message when going to the archive.org website I thought I might have misspelled the url
Does anybody know the details of the attack via the JS library? Was that the exploit of a bug that could affect every site or a chain of supply attack targeted at the Internet Archive?
Archive.org is completely down
Yeah, the fact that it's still down is a bit depressing.
I hope that this event makes some forward-thinking benevolent rich folks step up, or alternative solution.
Maybe this will make Google reconsider relying on them for cached versions of webpages.
The recent news on IA has made me worried about it. It seems to be a fragile thing and if it goes it'll be something we'll all regret.
Bet it’s just a stored XSS alert from a poisoned cache.
Troy Hunt received the leak, tested it and confirmed it. You can find emails on HIBP now
Why does this link to the verge (garbage clickbait site) and not to the original source of the internet archive?
That was an intentional choice:
https://news.ycombinator.com/item?id=41792698
After this error 504 Gateway Time-out Now 503 Service Unavailable No server is available to handle this request. Not looking good
Hachette Book Group or Hack-it Boot Group?
I hope it will be back again soon
The conspiracy theorist in me wonders what was accidentally copied into the archive that powerful interests want removed and if this is all smoke and mirrors while they make that happen.
"You are all cooked" vibes from that message hahaha
Is Internet Archive teh same as Archive.is?
No. It’s not clear who runs Archive.is (there are domains registered by a ‘Denis Petrov’ with an address in Prague), but the Internet Archive (archive.org) is run by a non-profit foundation.
I just received my haveibeenpwned.com email...
Truly unnecessary
And only weeks before a US election.
What's the connection?
Any information on SN_Blackmeta?
The overall state of cybersecurity in 2024 depends to an astonishing degree on Troy Hunt's schedule.
Considering the hacker's motive: https://x.com/Sn_darkmeta/status/1844358501952618976
Is it safe to assume the hacker want to erase the evidence?
Forcing the service offline also means they want to prevent people from archiving evidence in the next how-ever-long hours. Combining with the spoken language they used in that video, are they planning some online disinformation campaign?
----
Edit: some more info about this group: https://old.reddit.com/r/technology/comments/1g0kupb/hacktiv...
----
This group claims to be pro palestinian and it's entirely based on Russia.
[https://therecord.media/middle-east-financial-institution-6-...
>SN\_BLACKMETA has operated its Telegram channel since November 2023, boasting of DDoS incidents and cyberattacks on infrastructure in Israel, the Palestinian Territories and elsewhere. While all of the group’s messages focus on the Palestinian Territories and perceived opponents to Palestine, many of its posts are written in Russian.
>The group’s account on X also shows that it was created by someone in Staraya, a town in Novgorod Oblast, Russia. The account’s initial language was also set to Russian.
>The researchers added that analysis of timestamps and activity patterns showed possible evidence that the actors within the group are operating in a timezone “close to Moscow Standard Time (MSK, UTC+3) or other Middle Eastern or Eastern European time zones (UTC+2 to UTC+4).”
~~Attacks include pro palestine sites and groups, so~~ take that "pro palestine" with a grain of salt.
EDIT: edited for clarity on what is actually in the article and not in outside anonymous sources. If you want to read more, [there's a clearer report on one of their attacks and their usual targets.](https://www.radware.com/security/threat-advisories-and-attac...)
Possible false flag?
How is someone stupid enough to post this? Warrant for the account's IP is probably already issued. I don't know how many proxies the guy is behind, but it's playing with fire.
Also at some point the account of a malicious hacker has to be banned right?
Check my edited comment for more info on that account. In short, typical russian shenanigans.
>Also at some point the account of a malicious hacker has to be banned right?
You can try ask musk about it.
They have a Telegram channel and there's some blurb about it being pushback on US support of Israel, but it reads as bullshit. Probably a script kiddie.
I was disappointed to discover that https://haveibeenpwned.com does not report an email as pwned if it is subaddressed/plus addressed. myemail@gmail.com is reported as still safe, but myemail+archive@gmail.com is pwned. I wonder if my email has been leaked by any other websites without me knowing.
I don't think they can do that, because they do not store plaintext addresses in their database, merely hashes. It certainly reduces the impact of someone hacking HIBP.
I wouldn't be surprised if it has something to do Israel
... Why? How so?
There is/was plenty of anti-Zionist material available in the IA.
The hackers are pretty openly anti-Zionist script kiddies.
This is why humanity can't have nice things.
In unrelated news, apparently most world leaders in the Internet era, from Thatcher to GHWB to Mitterand to Rabin, expressed great admiration for Vladimir Putin.
So now the data also has off-site third-party archive. Isn't this along the goals of organization. It is less likely now to be destroyed in many eventualities.
Deeply disappointing. The only reason I have a IA account is to upload correct book covers to obviously wrong or poor quality books on the Library.
What an asshole, honestly this is a good public service they offer.
Yeah, I can't understand why anyone would attack IA. The service is a gift to the whole internet.
Because in the main, people are vicious, blind, narcissistic brutes.
shouldn't info about this breach be ON the IA landing page??
Where to see dump data?
Damn I get the notice too
solution: MFA
Imagine if we could get rid of passwords. Entirely. Forever.
You don't need to daydream, just use a password manager.
I use several, but I dream about a world with no passwords. Managers or not, passwords are always at risk and it is only a matter of time before one of the 300 sites leaks your data.
I mistakenly read HIBP as Half Price Books..wait what?
Now it shows a 'Temporarily Offline' message
I saw it too
WHY would you attack IA? Whats the point?
I’m feeling extremely conflicted on all of this with IA right now.
On one hand, I love IA
On the other hand…I’m in a long thread with their support right now on removing old snapshots of a social media account I have. Creeps are actively using the old snapshots to dox me and send me death threats using my PII.
It’s incredibly frustrating and IA keeps insisting they cannot do anything about it.
A small part of me hoped IA didn’t recover from today because I knew my info would be finally deleted :/
Pretty sure you own the copyright of your social media postings, so DMCA claim them.
That's why I'm told ezboard as a whole was removed from the index (sadly).
You probably can do this, OP.
Isn't the point of IA to retain information? How can you, without hypocrisy, love IA if you don't agree with it happening to you, that you benefit from happening to others. There's a conflict here.
Sucks to hear you are getting doxxed still
It's an uncommon opinion for someone to be in favor of IA to retain all information, and it's also not their stated purpose.
It's a perfectly reasonable opinion to wish for retention of old sources of knowledge without retaining pages containing personal information of non-public people, or sensitive non-newsworthy information about anyone at all.
Here in Australia we've had so many large data leaks I just assume all my PII is accessible to anyone motivated to find it. I'd guess folks from many other countries are in the same boat.
Not downplaying or excusing; just adding context that IA aren't the only ones and it's difficult to prevent (since the cause can be well outside of the individual's control).
Once you have been doxed, isn’t the cat kinda out of the bag at that point? Creeps already have the snapshots now, deleting them from IA is just closing the barn door after the livestock has already escaped.
Bear in mind that is the doxxing and doxxers that have happened now. There are plenty of future opportunities to be doxxed and plenty of other potential victims.
Not that I'd cheer for the loss of IA, but it'd probably be nice if they took down PII on request.
Still worth deleting future instances. What's your point?
Can I ask why they're trying to dox you? I have literally never inspired this kind of passion on the internet--and I'm usually pretty blunt. I'm genuinely curious what it takes.
Attacks like that tend to have little to do with bluntness. They occur when you've touched something they consider to be theirs, and you are not entitled to. Usually that's some matter of group identity, where they feel the need to show off for each other just how angry they are at you.
It has less to do with what you say or how you say it, but with who you are.
It sounds like it takes a lot of effort by intelligent people. Why would someone go to effort like that unless it was for something they believed was really important (I can't accept that it's just to show off your cronies / jelousy).
In the end, what's more important than your own ego? They love feeling powerful and strong. They love feeling like part of the group.
What kind of asshole attacks the Internet Archive of all places on the web??
Pro-palestine activists: https://x.com/Sn_darkmeta/status/1844080692772401399 & https://x.com/Sn_darkmeta/status/1844104165192253945
Or, equally valid, pro-zionist activists who want something that is normally easily accessible in the IA to be censored.
>They are under attack because the archive belongs to the USA, and as we all know, this horrendous and hypocritical government supports the genocide that is being carried out by the terrorist state of “Israel”.
Ah yes, known arm of the US military-industrial complex, The Internet Archive
...or someone attempting to blame palestinian activists. This smells a lot more like someone trying to ape activist language.
It may not even be that nefarious — perhaps they did the hack “for the lulz” then had pangs of conscience afterward and scrabbled around for a (false) excuse.
In any case, the IA was in some cases the only public host of important documents about Palestinian history, which are currently inaccessible, to say nothing about how important the Wayback Machine has been over the past year.
Sounds more like they hacked it for the lulz and then put up the tweets for even more lulz. Attacking the IA to support palestine is about as nonsensical as you can get.
There is a lot of embarassing pro-Zionist material archived on IA, but scrubbed elsewhere from the Internet:
https://www.google.com/search?client=safari&rls=en&q=zionist...
So just to play devils advocate, since Zionism is being critically received all across the Internet - it is more likely that IA was attacked in order to censor those materials, and then a sockpuppet was created to shift the blame to pro-palestinian voices - which makes no sense, since pro-palestinian voices would want IA to stay up so that embarassing Zionist material was made more available - but such is the nature of agitprop campaigns during war time: through subterfuge and obfuscation, deny your enemy the materials it requires to continue its campaigns, and also deny them the ability to identify the cause of that material going missing, also - or, at the very least, obfuscate the actors responsible for denying it, using sockpuppetry ..
Is there more embarrassing pro-Zionist material on IA than there is embarrassing pro-Palestine (for lack of a better term for whatever "the opposite" is) material?
I would not know a mathematically accurate response to this question - but I did see a lot of references to embarrassing pro-Zionist (i.e. historically racist, colonialist, pro-Zionist) materials at the IA in the last week in various other forums, which are now no longer able to discuss the materials as they are unavailable.
If there is "pro-Palestinian" materials at the IA, I would imagine it being based on materials collected over the past year documenting the genocide, war crimes, and crimes against humanity being committed against them.
There is a definite effort to censor any and all reporting of Israeli crimes against humanity on the Internet - IA was probably a last refuged for those collecting this material.
Actually, there's plenty of obnoxious "pro-Palestinian" material out there as well, glorifying Operation al-Aqsa Flood, "martyrs" from other random attacks on civilians, not to mention the propaganda that there's no such thing as "Israeli civilian" anyway, and so forth. There's no need to go looking for it on the IA because they're quite proud of this stuff and are churning it out constantly. See also: https://news.ycombinator.com/item?id=41692193
BTW I'm a non-Zionist and strongly opposed to the occupation, etc. So please don't make any assumptions that I'm a hasbarist coming at you with their usual stuff. The depressingly tragic fact of this conflict is that there are legions of assholes and extremely naive, easily manipulated people on all sides.
i hate how Zionism has become a bad word, like it's some world domination conspiracy theory. as a Zionist myself, it's not at all likely that IA was attacked to take down Zionist-related material as these material are neither embarrassing nor damaging to Israel. on the contrary, I would like for them to stay up and be archived for all eternity.
what is more likely is that these pro-Palestinian hacktivists are once more engaging in misplaced activism, targeting those they perceive as tied to Israel, regardless of whether those targets have any direct connection. just see the boycott movements... they're boycotting Gal Gadot, McDonalds, and Starbucks
> as these material are neither embarrassing nor damaging to Israel
Yes, but they should be.
i'm keeping an open mind. if you can cite them here, that'd be helpful.
I don't think anything will ever be embarrassing to the Genocidal regime. And no damage will be done either, as long as its creators-protectors goes out of their way to protect it.
>i hate how Zionism has become a bad word
What do you consider worse? The Genocide of the people of Gaza and the occupation? Or that the Zionism is now a bad word?
what i consider the worse is October 7 when Israel was attacked by the terrorists Hamas. if you can condemn Hamas, then we can have a conversation
Can you condemn the atrocities of October 6th?
This isn't some 4D-chess. Reads more like you feel attacked because they share the same opinion as you and you just want to deflect.
Both tweets have received a community note disproving this.
The note currently displayed to my account disputes the claims made in the linked tweet (that the Internet Archive is run by the US government(???)), not the supposed motivation of the attackers.
That said, this just seems to me like the attackers are trying to come up with some justification after the fact to explain why they would go after something as universally beloved as the Internet Archive. Actual pro-Palestine activists are not happy, eg (strong language): https://x.com/Aldanmarki/status/1844155616199413969
The current community notes I see on these tweets just basically say: the Internet Archive is not part of the US government.
You should actually read what the notes say.
RIAA, MPAA, etc...
I don't think they'd post cringe messages on Twitter though.
The script kiddies their contractor hired might though. I see no reason to believe that this was the doing of those organizations but if they did want to see the IA hacked then surely the ones doing the actual deed would be far removed.
Probably funded by some bored executive at a publishing house.
[flagged]
Alarm didn't go off - Russia.
Missed the bus - Russia.
Stubbed my toe - FFS why is it always Russia?
Not excusing it, Russia, China and Iran do make my honeypot's top ten list every month. But then again so do the US, UK and France....
Such is the nature of a top 10. If you'd said all 6 make it to the top 3, I would have been surprised.
How do you know what countries' actors are attacking your honeypot in face of IP address obfuscation (VPNs, jumpservers rented in a different country, etc.)?
The UK, US, France etc. all have their serious problems and are far from perfect.
But they are democracies, not some kind of real life Sacha Baron Cohen sketch..
Democratic is a bit of a stretch; two are republics and one has a man appointed by god at the helm
All three have mechanism in place to keep (wrong think) away from any form of power.
[flagged]
> Its always russia
Ah the only conspiracy theory we’re encouraged to believe. Wouldn’t that be convenient. A perpetual enemy far away that’s responsible for all of our failures, infiltrating and puppeteering western democracies on the other side of the world. Even the Russian propaganda machine loves this narrative – it makes them seem powerful and dangerous. Not like a corrupt and broken former empire sending off their young to the meat grinder for a bit of loot and territorial ambitions from a lost era.
Found Ivan
Some people on this planet add such negative value. What does this clown hope to gain, apart from costing us all an incredibly useful shared resource?
What if the clown is actually someone hired by one of the many enemies that IA made during the years?
He or she is still a clown. What difference does it make who hired him or her? At an individual level one can always disagree to do things that only destroy value.
reasonable people disagree on whether some things are positive or negative value.
IA is one of the go-to examples for that. is it good to make every book ever written freely downloadable (as they were trying with their library project a while back), or is that bad? you and i might think the answer is obvious. we might even agree on it. but we would occupy a rather different world if even a supermajority agreed on that question, in either direction.
> He or she is still a clown. What difference does it make who hired him or her?
We completely agree about the perpetrator. My point was if that is the case, it would implicate that IA enemies were going beyond lawsuits.
“According to their twitter, they’re doing it just to do it. Just because they can. No statement, no idea, no demands.”
A special place in Hell…
That's a strange thing to read on Hacker news. Isn't that description the definition of hack value? As in http://www.catb.org/jargon/html/H/hack-value.html
Now, it depends what the "it" is referring to here, but so far all I've heard is about an alert() message saying the usernames will be sent to a breach alerting site. If they're doing it just for the heck of it, it's still costing a lot of people a lot of time that they could have spent doing better things, but I'd reserve special places in hell for the people who do plan this out carefully and make malicious demands
There is a big difference between doing something for pure curiosity, love, or exploration and doing something directly harmful to other people for the same reasons. One is art; the other is sadism.
I'm not sure that placing free long distance calls isn't harmful to the org whose infrastructure you're using for your own benefit, but 2600 (Hz) is a respected hacker magazine and phreaking and Cap'n crunch whistles are seen as cool
Hacking the Internet Archive and only placing an alert with a provocative message, I could see my teenage self do that. My judgment of the character is going to depend on what it turns out they've actually done
Of course, my grown up self (or late teen also, as I've done responsible disclosures back then as well) would rather have seen them do a coordinated vulnerability disclosure, but alas, I just meant to remark upon the "special place in hell" for not having a plan or motive bit
*Edit:* wait, I just saw in the article (I opened the thread before the link was changed) that this quote refers to a DDoS, not the alert() message that the thread was initially about
> the site was experiencing a DDoS attack, posting on Mastodon that “According to their twitter, they’re doing it just to do it.
That's indeed just destructive and not related to (hacker) curiosity...
There's a spectrum and case by case judgement. I'd agree your examples are harmless even if technically they harm the phone company. Taking down the internet archive just for the hell of it has a distinctly less "cool" or "fun" flavor, to my eye.
And I mean… one was a profit-making monopoly, and the other is a hacker-flavored charity doing a public service on a shoestring budget of donations.
> I'm not sure that placing free long distance calls isn't harmful to the org whose infrastructure you're using for your own benefit,
If there's a call you wouldn't make unless it was free, the infrastructure isn't at capacity, and you're not acting otherwise in a detrimental fashion to other users of the infrastructure-- there's no harm to that organization.
Certainly a fair point, but it also costs a lot of person-hours to patch up that infrastructure's security and trace who's placing the calls when one could just choose not to do this fraud in the first place. I am not old enough to know whether carriers also charged each other back then, but at least nowadays it could also incur charges for the originating party; costs which the caller isn't covering
Toying with the system, learning how it works and finding what you can make it do, there's a certain art to it and I'd encourage anyone to at least tinker with the systems they own (and everything else within reason and ethics), but there's two sides to nearly everything
[flagged]
Doing the internet equivalent of burning the largest library in the world is not exactly a good person's behavior.
This isn't the equivalent of burning it, a closer equivalent would be barricading it for a while.
Still awful, but nowhere near as awful as the former.
We have lost the ability to meaningfully compare the magnitude of things.
It's a special feeling when someone seems to lose faith in humanity based on something I wrote in good faith
I get your point and your edit. I think most people reaction is less because of the destruction itself and more because The Internet Archive is being targeted. It is a place that most would say are representing the hacker values, and few such places exist on current internet landscape.
There are so many other possible targets that would get even positive reactions from people. The only kind of people that might be happy about TIA being down is maybe some big corporations that want to control and sell the information being freely preserved there.
Their tag in ASCII Art via console.log() would earn equivalent cred, and not annoy fellow users of a useful service, IMHO
Is it better to deface a website for ransom or to support a scam than it is to deface a website because you're bored?
The action is reprehensible either way, but if this is truly just an old-fashioned Anonymous attack with no ulterior motive beyond just being bad that's honestly kind of refreshing.
It isn't "breaking into things" hackers.
It's "whipping something together" hackers.
Breaking into the Internet Archive's servers is like breaking into your public library. There's no honor to be had.
Imagine physically breaking into your local library for the lulz
https://www.ccc.de/en/hackerethik
> Make public data available, protect private data.
For all I know, they've given the private data to an organisation dedicated to alerting people about breaches. If they fear that the data may also have been accessed by others, that's not a reprehensible thing to do by itself. Besides the DDoS apparently being from the same author (which seems odd because those ethics are incongruous), I don't know what else they've done so I don't know that it's in violation of what you linked
True hackers probably have a special place in hell, but, in a good sense.
If god is the good guy and satan is the bad guy - why do bad people sent to hell? They would just chill with the devil laughing about all the DDoS they did for the lulz.
Satan is canonical for one thing in particular out of most things - he does not like humanity. Getting sent there isn't a fun field trip where you get to hang out with your buddies/partners in crime after the game is over, presumably.
Think of it more along the lines of you having a blinding hatred of mosquitos, and then they keep getting sent to you, and at the same time you're a very powerful, capable individual who can deal with hordes of mosquitos in fantastically wicked ways.
Accessing the data is one (hackery) thing, haphazardly publishing it and not responsibly disclosing it is another (criminal) thing.
This isn't Cracker News.
Did you miss the part about the DDOS attack?
I did actually, since the quote didn't specify and the submission's link changed after I opened the comments. Thanks for pointing it out in case I hadn't seen it in the meantime!
Its being done by pro Palestine Islamic hacktivists.
They stated on twitter because IA is controlled by "the US" and is "pro Israel".
could also just be RU larping under another flag. They have done this in the past with groups like Anonymous Sudan.
100% the result of boredom. Visit website, notice its design is old and crusty and you start to dig deeper. That's all it takes. Funny how we just expect hackers to have a manifesto now.
nah. its politically motivated hacktivists that are pro Palestinian.
See their Twitter https://x.com/Sn_darkmeta
could also just be RU larping under another flag.
> nah. its politically motivated hacktivists that are pro Palestinian.
This is... the most obvious false flag I've ever seen
We've seen it happen with RU flying under other flags with their Anonymous Sudan campaign. This could be a new campaign like this by them.
It's like the wild west in which a group of outlaws could just start a mess in a bar denying everyone from having fun there.
This is why we can't have nice things.
>No statement, no idea, no demands. A special place in Hell…
I mean... would it be better if the hackers had asked for money or did it to protest global warming or something?
Yes? For society in general, for professionals in criminal justice system and also to some extent even victim as well, it is lot harder when there is no motive.
Perpetrators without motive can not be negotiated with, punishment may not a strong deterrent, rehabilitation is lot harder. Economic crimes or crimes of passion or ones as a result of addiction can have a path to rehabilitation and recidivism can be solved by tackling the underlying issue like poverty, addition etc. Even solving crimes without motive can be harder as there is less assumptions we can make about the perpetrator.
"Say what you will about the tenets of National Socialism, but at last it's an ethos."
I can't imagine having to experience the world exclusively through WW2 propaganda.
“For the lulz”
[flagged]
A demonstration of what collateral damage actually means.
The bracker was a terrorist so we killed the candle stick makers family.
I think the existing collateral damage examples were pretty actual already. By burying terrorist headquarters under civilian apartment buildings, Hezbollah guarantees collateral damage.
Does this extend to putting a military base next to a shopping mall?
https://en.wikipedia.org/wiki/HaKirya
What’s the permissible distance in a three mile wide strip of land among the most densely populated in the world?
To be fair, the base was there long before any residential development nearby, and the part that is near residential development is simply offices.
The type of logic leads to schools in the US being valid targets so long as a drone pilot drops off their kids to school on the way to work.
No it doesn't. The US does not deliberately hide it's drone pilots among civilians and targeting their place of work or the drone storages would not harm civilians.
I'm sorry that your governments rules of engagement are what you'd consider terrorism.
Maybe you should do something about it?
[dead]
Hackers can start to learn what kinetic response is then.
[flagged]
Is there any reason to think this? (Honestly asking). It seems like quite a stretch to me unless there is some reason to connect the two.
100%. https://x.com/Sn_darkmeta/status/1844080692772401399?t=j3xDz...
This Twitter account is suspicious and odd. I don't think anyone doing this is stupid enough to actually believe that they're doing it to "help Palestine." Seems like a job by Israel or supporting countries pretending to be supporters of Palestine.
What is the connection? I don’t understand how this would help either Isreal or Palestine?
We have no idea, that’s just what they said
We have an entire generation of activists who have somehow been programmed into believing that disruptive, moronic, antisocial acts of “protest” are a way to effect change, whether it’s vandalizing historic artwork or blockading a freeway. And the Internet Archive is even a museum of sorts, so you can see how the rationale would track.
Are you suggesting something similar along the lines of murdering your own citizens and showcasing them as victims? Something akin to 911 being an insider job?
[dead]
[dead]
[flagged]
[flagged]
[flagged]
huh i thought everyone already knew this
Great. Bunch of pricks. Refuse to remove any of my data they scraped.
They seem to roll out the we're being DDOS'd every time there's some other thing happening.
So, it seems there are multiple things potentially including DDOS.