
Internet Archive is suffering from a DDoS attack - edward
https://twitter.com/AttackNodes/status/743154643820253184
======
NelsonMinar
Today may be a good day for you to donate to the Internet Archive. If you rely
on the Wayback Machine or enjoy the game archives or simply appreciate the
amazing preservation work the non-profit is doing, kick them a few bucks.

Naturally their own donate page is offline right now, but you can donate
yourself via check or wait for the site to come back.

Internet Archive 300 Funston Avenue San Francisco, CA 94118

TIN: 94-3242767

[https://archive.org/donate/](https://archive.org/donate/)
[http://archive.is/UBX0Z#selection-2697.1-2701.24](http://archive.is/UBX0Z#selection-2697.1-2701.24)

~~~
heavenlyhash
I had the privilege and joy of meeting several of the team at the Internet
Archive who actively police for this kind of content as best they can, while
maintaining the openness of their service. They're cheerful, honest,
hardworking and energetic people. There's few groups I'd feel so happy to
support.

Maintaining an open and freedom-loving service in the face of abuses is
incredibly hard. It's an incredible disgrace how badly these attackers have
misunderstood their targeting.

------
szupie
Another comment from them: "Site is down for hosting a mayor [sic] amount of
ISIS stuff."[1] They also tweeted about bringing down several other supposedly
ISIS-related sites. I'm guessing they're not aware of what the Internet
Archive does...

[1]
[https://twitter.com/AttackNodes/status/743170229426094080](https://twitter.com/AttackNodes/status/743170229426094080)

------
jacquesm
That's the online equivalent of bombing a church. Assholes.

~~~
runn1ng
Yes, it's bad, but archive.org is terrible at deleting ISIS propaganda.
Archive.org is _the_ website where jihadis are uploading their videos.

~~~
joepie91_
Why should it have to delete it in the first place? There's just so much wrong
with that reasoning, it's hard to know where to start.

If Archive.org deletes it, it will simply be uploaded elsewhere. You _cannot_
prevent uploads internet-wide. It's simply not possible.

And why are you even trying to remove it _at all_? Why are you not investing
effort into educating people on why it is propaganda, and why it is false?
Your real problem isn't that the materials exist, it's that people believe
them!

With these two problems combined, it's not that hard to understand that by
removing the materials, you lose your chance at actual damage control. You
just push it deeper into the darker corners of the internet, where you have no
ability to educate users _at all_ , and where you _completely_ lose control
over it.

Why have people still not learned this?

~~~
runn1ng
You cannot prevent this, but you can and should make it harder.

There is a certain group of things that should be hard to share (not to
mention illegal, but execution videos and calls to kill infidels are already
illegal to share), and archive makes it easier to share.

You can and should educate people, of course, but you should make the
propaganda (again, all the war videos, all the execution videos, all the cut
heads and shot disbelievers) harder to get.

The widely shared IS propaganda has been cited as a factor why ISIS is so
popular lately. Why so many people are radicalising. The lenient approach
archive.org is having to this is helping them and they have big role in
destabilizing the current world, if only indirectly.

Yes they are deleting some of the videos but don't delete copies that are
uploaded seconds later with the same names. YouTube and others are much more
proactive with deleting jihadi propaganda. Archive.org is jihadi youtube.

I don't like it personally. But yeah DDoS is not the solution I guess

~~~
unimpressive
>(not to mention illegal, but execution videos and calls to kill infidels are
already illegal to share)

Source and in what jurisdiction(s)?

~~~
Shaanie
I would imagine it could be related to
[https://en.wikipedia.org/wiki/Imminent_lawless_action](https://en.wikipedia.org/wiki/Imminent_lawless_action).
Although I am not a lawyer, so take that with a pinch of salt.

------
jf
Official announcement from the Internet Archive's Twitter account:
[https://twitter.com/internetarchive/status/74316536307288473...](https://twitter.com/internetarchive/status/743165363072884736)

------
pfg
This might be a good opportunity to mention IA.BAK[1], an effort to back up
the Internet Archive. Currently, the entire Internet Archive is stored in one
physical space. IA.BAK allows users to store copies of the archive which can
be used as a source for data recovery in case of a disaster at this location.

[1]:
[http://archiveteam.org/index.php?title=INTERNETARCHIVE.BAK](http://archiveteam.org/index.php?title=INTERNETARCHIVE.BAK)

~~~
mynewtb
'Only' the completely public parts of it though. The archives behind the
wayback machine are not publically available, 'just' through their interface.

I wish I had the money to host some tens of terabytes for this effort, it's a
great idea.

~~~
pfg
Good point. Future versions of the project could theoretically work with
encrypted blobs, with the keys (which are significantly easier to keep in
multiple physical locations) only known to the Internet Archive. This would
probably require some architectural changes to the Archive and might be harder
to scale, plus one of the goals of IA.BAK is to not be dependent on any
Internet Archive resources other than the actual files.

Definitely something to think about down the road, but in the meantime there
are plenty of public datasets to back up.

------
kyledrake
DDoS is making it so small players (and very large ones like the IA) can't run
web sites anymore. It's time to stop bullshitting this problem and pretending
it's going to go away or that you can sign up for a magic cheap plan somewhere
and all the problems stop happening. We really, really need to start getting
active about solving this problem.

That means building DDoS protection into the nature of the web and all hosting
_by default_ (AWS and GCS I'm looking at you), and that means actively
prosecuting DDoS attackers.

That also means, if you're a cloud DDoS provider, not helping to protect the
sites where these attacks are marketed.

~~~
inanity
Hope this serves as a reminder for the importance of a decentralized web; I'd
gladly host an Archive@Home node.

~~~
throwaway6436
AKA "torrent". You are so cute.

~~~
effingwewt
No, a decentralized node. But your attempt at oversimplification coupled with
sarcasm was....so cute.

------
me_again
I'm guessing the archive includes some ISIS sites that this person finds
objectionable? Idiots.

~~~
runn1ng
Nope. Archive.org has a part where you can upload videos, it is separate from
web archive.

ISIS uses archive.org almost exclusively for sharing their propaganda videos
(all the executions, war videos, etc.). It's not the web archive they are
using for this, it's the video archives.

I am not sure why are they doing that; probably because the barrier for using
it is low and they don't delete the ISIS propaganda so much as other websites
(like youtube).

Other website jihadists love to use is justpaste.it for text

------
inanity
To you who are encouraging a proliferation of ignorance and punishing the
innocent many for the crimes of a guilty few: this is their goal and you are
helping to realize it.

------
mark_l_watson
I donated last month, time to donate again. I was at the Internet Archive
building last week for the Decentralized Web Summit. Good folks there.

------
swasheck
... hey ... doesn't isis do that?

~~~
toomuchtodo
Unchecked vigilantism is no different than terrorism.

~~~
rbanffy
Well... DDoS's, at least, kill less people...

But attacking the IA is so wrong on so many ways it's appalling.

------
rmdoss
Surprised they are not using a DDoS mitigation provider yet.

With companies like Sucuri and CloudFlare providing it at $20 per month, seems
a non-brainer.

~~~
mynewtb
I guess control over their user's privacy and the integrity of their
connections is more important to them and I like that.

~~~
rmdoss
I see a lot of reasons not to use these providers, but privacy and integrity
is not one (and I find it a bad argument against them).

Every traffic passes through so many hops, routers and networks that adding a
secure, well tested and privacy-paranoid provider, like CloudFlare will not
affect the privacy or integrity of your connection.

Yes, they have to SSL terminate your connection, but does so every proxy that
they decide to use (nginx, elb, whatever). Plus, the security that a company
like CloudFlare has to protect that data is a lot higher and more strict than
the majority of sites out there (including the Internet Archive).

It is also frustrating that people would downvote me above for suggesting to
use them, when in fact it is the _only_ way to handle a large scale DDoS uness
you have an insane pipe with hundreds of G of uplink.

~~~
pfg
Having access to the plaintext traffic of 5% of all web sites on the internet
makes them a _huge_ target for anyone from hackers to nation
states/intelligence agencies and what not. I have a lot of faith in their
security team, but this level of concentration is not healthy for the internet
as a whole.

There's a huge difference between having access to the plaintext of encrypted
connections and merely seeing connection metadata, as would be the case with
"traditional" DDoS mitigation services that do not act as a proxy. Reverse
proxies are certainly not the _only_ way to handle large-scale DDoS attacks,
though I would agree that, leaving aside the privacy concerns, those services
are hardly competitive in comparison to CloudFlare, especially on price and
UX.

------
burnt1ce
I think they are bringing down Internet Archive because ISIS are abusing it to
spread their propaganda.

Does this justify their actions? I don't know and probably not. But it totally
changes your perception about why they are attacking Internet Archive.

~~~
zbyte64
No it doesn't change my perspective. They might as well torch the internet
while they are at it because ISIS is abusing that as well.

------
powertower
When things don't make sense, often it is because information is missing
and/or misdirection is in play.

For example -

This could be a cover for an operation that Internet Archive is not aware of,
that is possibly tied to the Internet Archive truck theft (and recovery) that
happened a few months back.

The truck's contents (drives, network gear, h/w's firmware, etc) was the way
to get a payload into the internal network. And the DDoS attack is now
covering whatever is really happening with lots of noise.

This is pure speculation on my part, but is much more reasonable than the
pretense that someone would be stupid enough to DDoS the Way Back Machine
because a few sites it auto-archived had some links to terrorists. In
combination with someone also being stupid enough to steal a flaming truck
([https://blog.archive.org/2016/04/20/truck-and-back-again-
the...](https://blog.archive.org/2016/04/20/truck-and-back-again-the-internet-
archive-truck-takes-a-detour/)).

~~~
PhasmaFelis
I think you're vastly underestimating the arrogance and stupidity of internet
vigilantes. Remember when Reddit fingered some random dude for the Boston
Marathon bombing, leading to massive harassment of the family of a guy who, it
turned out, had killed himself a month previous?

