| ▲ | Archive.today is directing a DDoS attack against my blog?(gyrovague.com) |
| 159 points by gyrovague-com 2 days ago | 50 comments |
| |
|
| ▲ | its-summertime 2 days ago | parent | next [-] |
| previously https://news.ycombinator.com/item?id=46624740 |
| |
| ▲ | neonate 4 hours ago | parent | next [-] | | See also https://archive-is.tumblr.com/post/806832066465497088/ladies... also Archive.today: on the trail of mysterious guerrilla archivists of the Internet - https://news.ycombinator.com/item?id=37009598 August 2023 | | |
| ▲ | parable an hour ago | parent [-] | | There are several other posts made recently on the archive.is blog as well, some of which appear to be quite nonsensical or are otherwise irrelevant to the discourse at hand. They all appear to be LLM-generated. It's all very confusing. |
| |
| ▲ | dang 5 hours ago | parent | prev | next [-] | | Macroexpanded: Ask HN: Weird archive.today behavior? - https://news.ycombinator.com/item?id=46624740 - Jan 2026 (69 comments) I cannot make head or tail of this but it's more fascinating than the usual internecine bloodbath. | |
| ▲ | snailmailman 4 hours ago | parent | prev [-] | | Interestingly, theres an account in that thread claiming to be from Gyrovague, but its not the same one thats in this thread, which has been confirmed to be legit as it is mentioned by name in this latest Gyrovague article. I wonder, is the newer gyrovague-com account because they lost the login for the old one? or was the old one a different person? Hopefully they can clarify, because if there's an account pretending to be them that makes this story even more confusingly weird. | | |
|
|
| ▲ | m132 7 minutes ago | parent | prev | next [-] |
| It's a puzzling situation: - The DDoS was certainly unethical and unneeded - Although the blog post only shows an extremely one-sided version of the story by skipping straight to the threats, there are reasons to think that diplomacy has also failed terribly - The website owner has all eyes of the "truth police" on them, and given the current political situation in Russia, it's more than likely they reside somewhere where it has real power; realistically speaking, who wouldn't lose it? - The blog post is preserving information that could aid further investigations even if purged from the original sources, and reveals non-OSINT information in the follow ups - At the same time, it's, to say the least, hypocritical of the archive.today owner to attempt forcefully taking the original post down, when archive.today itself is an OSINT tool I don't think there's a way to fairly untangle this mess anymore. Hence, I'd focus on the possible outcomes: do we really want archive.today taken down over this? Who would lose and who would benefit the most from this takedown? |
|
| ▲ | parable 23 minutes ago | parent | prev | next [-] |
| This likely means nothing, but the .is webmaster seems to have some sort of existing issue with Finland (where gyrovague is from), see https://news.ycombinator.com/item?id=37011955. I thought I would point it out. Also, as someone interested in OPSEC and OSINT as a hobby, I find the measures taken by the .is webmaster, especially the dedication to setting up countless fake accounts for each persona, to be very intriguing. I spent about an hour looking into the Nora Puchreiner persona and all the accounts registered to it that I could find. It appears that "Tomas Poder" is another alter-ego used by the .is administrator. Nora also seems to have a sister: "Sara Puchreiner". Again, all very interesting and I can't seem to make a clear picture of the situation. |
|
| ▲ | Shank 5 hours ago | parent | prev | next [-] |
| It is academically very interesting to think about this in light of their long-standing dispute with Cloudflare (https://community.cloudflare.com/t/archive-is-error-1001/182...) over EDNS, which could have privacy implications attached. I think no matter how you slice it though, it's unethical and reprehensible to coordinate (even a shoddy) DDoS leveraging your visitors as middlemen. This is effectively coordinating a botnet, and we shouldn't condone this behavior as a community. |
| |
| ▲ | qmarchi 4 hours ago | parent [-] | | It's definitely interesting to see this roll around since the only individuals that see the CAPCHA page mentioned, are users of Cloudflare's DNS services (knowingly or not). P.S. Shout-out to dang for dropping the flags. I have a small suspicion that their may be some foul play, given the contents... |
|
|
| ▲ | xvokcarts an hour ago | parent | prev | next [-] |
| Why were you trying to dox the archive owner? |
|
| ▲ | archagon 2 days ago | parent | prev | next [-] |
| Why is this flagged? Given the content, I find this suspicious. |
| |
| ▲ | snailmailman 4 hours ago | parent | next [-] | | I didnt flag the article, but anecdotally, I was initially unable to load the article at all. It mentions how it ended up in an adblock list. The article makes it sound like this is a good thing, as it stops the DDOS, but it isn't preventing people from loading the page directly. That may be true for people using an adblocking extension, but my adblocking DNS seems to be blocking it based on that same list. I had to manually tweak my dns-based adblocker to allow the domain in order to read the article. | |
| ▲ | dang 5 hours ago | parent | prev | next [-] | | I looked at the flags and they seem to be legit flags from legit users. My guess is that they thought this was below-the-radar drama that wasn't on topic for HN. (I could make a "people who flagged X also flagged" list a la https://news.ycombinator.com/item?id=46771900 to support the point, but it's a time-consuming pain so I'd rather not!) Edit: after looking at this more closely, I have a counterintuitive (to me at least) take: I think this is interesting enough to transcend the usual categories. That is, we'd normally downweight this kind of post off the frontpage - but in this case there are so many unusual variables that the usual rules don't apply. I say this despite having zero clue what's going on here. We do have a nose for what the HN community might find interesting (we'd bloody well better after doing this job for so long), so let's override the flags and see what happens. But without relitigating WWII please. | | |
| ▲ | golfer 5 hours ago | parent [-] | | This is definitely interesting and HN-worthy. If nothing else, archive.today links are posted on tons of HN submissions, so it's topical. | | |
| ▲ | dang 5 hours ago | parent [-] | | I agree - it's clear that archive.is / archive.ph / archive.today / who-knows-what-else has been a lubricant in many HN threads, letting people read things they otherwise couldn't, and that increases the interest of the topic. I suppose I should add that we prefer archive.org links when they're available, but often they aren't. Edit: I suppose I should also re-add that we have no knowledge of or opinion about what's going on in the dispute at hand. |
|
| |
| ▲ | cookiengineer 5 hours ago | parent | prev [-] | | [flagged] | | |
| ▲ | dang 5 hours ago | parent [-] | | You can't attack another user like this here. Please see https://news.ycombinator.com/newsguidelines.html and stick to the rules. | | |
| ▲ | cookiengineer 3 hours ago | parent [-] | | How is it an attack if it's actually true? Maybe it would be better to check /g/ and /pol/ to find out where the flagging army comes from, because that might be more reliable than guessing what is a proxy and what is not? They initiated the doxxing campaign against the author of the article after all. |
|
|
|
|
| ▲ | rsaarelm 43 minutes ago | parent | prev | next [-] |
| Archive.today does not seem to have worked for people connecting from Finland since mid-January, it just gives an endless captcha loop. Is this related to whatever this drama is? |
| |
|
| ▲ | deathanatos 4 hours ago | parent | prev | next [-] |
| … seems like we the HN community should find a new site to mirror with. |
| |
| ▲ | mr_mitm an hour ago | parent [-] | | There isn't one. As far as I know, no one really knows for sure how they bypass all these paywalls. (Most credible theory I heard: They actually just pay for the subscriptions.) |
|
|
| ▲ | EdiX 2 hours ago | parent | prev | next [-] |
| Why does this say it's been posted 8 hours ago but on hn.algolia.com is archived 2 days ago, also I'm sure I already saw it yesterday. |
| |
| ▲ | JasonADrury 43 minutes ago | parent [-] | | This is a regular HN feature where admins resurrect old posts that did not get the attention they maybe deserved. |
|
|
| ▲ | deaux 3 hours ago | parent | prev | next [-] |
| > Well, I wish I had one, but at this stage I really don’t. The most charitable interpretation would be that the investigative heat is starting to get to the webmaster and they’re lashing out in misguided self-defense. I don't think they're lashing out in self-defense. This is a harmless way for them to get attention, which is what they're desparate for because the FBI is after them at the behest of Bezos and other billionaires who control the paywalled media and don't like archive.today's role in making them accessible. The only thing that could possibly save them (though it almost certainly won't), is gathering as many eyeballs as possible from the people who like the service. HN having a super high concentration of those. Almost every paywalled post here has an archive.today link in the comments. That's also why they posted about it on HN, explicitly under that name. To get HN eyeballs. It's intentionally harmless because, as you confirmed, it's not costing you any money or resources. |
|
| ▲ | opengrass 3 hours ago | parent | prev | next [-] |
| gyrovague-com: posted this thread, claims to own the blog gyrovague: claimed to own the blog in the last thread rabinovich: posted last thread linking to gyrovague.com, identifying the owner as... well... "Masha Rabinovich" I believe these accounts are all connected. |
|
| ▲ | JasonADrury 2 days ago | parent | prev | next [-] |
| This is the blog of a guy who for whatever reason is trying to dox the owner of archive.today It's a shame the DDoS isn't working. OTOH, this all looks so silly it might as well be the archive.today operator trying to push fake dox on themselves. |
| |
| ▲ | Bender 2 days ago | parent [-] | | Their admin is a member of HN but I've never seen them reply to these threads. [edit] Perhaps they could share their perspective on what has been done thus far to mitigate the problem. | | |
| ▲ | JasonADrury 2 days ago | parent [-] | | What would they possibly say? I don't think one should explicitly have to ask to not be doxed for performing a public service. What gyrovague is doing here is obviously despicable. | | |
| ▲ | Bender 2 days ago | parent [-] | | I would imagine their technical perspective of what is happening and what attempts were made to mitigate it thus far. That is where the HN audience could chime in. If they have the resources I suspect they do then just about every option is on the table though assisting them may get people on some lists for assisting the Russian Federation. It's also not clear to me who is attacking who here. | | |
| ▲ | JasonADrury 2 days ago | parent [-] | | "Gyrovague", the author of the post we're commenting under has for reasons unknown engaged in targeted harassment of the owner of "archive.today". Now the owner of archive.today is attempting a rather lazy DoS attack against gyrovague.com. A rather mild response to gyrovague attempting to bring the archive.today owner physical harm by spreading potentially identifying information about them. There's really very little to be said about this whole thing besides that Gyrovague should try to be a less awful person in the future. | | |
| ▲ | Bender 2 days ago | parent [-] | | Like I said, I can't tell who is attacking who. Archive.is has more money, resources and ASN's than Akamai so surely they can mitigate anything anyone can throw at them. A little forum trying to respond in kind can't really be much of a threat. Archive could just tell their controlling nodes to ignore any requests to mirror the forum which means there is a lot more to this than any of us are seeing. That is why I would like to see the admin of Archive respond for both sides of the story. | | |
| ▲ | deathanatos 4 hours ago | parent | next [-] | | > Archive.is has more money, resources and ASN's than Akamai so surely they can mitigate anything anyone can throw at them. This statement makes me think you're misunderstanding the person above you. They're saying this blog author, gyrovague, is doxing¹ Archive.is. I am wondering if you are misreading that as DoSing. To "dox" is to reveal the identity of, typically for purposes of harassment. To "DoS" is to spam with requests. Archive.is is not being spammed with requests, nor do I see anyone here suggesting they are except here: "resources and ASN's … mitigate anything anyone can throw at them" … that seems to indicate you're (mis)reading it as "DoS"? (I.e., gyrovague is doxing the Archive.today owner¹. Archive.today is, in return, DoSing gyrovague.) (¹I'm not trying to comment on whether that term is being appropriately applied here, or not.) | |
| ▲ | JasonADrury 2 days ago | parent | prev [-] | | I don't think there's any dispute on what the story is. The blog post here contains the facts, and a rather clumsy attempt by Gyrovague to justify his bid to dox the operator of archive.today. > Archive.is has more money, resources and ASN's than Akamai I assume this is a joke, but Archive.is is a shoestring operation funded through donations. | | |
| ▲ | dang 5 hours ago | parent | next [-] | | Hey guys - you both obviously know a ton more about this than I do, but this is the point at which the thread went off the rails. I get that you disagree with each other and that's fine, but please stay within the site guidelines while doing so: https://news.ycombinator.com/newsguidelines.html. | |
| ▲ | Bender 2 days ago | parent | prev [-] | | I assume this is a joke, but Archive.is is a shoestring operation funded through donations. I am certain they would like people to think that. They have more IPv4 addresses under more ASN's than Akamai control which anyone who has tried to block them would know. Their controlling ASN's are in the Russian Federation which they make no attempt to hide at least for now and why I must assume they are fine with people discussing it. The GDP of the Russian Federation is somewhere north of 2 trillion dollars. Their nodes both in Russia and spread all around the world would not be permitted by Russia to mirror random sites without authorization to do so. One in or from Russia would not defy Russian leadership for very long. | | |
| ▲ | JasonADrury 2 days ago | parent [-] | | Yes, it's apparently hosted behind some fastflux setup. That's neither new nor special, nor is it particularly expensive. Such setups are offered on various forums starting from a few hundred dollars a month. > Their nodes both in Russia and spread all around the world would not be permitted by Russia to mirror random sites without authorization to do so. This is simply not true. You can absolutely run a website like this in Russia without any authorization. Who would you even ask? The whole idea is bizarre. | | |
| ▲ | Bender 2 days ago | parent [-] | | You can take what I said out of context. Apparently OSINT are on it, not my problem. |
|
|
|
|
|
|
|
|
|
|
| ▲ | justsomehnguy 2 days ago | parent | prev [-] |
| [flagged] |
| |
| ▲ | dang 5 hours ago | parent | next [-] | | Please, let's not re-fight WWII on HN. We know that the impact from that time is far from worked through, but to the extent it shows up here, commenters should make the effort not to fall back into war mode. You're welcome on HN, and so are the users you disagree with—but you all (i.e. we all) need to stay within the site guidelines when discussing tough stuff. These include: "Comments should get more thoughtful and substantive, not less, as a topic gets more divisive." -
https://news.ycombinator.com/newsguidelines.html p.s. This comment is not just for the user I'm replying to but everyone else who's expressing strong feelings below. It's amazing, and totally human, how alive these feelings are after 80+ years, but at the same time, 80+ years of distance should give us the ability to relate to each other a little bit better than our grandfathers and great-grandfathers were able to. | |
| ▲ | Mordisquitos 2 days ago | parent | prev | next [-] | | > Finland was one of Germany's most important allies in the attack on the Soviet Union, allowing German troops to be based in Finland before the attack and joining in the attack on the USSR almost immediately. I wonder, why on earth would Finland have any hostility towards the USSR in 1941? It beggars belief! | |
| ▲ | ZenDroid 2 days ago | parent | prev | next [-] | | OTOH, after trying to conquer Finland in 1939-1940 Russians definitely have no moral right to judge Finns. | |
| ▲ | gyrovague-com 2 days ago | parent | prev | next [-] | | OP here. I obviously registered to post my own blog entry. You might also want to read your own link: https://en.wikipedia.org/wiki/Siege_of_Leningrad#Finnish_par... | | | |
| ▲ | RealStickman_ 2 days ago | parent | prev [-] | | Could it be that Germany was the only nation willing to help Finland fight the Soviets? From Wikipedia > Interim peace
> ...
> Defensive arrangements were attempted with Sweden and the United Kingdom, but the political and military situation in the context of the Second World War rendered these efforts fruitless. Finland then turned to Nazi Germany for military aid. https://en.wikipedia.org/wiki/Finland_in_World_War_II |
|
