Hacker News new | past | comments | ask | show | jobs | submit
dydgbxx | on: Cloudflare flags archive.today as "C&C/Botnet"; no longer resolves via 1.1.1.2
Why? It’s accurate and if the owner has chosen to do this for months now, why should we ever trust they won’t again? Nobody should ever use that site and every optional filter should block them.
winkelmann | parent | next
There's probably a worthwhile discussion to be had about what it takes for a site in this situation to be removed from blocklists. An apology? Surrender to authorities? Halting the malicious activity for a certain period of time?

Regardless, another user reports the attack is still ongoing[1], so this isn't a discussion that's going to happen about archive.today anytime soon.

[1] https://news.ycombinator.com/item?id=47474777

ryandrake | root | parent | next
I suppose “evidence that the site’s leadership has permanently changed” would convince me. Whoever decided to put in the code that causes visitors to DDOS someone should never be running a web site again.
tumdum_ | root | parent
So, in your mind, there is no way for an individual owning archive.today to recover from this?
ryandrake | root | parent
I mean, probably not. Maybe if they posted a public apology (an actual one, not a 'I'm sorry I was caught' one), listed the steps that they would take to ensure it doesn't happen again and how the fact that they weren't doing it could be publicly verified.

They've shown they're willing to deliberately weaponize their users to fight a personal dispute with someone, and didn't take corrective action when called out. Trustworthiness is something you lose and don't get back.

jojomodding | root | parent
If there was an apology it could be considered, depending on the apology (i.e. is it earnest?). But so far that does not seem to happen.
leonidasv | parent | next
Also, they were caught tampering saved webpages as well, so the website cannot be trusted to fulfill it's main purpose anymore: https://arstechnica.com/tech-policy/2026/02/wikipedia-bans-a...
charcircuit | parent | next
>Why?

Because once the problematic content is removed it should no longer be blocked.

>It's accurate

It is neither a C&C server for a botnet, nor any other server related to a botnet. I would not call it accurate.

>Nobody should ever use that site

It has a good reputation for archiving sites, has stead the test of time, and doesn't censor pages like archive.org does allowing you to actually see the history of news articles instead of them being deleted like archive.org does on occasion.

3eb7988a1663 | root | parent | next
The site started doctoring archived versions as part of the petty feud. That is, what was supposed to be a historical record, suddenly had content manipulated so as to feed into this fight[0]. There is no redemption. You want to be an archive, you keep it sacrosanct. Put an obvious hosting-site banner overlay if you must, but manipulating the archive is a red-line that was crossed.

  ...On 20 February 2026, English Wikipedia banned links to archive.today, citing the DDoS attack and evidence that archived content was tampered with to insert Patokallio's name.[19] The decision was made despite concerns over maintaining content verifiability[19] while removing and replacing the second-largest archiving service used across the Wikimedia Foundation's projects.[20] The Wikimedia Foundation had stated its readiness to take action regardless of the community verdict.[19][20]
[0] https://en.wikipedia.org/wiki/Archive.today
boredhedgehog | root | parent | next
That line of argument is rather misleading, as some kind of content manipulation is inherent to the service an archive that violates paywalls has to provide. It needs to conceal the accounts it uses to access these websites, and their names and traces are often on the pages it's archiving.

Did AT go beyond that and manipulate any relevant part? That's rather difficult to say now. AT is obviously tampering with evidence, but so is Wikipedia; their admins have heavily redacted their archived Talk pages out of fear one of these pseudonyms might be an actual person, so even what exactly WP accuses AT of is not exactly clear.

charcircuit | root | parent | next
While I disagree with that action I still trust the site as a reliable source. Redemption is possible. Maybe not for Wikipedia, but I don't care about that site and consider it rotten.
JasonADrury | root | parent
[flagged]
tredre3 | root | parent
If archive.today was known to be run by God himself, I would still describe what he is doing as a DDoS and breaching the trust of its users by abusing their browser and bandwidth to conduct his battles.
JasonADrury | root | parent
I think you replied to the wrong comment? That doesn't address what I wrote in any way whatsoever.

Unless you're arguing that the response by archive.today retroactively justifies the behaviour of Jani Patokallio, which would be a bizarre take.

InsideOutSanta | root | parent | next
It's not just problematic content, it's criminal behavior. And the site has a bad reputation for archival, given that the owner altered the content of archived articles.
JasonADrury | root | parent | next
>It's not just problematic content, it's criminal behavior.

How is that supposed to be a big deal when the one of core services archive.today provides is obviously illegal anyway?

InsideOutSanta | root | parent
I'm not sure how illegal copyright violations really are, given that all major tech companies are doing it. DDoS attacks, on the other hand, are pretty clear-cut.

I also think "but they also do that other crime" doesn't help their case.

JasonADrury | root | parent
I think the DDoS is clearly problematic, I just don't think it's problematic because it's criminal.

It's problematic because it's childish and pointlessly degrades the user experience.

charcircuit | root | parent
The site commits copyright infringement by showing you content it doesn't have the rights for. This is not the kind of site to go on about morals for.

>the site has a bad reputation

Not compared to archive.org. archive.is has a much better track record.

InsideOutSanta | root | parent
I'm not sure whether you're making a joke or confusing the two websites.
walletdrainer | root | parent
You’re just not at all familiar with the subject.

Archive.org is awful. It allows site owners and random third parties to edit old archived pages.

Archive.today does not.

loading story #47476768
loading story #47479495
gbear605 | root | parent
It is in fact a botnet - they’ve been hijacking user browsers to act as a botnet to DDoS.
charcircuit | root | parent
Are Hacker News users part of a botnet since they link to sites that when people click they go down due to all of the traffic? Am I part of a botnet if I have HN open as it means HN can execute javascript? I think it's stretching the definition.
gbear605 | root | parent
Hacker News absolutely would be if it was making those requests to random sites that the user doesn’t know about, and have no reason to be making requests to other than attacking them.

I suppose if all the users go on the site intentionally wanting to take part in a DDoS, then sure it’s not a botnet. But that’s not reality.

quotemstr | parent
Because it's not the place of a DNS resolver to police the internet.
qzzi | root | parent | next
1.1.1.1 is simply a free DNS, 1.1.1.2 blocks malware, and 1.1.1.3 blocks both malware and adult content. It's a service that does exactly what it's supposed to do.
ryandrake | root | parent | next
If I specifically choose a DNS server that promises to not resolve sites that will use my computer in a botnet, then it is that DNS resolver’s place to do that.
dqh | root | parent | next
This particular revolver is an opt-in service for users that want Cloudflare to block anything that Cloudflare designates as malware.
bawolff | root | parent
Literally what the product is here.