The FBI sleeps when libraries burn
Ok, but no need to be bitchy towards the good librarians.
This person could be damaging corporate infrastructure but he goes after internet archive
This guy is outing the archive for terrible security posture by bringing attention to it because they received disclosures and did not fix them.
Don’t get shit twisted - he’s the hero here. IA fucked up and has been vulnerable to manipulation by any number of corporate or national actors this entire time.
You don’t leak a passwords database publicly on the Internet in good faith.
Not necessarily the same hacker.
If they were really “the hero”, they’d follow the bare minimum of responsible disclosure best practices, and allow 90 days between privately alerting them of the issue and going public with it. Two weeks is absurd.
If this was genuinely done out of love I could understand but due to the legal battles the internet archive is currently being dragged through, I harbor suspicion of their intent.
You sure about that, or are you hypothesizing?
There’s never certainty when talking about hackers…
That’s verbatim the content of the email and the email hack does not appear to be malicious (unlike the ddos or the password breach)
It’s more likely that this is 3 different groups than it is a single group.
The hackers are mostly not okay. Fucking bootlickers.
Because none of this was random or premeditated as in to strengthen their security.
Hackers acting as if they’re doing a public service by bringing down a free publicly accessible tool is a new level of assbackwardness.
If the goal really was to force IA to increase their security, they would’ve tried to consult with them. This is more about notoriety and chaos and the hackers have no moral ground to stand on.
those hackers are probably paid by the corporations wanting to bring it down
Yeah look at me flexing on and underfunded non profit.
Not at all hackers are criminals, but many are idiots.
was that their stated reason for attacking the internet archive?
to bring awareness to the security breaches?
little fucks.
“I stole your wallet because pockets are so vulnerable. I’m helping.”
nobody know true reason
one group claim responsibility on twitter for ddos, reason they are us company and us support genocide in gaza. but from all us company they chose ia? sound like bullshit.
No, it was somehow because they hate NATO
oh good, that totally makes senseWHAT?!
Their emotional maturity is close to zero.
They go after internet archive, such a lame move.
Hackers acting as if they’re doing a public service by bringing down a free publicly accessible tool is a new level of assbackwardness.
are the zendesk hackers the same as the ones who brought down the website initially?
Black hat v grey hat innit
This strikes me as state-funded or state adjacent hacking. Kind of like how the destruction of Twitter eliminated a source of on-the-ground, 24/7 information for the working class on all of the events our governments would prefer we not see so that their propaganda can be produced more lazily. Destroying the Internet Archive acts as another hindrance to the working class when it comes to staying informed and enriched.
This message here in particular is not looking state funded if you ask me. Gaining access to zendesk tickets is a vulnerability which was published a few weeks/months ago and is not difficult at all.
Yes, and IA was super prompt at patching that, because they have such a big team, who also get paid corporate wages and get all sorts of benefits. And, of course, all of them have nothing better to do… because maintaining that infrastructure and code is a piece of cake and is super easy.
I don’t know about state funded, but corporations really, really hate IA for a lot of reasons.
Like keeping old versions of their software for one… or source code leaked or deleted for one reason or another… and other info of course.
I use it regularly to link to source files or packages long deleted, but I still use them for one thing or another.
I’m sorry, there is a .yachts TLD?
Why they don’t try to ddos and hack ChatGPT instead or something?
Because they’re corporate bootlickers, paid or otherwise.
Look at the people that participate in “Hacker News.”
Hey, instead of picking on that little kid, why don’t you go harass that huge bodybuilder guy with all the knives attached to his belt?
well, yeah. its still better than picking on a kid.
Because no one has offered any money regarding that.
The FBI sleeps when libraries burn
This dumbass is probably being paid by them in the first place lol
FFS, that whole hack has left the IA a shambles.
Doesn’t seem to be ill intended, not a good way to point out a problem, but the problem is there.
There are other ways to point out a problem. What this person did could have been done as a POC, discussed privately with IA and published publicly later on, when the problem was patched.
This was deliberate and probably paid for.
