74 comments

[ 2.9 ms ] story [ 100 ms ] thread
I don't know anything about Adguard, but good on the team for doing the extra digging instead of just going along with the claim. Even better that they're sharing what they've found with everyone else.
archive.is is frequently used to bypass paywalls, I wonder if this is motivated by that somehow
Its interesting that being unable to find a legal route to dig up dirt on archive.is, they're going the route of CSAM allegations.

I first heard of this technique on a discussion on Lowendtalk from a hoster discussing how pressure campaigns were orchestrated.

The host used to host VMs for a customer that was not well liked but otherwise within the bounds of free speech in the US (I guess something on the order of KF/SaSu/SF), so a given user would upload CSAM on the forum, then report the same CSAM to the hoster. They used to use the same IP address for their entire operation. When the host and the customer compared notes, they'd find about these details.

Honestly at the time I thought the story was bunk, in the age of residential proxies and VPNs and whatnot, surely whoever did this wouldn't just upload said CSAM from their own IP, but one possible explanation would be that the forum probably just blocked datacenter IPs wholesale and the person orchestrating the campaign wasn't willing to risk the legal fallout of uploading CSAM out of some regular citizen's infected device.

In this case, I assume law enforcement just sets up a website with said CSAM, gets archive.is to crawl it, and then pressurize DNS providers about it.

KF is being spammed with CSAM currently to the point where registrations are closed unless the admins are online to manually watch new user regs.

Seems to be the new tactic now.

This just shows that LCEN, DMCA, etc are poorly crafted laws. They ineffectually stop the abuse they claim to end (like copyright infringement). But it does allow large organizations a cudgel to protect their own IP.
The wording in that follow-up email is so emotive it reads more like a Tweet than formal contact from a federal organisation.

That in itself is quite shocking really.

I speculate, and the conspiracy theorist in me believes, something of a compromising nature has been archived and they want that data inaccessible, but at the same time, pointing out what they want hidden would shine a light on it.

It is even more interesting the US government is coming after archive.today at the same time, or maybe that is just a coincidence, and this is just a tech-savvy philanderer trying to hide something from his wife.

Like a genocide? Or maybe various statements of politicians and events around and related to Ukraine, elections, Epstein, and any number of hot button topics, especially as the writing is on the wall that populations all around the West are starting to get extremely fed up?

I know for a fact that political classes of several European countries have started openly talking about destroying evidence if they lose power and America just declared Antifa a terrorist organization; that all seems to be a plausible motivation.

Finally someone does some digging
The FBI investigation might be a coincidence. Unsurprisingly, archive.today is attacked with CSAM uploads+reports all the time, you can find occasional mentions of this in their blog from 3 and 9 years ago, and I bet there was a ton of this in between.
I still can't wrap my head around why a DNS provider is required to block websites, especially one that is not associated with ISP or used as default on any device. Oversimplifying this, it's a glorified hash map, so whoever wants to take down the illegal content should just deal with the website owner?
I used the site several times to archive some page or send it to someone who cannot access the site directly. I never archived anything illegal and never stumbled upon illegal things there. So I don't know why they want to arrest the owner.

Also the site is pretty advanced, it can handle complicated sites and even social networks.

> But because it can also be used to bypass paywalls

How? Does the site pay for subscription for every newspaper?

> Unfortunately, we couldn’t dig any deeper about who exactly is behind WAAD.

That's a red flag. Why would an NGO doing work for the public hide its founder(s) and information about itself? Using NGOs to suggest/promote/lobby certain decisions is a well known trick in authoritarian countries to pretend the idea is coming from "the people", not from the government. I hope nobody falls for such tricks today.

Furthermore, they seem to have no way to donate them money. That's even the redder flag.

Also France doesn't have a good reputation in relation to the observing rule of law. For example, they arrested Russian agent^w enterpreneur Durov, owner of Telegram, claiming they have lot of evidence against him involved in drug trafficking, fraud and money laundering [1], but a year later let him free (supposedly after he did what they wanted). France also bars popular unwanted candidates from elections. Both these cases strongly resemble what Russia does.

[1] https://en.wikipedia.org/wiki/Arrest_and_indictment_of_Pavel...

A few weeks ago I noticed DNS4EU couldn’t resolve archive.is and assumed it was just a configuration mistake. I emailed them about it, and after a couple of days or weeks (not really sure) the domain started resolving again. Given AdGuard’s recent report about suspicious pressure on DNS providers to block Archive.today, I’m starting to wonder if DNS4EU’s temporary block was actually related to the same campaign
Archive.is doesn't work on all sites to bypass the paywall. Media companies that are truly concerned about this should modify their paywall configuration.
For example, similar to mondediplo.com
The amount of forces seemingly actively trying to kill the internet of old is disconcerting.

Chat control, DNS as arbiter of whats allowed, walled gardens etc.

Different question, but what are realistic use cases of archive.today that could be interesting for average person?
So they're pressuring a DNS resolver to block a specific website? That seems like an incredibly slippery slope.

What stops them from forcing Chrome to block the website, or LetsEncrypt to not issue any more certificates for the domain, or Microsoft and Apple to add them to their firewalls? Hell, can they go after the infrastructure software developers and say, force nginx to add a check and refuse to serve the domain?

Then what happens when a fake report is sent to an open source project without budget for lawyers?

The wording and tone of the emails sent to Adguard reads just like phishing emails with a hint of political SMS spam. Glad to see the people behind there thinking critically and acting rationally despite such language.
It was a little weird that they didnt suspect phishing from the get go.
Note that association's site is made from this free template [1] with minimal editing (can see it using diff). The web hosting account at name.com (prices starting from $5/year) was registered around Jan 12, 2025 [2]. The page also contains commented out section with a part of French mobile phone number and words "Emergency Standard" (the template contained fictional number here):

               <!-- <div class="contact-item">
                  <a rel="nofollow" href="tel:06221319" class="item-link">
                      <i class="fas fa-2x fa-phone-square mr-4"></i>
                      <span class="mb-0">Emergency Standard</span>
                  </a>              
                </div> -->
[1] https://www.tooplate.com/view/2117-infinite-loop

[2] https://web.archive.org/web/20250112153727/https://webabused...

Friendly reminder that archive box exists to let you self host your own archive service.

https://github.com/ArchiveBox/ArchiveBox

I dream of a day where archivebox becomes a fleet of homelabs all over the world making it drastically harder to block them all.

Kudos to adguard dns for [planing to] filing a counter-claim against potential abuse of power.
If the US and UK block websites like archive.today, scihub, and libgen/anna's archive, then how do we think we win the information war against countries that don't give a bleep about copyright?
I bet its mirrors of their own honeypot websites they submitted themself to remove records of websites they rather have memory-holed.