also Archive.today: on the trail of mysterious guerrilla archivists of the Internet - https://news.ycombinator.com/item?id=37009598 August 2023
I wonder, is the newer gyrovague-com account because they lost the login for the old one? or was the old one a different person? Hopefully they can clarify, because if there's an account pretending to be them that makes this story even more confusingly weird.
https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu...
It is very possible that `gyrovague` is not `japatokal` but an impersonator.
I cannot make head or tail of this but it's more fascinating than the usual internecine bloodbath.
I think no matter how you slice it though, it's unethical and reprehensible to coordinate (even a shoddy) DDoS leveraging your visitors as middlemen. This is effectively coordinating a botnet, and we shouldn't condone this behavior as a community.
P.S. Shout-out to dang for dropping the flags. I have a small suspicion that their may be some foul play, given the contents...
I don't think this is true. I run my own recursive DNS resolver, and get a CAPTCHA when visiting archive.today.
Also, as someone interested in OPSEC and OSINT as a hobby, I find the measures taken by the .is webmaster, especially the dedication to setting up countless fake accounts for each persona, to be very intriguing. I spent about an hour looking into the Nora Puchreiner persona and all the accounts registered to it that I could find. It appears that "Tomas Poder" is another alter-ego used by the .is administrator. Nora also seems to have a sister: "Sara Puchreiner". Again, all very interesting and I can't seem to make a clear picture of the situation.
This seems like a smart thing to do if you had exposed your real name somewhere and wanted to cover it up.
They should probably review existing case around how Finnish courts treat the journalistic exception in the context of citizen's journalism (as he relied on that at least as one of the reasons): https://tuomioistuimet.fi/hovioikeudet/ita-suomenhovioikeus/...
Of course facts are different, but at least two Finnish court seem to require a lot more reasoning from the controller in the context of citizen journalism compared to traditional media when they want to invoke the journalistic exception. No clue which side this would fall into.
- The DDoS was certainly unethical and unneeded
- Although the blog post only shows an extremely one-sided version of the story by skipping straight to the threats, there are reasons to think that diplomacy has also failed terribly
- The website owner has all eyes of the "thought police" on them, and given the current political situation in Russia, it's more than likely they reside somewhere where it has real power; realistically speaking, who wouldn't be losing it?
- The blog post is preserving information that could aid further investigations even if purged from the original sources, and reveals non-OSINT information in the follow ups
- At the same time, it's, to say the least, hypocritical of the archive.today owner to attempt forcefully taking the original post down, when archive.today itself is an OSINT tool
I don't think there's a way to fairly untangle this mess anymore.
Hence, I'd focus on the possible outcomes: do we want archive.today taken down over this? Who would lose and who would benefit the most from this takedown?
As for outcomes, I'm very much a bit player/spectator in this drama, nobody's going to be "taking them down" over DDOSing an obscure nerd blog.
If they do go down, it'll be the FBI or equivalent, and it will be publicly justified as some combination of "protecting the children" (cf. WAAD) and/or copyright violations.
Thanks, I must have missed this.
> [...] nobody's going to be "taking them down" over DDOSing an obscure nerd blog.
> If they do go down, it'll be the FBI or equivalent, and it will be publicly justified as some combination of "protecting the children" (cf. WAAD) and/or copyright violations.
Yes, this is exactly what I fear. That we might be playing into the hands of the greater evil by escalating a small, personal conflict.
I don't think that's on the table. I would say use this as your incentive to support archive.org, who has proven much more accountable. Archive.Today is weaponizing their traffic, and reducing traffic is the best way to deal with it. Vote with your feet.
Internet Archive is a registered non-profit organization. It is more trustworthy and accountable, but it cannot realistically stand against government-imposed censorship. We've seen this unfold before with Twitter and Meta, partly with Telegram.
Archive.today may be similar on the surface, but if you take a closer look, it's actually an underground "evil twin" that has all the right tools to publish information the governments and the largest of companies want silenced.
Ideally, there would be no such information in the first place. However, the reality is that this classification has only been broadened to cover more content since the invention of the Internet, regardless of which political parties are in power. The fact that the owner of Archive.today is chased by the FBI even though the website already blocks archival of the kinds of content all of us would unanimously find disturbing speaks for itself.
archive.today/is/ph is adversarial. It archives things that don't want to be archived. That's why Trump's FBI is trying to unmask it.
But in fact:
1. HN uses a free service that someone else pays for.
2. HN abuses its paywall bypass function, which is not its main function, is not advertised (unlike 12ft).
3. HN creates legal problems for the archive by highlighting and framing the archive as a paywall-circumvention tool first.
4. HN promotes doxing.
Who would be more motivated in reducing traffic here?
Even the post you linked acknowledges this:
>he blocked the entire site in Finland, although later he lifted the block
Shame, as I was using it alot for archiving different pages.
Given the content, I find this suspicious.
Edit: after looking at this more closely, I have a counterintuitive (to me at least) take: I think this is interesting enough to transcend the usual categories. That is, we'd normally downweight this kind of post off the frontpage - but in this case there are so many unusual variables that the usual rules don't apply.
I say this despite having zero clue what's going on here. We do have a nose for what the HN community might find interesting (we'd bloody well better after doing this job for so long), so let's override the flags and see what happens.
But without relitigating WWII please.
There's a few publications that don't even do that though and archive.is is very good at bypassing them so I do imagine they use logins for those, but for the masses of sites it's not currently necessary.
The first one is money. You need lots of it to run such an operation (servers, IPs, paying to bypass all these paywalls, etc.).
The second one is the legality, as no one wants to be hunted by the FBI, especially not for running a website that is also losing money.
Unfortunately Archive.today complies with these attack requests in some situations, but is still usually better than others.
Use Onion version :D
Placing the link for others:
archiveiya74codqgiixo33q62qlrqtkgmcitqx5u2oeqnmn5bpcbiyd.onion
Fingers crossed that it works!
fetch("https://gyrovague.com/?s="+Math.random().toString(36).substring(2,3+Math.random()*8),{ referrerPolicy:"no-referrer",mode:"no-cors" });
But more to the point, so long as the request meets the requirements of a "simple request", CORS won't preflight it. GETs qualify as a simple request so long as no non-CORS-safelisted headers are sent; since the sent headers are attacker-controlled, we can just assume that to be the case. In a non-preflighted request, the CORS "yes, let JS do this" are just on the response headers of the actual request itself.
Since GETs are idempotent, the browser assumes it safe to make the request. CORS could/would be used to deny JS access to the response.
Things are this way b/c there are, essentially, a myriad of other ways to make the same request. E.g.,
<img src="https://gyrovague.com/?s=…">
Thank you for keeping this up, whoever you are.
robots.txt. It is that simple.
The article is also really appreciative of archive.today. It doesn't feel like a hit piece at all.
That's why it's all so bizarre. The OP claims to be supportive of archive.today, but simultaneously publishes an article detailing his attempt at doxing the owner.
It's hard to see how OP could be acting in good faith here, if they truly meant no harm and were as appreciative of archive.today as they claim to be, they'd just have taken down the article.
I don't think they're lashing out in self-defense. This is a harmless way for them to get attention, which is what they're desparate for because the FBI is after them at the behest of Bezos and other billionaires who control the paywalled media and don't like archive.today's role in making them accessible. The only thing that could possibly save them (though it almost certainly won't), is gathering as many eyeballs as possible from the people who like the service. HN having a super high concentration of those. Almost every paywalled post here has an archive.today link in the comments.
That's also why they posted about it on HN, explicitly under that name. To get HN eyeballs.
It's intentionally harmless because, as you confirmed, it's not costing you any money or resources.
gyrovague: claimed to own the blog in the last thread
rabinovich: posted last thread linking to gyrovague.com, identifying the owner as... well... "Masha Rabinovich"
I believe these accounts are all connected.
I have nothing to do with "rabinovich" but I also have no way of proving a negative.
<https://gyrovague.com/2026/02/01/archive-today-is-directing-...>
This thing is blurry, shady and I hope it will draw some more OSINT eyes on it. I am now curious.
It's clear the doxxing attempts are getting closer now to his/her real identity. On the other hand, they do something that's really useful to so many, and it will be sad if it's gone.