> Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!
But is this an official message from the company? It sounds odd and unprofessional, especially the "See 31 million of you on HIBP!" part, which jokingly refers to a huge privacy issue for users. Could it also be that the site was hacked, with hackers posting that message in addition to the data breach and DDoS attack?
Troy Hunt's tweet mentions the IA getting breached, defaced AND DDoSed. Here it is, in case you don't want to use that site:
>>>
Let me share more on the chronology of this:
30 Sep: Someone sends me the breach, but I'm travelling and didn't realise the significance
5 Oct: I get a chance to look at it - whoa!
6 Oct: I get in contact with someone at IA and send the data, advising it's our goal to load within 72 hours
7 Oct: They confirm and I ask for a disclosure notice
8 Oct: I follow up on the disclosure notice and advise we'll load tomorrow
9 Oct: They get defaced and DDoS'd, right as the data is loading into HIBP
The timing on the last point seems to be entirely coincidental. It may also be multiple parties involved and when we're talking breach + defacement + DDoS, it's clearly not just one attack.
> The timing on the last point seems to be entirely coincidental. It may also be multiple parties involved and when we're talking breach + defacement + DDoS, it's clearly not just one attack.
It could also be that the attacker has compromised IA communication channels and timed it for maximum dramatic effect and confusion.
this was coordinated. several archive services hit around the same date. ddosecrets was the first to be hacked, as far as i can tell. span of one week.
It's a thankless job to be always begging for donations to keep something working when the Internet at large doesn't value it as much as it should. And now getting targeted like that? I wouldn't judge them if this is an official communication coming from exhausted and frustrated staff.
Just a reminder that AI tried pivoting to much more clear-cut legitimate piracy, presumably because they got bored or something, and certainly put ‘donations’ toward that effort.
IA is an incredibly valuable resource, but let’s not put them on a pedestal.
heh, if they went 100% "we're operating our service from international waters and won't be taking any DMCA requests" i would donate $1000 on the spot (anonymously, of course, but entirely serious).
What's "legitimate piracy"? As a reminder, the scheme was designed to work exactly like typical lending libraries. Publishers were unable to show any harm, and the only evidence available proved they actually benefited from better sales thanks to the Internet Archive. Authors were clearly benefited.
https://www.techdirt.com/2024/09/05/second-circuit-says-libr...
But I agree, no need to put them on a pedestal. Nobody is perfect.
That's unfortunately exactly what happened though:
> He unveiled the National Emergency Library, a vast trove of digital books mostly unavailable elsewhere, and made access to it a breeze.
This good deed backfired spectacularly. Four publishers claimed “willful mass copyright infringement” and sued. They won. On Friday, the publishers said through their trade association that they had negotiated a deal with the archive that would remove all their copyright books from the site.
There is no evidence that, under the NEL, more digital copies of books were borrowed than physical copies were (un)available in the closed libraries. I've not re-read all the materials from the lower court recently, but IIRC publishers didn't even bother to argue this point. Did you find any place where the judge relied on this?
> Both sides filed motions for summary judgment. Judge John G. Koeltl ruled on March 24, 2023, saying the National Emergency Library concept was not fair use, thus the Archive infringed copyright by lending full ebook copies without the waitlist restriction.
Yeah, that's incorrect. I've fixed it now. A better summary is lower down:
> Judge John G. Koeltl held that the Internet Archive's scanning and lending of complete copies clearly constituted a prima facie case of copyright infringement and that the Internet Archive's fair use defense failed all four factors of the "fair use test". He rejected the Archive's argument that their scanning and lending of complete books was "transformative" in the sense of copyright law.
I've just skimmed the ruling again and I don't find anywhere a statement that the number of copies in circulation for any individual book was a deciding factor. Instead the judge stressed the total number of books involved.
> Although IA has the right to lend print books it lawfully acquired, it does not have the right to scan those books and lend the digital copies en masse. To hold otherwise would be to ignore the teaching of the Court of Appeals for the Second Circuit in Google Books that there would be a “strong” claim for copyright infringement if Google had distributed digitized copies of complete books.
> Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!
But is this an official message from the company? It sounds odd and unprofessional, especially the "See 31 million of you on HIBP!" part, which jokingly refers to a huge privacy issue for users. Could it also be that the site was hacked, with hackers posting that message in addition to the data breach and DDoS attack?