Post B2LiM4p8SMSiFKbPpA by eb@social.coop
(DIR) More posts by eb@social.coop
(DIR) Post #B2LiA1GvpsFRkvr3Im by eb@social.coop
2026-01-16T02:05:12Z
2 likes, 3 repeats
So the mysterious person behind archive.today is very likely to be "Masha Rabinovich." A 2023 investigation from Jani Patokallio theorized this muchhttps://gyrovague.com/2023/08/05/archive-today-on-the-trail-of-the-mysterious-guerrilla-archivist-of-the-internet/However recently a few things happened over the past few days. A HN user noticed that archive.today visitors are being used in a botnet staging a DDoS attack against Jani's website, and Jani has received a bogus C&D.Who was the HN user who noticed this? Well... π§΅
(DIR) Post #B2LiA9EkDtFgSStQ0G by eb@social.coop
2026-01-16T02:08:47Z
0 likes, 0 repeats
The HN thread discovering this covert attempt was posted by no other than "rabinovich", a user which shares the name of the POI: https://news.ycombinator.com/item?id=46624740Furthermore, the Masharabinovich Wikipedia account has reactivated for the first time in 10 years to purge their talk page: https://en.wikipedia.org/wiki/Special:Contributions/MasharabinovichNow, we still don't know if this Masha Rabinovich is an alias, but the evidence that this person is indeed the creator of archive.is is too great to ignore, and clearly Jani touched a nerve π§΅
(DIR) Post #B2LiAH6Azd9SqCwgl6 by eb@social.coop
2026-01-16T02:12:36Z
0 likes, 0 repeats
But what's really interesting is the motivations.1. Why now, after 2 years?2. Why run a DDoS, and yet defend Jani in the comments?: https://news.ycombinator.com/item?id=466298233. Why register for a forum using your "name" to draw attention to a DDoS being ran by *your own site*?This seems like a ploy for attention. Perhaps the FBI has finally found him and Masha wants to go out on his own terms?: https://arstechnica.com/tech-policy/2025/11/fbi-subpoena-tries-to-unmask-mysterious-founder-of-archive-today/Perhaps Masha is a fake name and the real name leaked so he wants to publicize Masha? π§΅
(DIR) Post #B2LiAObz3lko8ssgoC by eb@social.coop
2026-01-16T02:22:14Z
1 likes, 0 repeats
I also just wish to stress that by visiting archive.today or related web properties your device is being used as a participent in a DDoS attack against Jani. archive.today is not safe to use. π§΅
(DIR) Post #B2LiAWWbdeCogWQVXM by eb@social.coop
2026-01-16T02:27:43Z
0 likes, 0 repeats
interestingly the code used in the DDoS has changed between today and yesterday:Old:πππππ("πππππ://ππ’πππππππ.πππ/?π=" + πΌπππ.πππππ(πππ π³πππ().πππππππ() % π·πΆπΆπΆπΆπΆπΆπΆ), { πππππππππΏπππππ’: "ππ-ππππππππ", ππππ: "ππ-ππππ"});Today:πππππ("πππππ://ππ’πππππππ.πππ/?π=" + πΌπππ.ππππππ().ππππππππ(πΉπΌ).πππππππππ(πΈ, πΉ + πΌπππ.πππππ(πΌπππ.ππππππ() * πΎ)), { πππππππππΏπππππ’: "ππ-ππππππππ", ππππ: "ππ-ππππ"});
(DIR) Post #B2LiKW3IFd9S79TqvQ by jik@federate.social
2026-01-16T03:26:33Z
0 likes, 1 repeats
@eb *sigh* I use archive.today quite a bit. Don't have time right now to find someone else that will do what I need, so at least for the time being I'm going to blackhole gyrovague.com on all my devices to prevent it from doing any damage on my account.It's interesting that the DDoS code is (apparently) only on the CAPTCHA page, since archive.today doesn't always display its CAPTCHA page. Why didn't they put it on every page? Hmm.
(DIR) Post #B2LiM4p8SMSiFKbPpA by eb@social.coop
2026-01-16T03:29:11Z
0 likes, 1 repeats
@jik my best guess is that the captcha page just isn't something people think to inspect. it is a very brief page the user will only ever encounter on a journey, a page that they strive to move through as efficiently as possible. Furthermore it *looks* like a cloudflare captcha so users are very familiar with it (it is not a cloudflare page).