New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Archive.org, a repository storing the entire history of the Internet, has a data breach
31 million records containing email addresses and passwords hashes exposed.
Comments
HIBP sent me an email and the only thing it was leaked was email, password and usernames. i mostly use Gauth to login so i don't need to change my password ig
And the reason provided by whoever responsible is so absurd.
forgot to add that the Internet Archive was DDoSed earlier today from a russian "hacker" group and accused on twitter on how IA is part of the US gov when it's a non-profit. on twitter they are getting hated by everyone since it's something about politics or whatever
I think I had a account with archive dot org
I checked pwned site, none of my emails say anything so I hope I'm safe.
Karma for ignoring every E-Mail.
Many terrorists will be exposed now
https://www.bbc.com/news/technology-44112431
Received an email from HIBP, sad.
There are many others Wayback Machines. I'll replace the word hacker to scriptkiddies. :-)
Let me correct that for you: "from a russian "hacker" group" "attributed to a russian hacker group".
Generally, note that (true and correct) attribution usually is the hardest part and therefore very rarely seen. What is told usually is but meaningless blabla or, more often, willy-nilly attribution based on political reasons.
And being at it, NO, "similar patterns", "similar code", let alone "similar code style" is not a factual statement or attribution but rather empty blathering trying to look "in the know". In fact it can be reasonably presumed that such "pattern", "code style", etc actually often are intentionally placed "hints" to guide suspicion towards another party.
Also not that the OP's link contains the statement "It is not known how the threat actors breached the Internet Archive and if any other data was stolen." - which basically is an euphemism for "we don't know jackshit. All we know is that were somehow hacked. And frankly, we didn't care about nor knew about security".
TL;DR - Pretty much nothing is known so far and the main culprit, besides the hacker(s), actually is the third rate outhouse 'internet archive' who seem to not have cared about security at all
The most shocking thing is there were 31,000,000 users? What features did you get access to as a user that you don't as just someone looking up a random archive of a site or page?
I used the site somewhat often, I feel like, never once was I prompted to or felt compelled to register.
eidt: archive.org is down for me at the moment.
You need to register to upload anything. They don't just archive web pages
I am curious if people who donated also had their e-mail addresses leaked. I was one who donated.
Ah, yeah, fair point. I forgot that they had ebooks and what not.
Their Mastodon are up - I might think they shutting down entire servers for investigation. There's no statement yet from Internet Archive.
Internet Archive was and still is the best and I hope that only the database was affected and not the files hosted on their behalf.
someone posted a timeline here https://gist.github.com/xproot/b574dc868a9db012bbe07252a1f7f2d5
they're actively deleting messages in their telegram past few hours now and banning people for calling them out
archive.org is fundamental but the code and network are bad and should have been redesigned from scratch a long time ago.
yeah... almost eveyone uses IA everyday so ig the bandwith is throtled to 100mbps/sec or something
If you use their torrent server when you want to download something - you can get more speed.
just talking about the main download server. ig torrent is faster (i get a ~10-15ms ping but ig that doesn't matter.) I have used it before and the speeds were alright
You need to register to check out ebooks. I imagine there's some kind of favoriting or something features but that's all I've ever registered for.
The hacker said: "Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach?"
Yeah, I did kind of figure a small nonprofit attempting to preserve as much of man's knowledge as possible, serving close to a billion archived web pages, 270K+ concerts, millions of audio and video files, and relying on a tiny budget of $30m a year to manage > 150PB of data in a highly available way would be running on sticks.
With an account you can manage uploads and shit (that they will eventually deleted anyway). Also there is some "borrow a book" feature that needs an account.
Perks you will enjoy even without an account:
Other than that, 0 sympathy for those shitty a**holes, shiity website, shitty support and shitty people behind it. they care to send emails to ask for donations when you donate once, they never care to answer emails. fck 'em.
Latest update on the DDOS attack from @brewsterkahle (Oct 11 @ 10:22am PT):
"The data is safe.
Services are offline as we examine and strengthen them. Sorry, but needed. @internetarchive staff is working hard.
Estimated Timeline: days, not weeks.
Thank you for the offers of pizza (we are set)."
Wow thats a new low.
Theoretically a good point that should make people think. Practically though, sorry no money for them because it's needed elsewhere like for supporting weird (but obedient) regimes, destroying countries, convincing people that biology means nothing and everyone can have any gender they want and even change it to go with their mood, and of course billions and billions for gov. agencies which tell us what's right and what's wrong and which ignorantly let infrastructure decay.
So, sorry IA, not even 1/1000th of the money send to weird (but obedient) regimes for you. You'll have to do with thin wonky sticks!
Just a quick question: How much hardware did you donate to them? How many lines of code have you written for and donated to them, to make say, the "horrible UI" a bit less horrible, how many minutes did you spend to somehow support them?
Re myself, I admit the answer to all these questions is 'zero', but then I do not have any demands nor do I trash-talk them.
@jsg I like their UI, is quite fine for an Wayback Machine
I intentionally not even made a statement about my liking, or not, of their UI. Simple reason: simply and kind of ignorantly consuming for free what they offer I don't feel the need - or right - to judge it. "It works" is good enough for me.