ARCHIVE.IS COMPROMISED

more butthurt

How based is Hitler that he can still haunt his enemies from the grave?

They're not paranoid enough. I stopped visiting archive.is links when they implemented recaptcha. I rarely enable javascript, and never for google.

what are you so terrified of someone getting your IP address for?

Just save an image of interesting page, and upload that here instead.

lmao truuu

How about an archive website like archive . is that just crawls the target page, renders it, and then archives it in the form of a picture.

Well that would be nice but if you don't want to enable javascript the point is moot because you can't be the one to take the picture of the webpage.

Do you have any facts to back that up

...so the logical assumption is they're implementing Google Analytics.

The Holla Forums assumption is Jews want your IP for some reason, and the only way they can do that is via Google Analytics being sneaked into a page's source.

...

I think you misunderstood what i suggested, the archive service's spider will render the webpage and snapshot it, not you.

That way the person viewing the archive image knows for sure that

A) They are not being ip logged and cannot be exploited unless their isp, their vpn provider or the archive service's employees/admins are compromised or someone MITM's them with some 0-day image library exploit

and

B) The image archived webpage that they are viewing hasn't been tampered with in any way barring the possibility that they have been MITM'd.

nvm, realized my mistake after posting tor user. My point still stands of course for javascript-heavy webpages but of course most you don't need to enable javascript to view.

Ctrl + f jews, your post is the first one mentioning jews.

Just block JS like you should already be doing you fucktard, archive.is still works just fine for me without JS enabled even through Tor.

oops meant to link to

Have you been to the original thread? Dont be a fucking goon

This. How do you even browse the web without blocking JS?

Are you fucking retarded?

Oh wait
Rhetorical question

I can actually browse some news sites fine without javascript, except for some thing like user comments don't show up. But the articles and pictures do.
Granted, not every site works, but a decent amount did. If I end up in place that's fubar, I just back out and make a mental note to not go there ever again.
I use browser without any kind of add-ons to block. It does it the opposite way: javascript is permanently off, unless I add a site to whitelist. The browser does this on its on, no need for messy scripts or plugins. I like to keep things simple.
It's Xombrero, btw. And my machine runs OpenBSD with all ports closed, no services running except a couple things on 127.0.0.1, and a pf config that denies everything except started outbound sessions.

>OH LOL HURR >>>Holla Forums UR DUMB
So I see Holla Forums has been taken over by freech autists.

Shit, does noone here know what "escape text" is?
EASY BREAKDOWN FOR THE TECH-ILLITERATE
Whenever you type text in a field of a website, that field may or may not be a possible vector of attack. To prevent shit like that, developers write "sanitization" code. To turn shit like "/" into some other text, like "&64" for instance.
This is because frequently, what you wrote will be posted and be part of the webpage returned to you. What would happen if you posted actual code instead of just text?
This is what we call "escape". By using using an escape character (or expression) the text you write in a form starts by declaring "all right, the text ends HERE. The rest is code" and you do all sorts of funny shit.
So what is happening here?
Whenever you archive.is something, imagine there's a fuck huge text box. And everything in the site you're archiving is automatically typed in it.
Now, someone found out that text-field doesn't have proper sanitization and is vulnerable.
So you make your site. You post something about "multiculturalism" or "Hillary killing niggers live". And then, you write a bit of code. The escape code. Followed by whatever payload you want in your attack.
For now, that payload is a simple image tag to log your IP. In the future, it might be a full blown keylogger or something worse.
It's not archive.is doing this anons although the guy running it is weird.
It's people writing sites with this shit, archiving them on purpose and linking them here.
Wouldn't surprise me if this catches on and becomes an anti-archive defense for newssites in the future.

...

holy shit i love this shitposting

So you're complaining because an archive website keeps a full archive of the page without modification? I'd be willing to bet that if they did have input sanitation you Holla Forumstards would be complaining about how the input sanitation would be used to censor topics that (((they))) don't want you to see, because you simply can't be happy unless you have something to bitch about.

>>>/freech/

So you're illiterate.
THIS EXPLOIT IS CAUSED BY MODIFYING THE ARCHIVE

Is there any proof at all that it's an exploit or just baseless speculation

This is even better shitposting lol

Do you not know how archive.is works?
It removes links to the original sites and makes it so all content is obtained from the archive.is domain.
If there's a link to some 3rd party site anywhere, it's either archive.is now putting links to 3rd party domains to pull resources, or an exploit someone managed to sneak in.
Since other archived pages don't have links to 3rd party resources, guess which one it is.

Is this actually a coordinated attack? Why would someone try to derail Holla Forums? What do they get from this?

He's just a fucking retard from Holla Forums, he has no clue what he's talking about.

Yes, but is archive.is itself putting the analytics code in it's own page, you fucking sperg? You have no proof it's an exploit, you just flipped out at the slightest hint of un-normalcy

Here's why Holla Forums is fucking retarded.

1. This image is referenced in many "copy+paste" javascript shitcode snippets:
duckduckgo.com/?q="http://www.henley-putnam.edu/Portals/_default/Skins/henley/images/loading.gif"
google.com/#q="http://www.henley-putnam.edu/Portals/_default/Skins/henley/images/loading.gif"

2. this isn't a new thing, I have observed this before. I'm too lazy to actually reproduce it.

3. the google analytics bit is not "proof" of exploit of anything.

So, basically it's a case of a russian copy pasting shitcode. Who cares. There's no grand conspiracy.

And, as if it needs to be said, Holla Forums mods are fucking incompetent. They do not know what they are talking about. They'll range ban half of the internet pretending that they're fighting against "CTR" or "duh goons" while on another hand unironically believing that they're the last bastion of free speech.

So no, fucktard. Go back to >>>Holla Forums

I don't understand what made you so upset, we're just having a conversation on the internet.

Yes, it's easy to prove it by just checking other archive.is pages. One example:
>archive.fo/QatRE
No Google Analytics
I'm not even OP, go sperg out at him or something instead

Why is everyone turning the subject to Holla Forums?
The subject is archive.is, I don't go to Holla Forums nor care about it, but I do care about the archive.

ITT: computer-illiterates would rather sperg out than learn to use uMatrix

...

The subject of this thread is a retarded mod on Holla Forums who doesn't know what he's talking about making a stupid post.

Images can be edited with the browsers developer tools, archives prevent this

blog.archive.is/post/131808179241/private-policy
What you're experiencing is, basically, an edge case. Check many discussions of archive.is and "google analytics." Apparently, some requests, and some domains, of archive.is, have google analytics.
github.com/EFForg/https-everywhere/issues/4576#issuecomment-208036962

Now, if the retarded Holla Forums mod was talking about the image, again, see

There is nothing to fucking talk about.
Go back to your retarded board, please.

Why are you so insistent on dismissing what he's saying just because he's from Holla Forums, though?

I can generate an archive.is link right now and it won't have a link to Google Analytics. It's at least mildly interesting given how often the archive is used here.

I'm dismissing what he's saying on ground that he's a moron who spouts buzzwords, from an equally moronic hugbox that spouts buzzwords.

ITT: Holla Forums proves it's a bunch of lefty hypocrites that think privacy means nothing when ebil right wing nadzees talk about it, but if you watch youtube you're botnet.

So you have no argument, and are just REEEEEEEEing because the person that brought up the problem is from a place you don't like. Nigger.

are you actually this retarded or are you pretending

I've already made my argument, using primary sources to back it up.

1. the image referenced is a hotlinked image, that's archive.is itself or one of the domains containing copy pasted shitcode.
2. the google analytics bit is known, but not on all archive.is servers (i.e. it's not used with all archive.* requests.)

Holla Forums was the one who came to our board screaming "HONEYPOT" and "COMPROMISED."

Now that the evidence has been considered, and refuted, we can safely go back to making fun of Holla Forums's mods for being fucking retards.

Thank you for your understanding.

I think it's hilarious how Holla Forums immediately starts accusing anyone who straight up tells them that they're a bunch of fucking retards, and why, when it comes to subjects they have no clue about, are immediately communists or whatever.

Pretty funny. It's almost like they're fucking delusional.

>spergs out and claims global NSA conspiracy instead of fucking online privacy 101
go huff a few more chemtrails kiddo

It's the ol' one-two horseshoe. Instead of the SJWs "mansplaining", you instead hear "shill" and "leftists"

Would love to know how you derived that from my post.
I agree personal protection is good with stuff like uMatrix, but a site getting compromised is still interesting (even if in this case it was just people overreacting)

wew
no seriously though, the GA identifier is archive.is itself. it's spelled out in the privacy policy.
but as for whether it's on each domain, or how their architecture works, it's unclear. there's a report I linked showing that the GA identifier is on one domain, but not the other.

considering the privacy policy I linked, it's best to assume that Google Analytics on archive.is is the default, and any without GA is just a happy accident.

considering we're looking at a hotlinked image, who knows how the two domains fit together. it's a russian offering free hosting, you're lucky you don't get popups for casino slots and "XXX hot babes."

...

blog.archive.is/post/131808179241/private-policy
primary source
you see the domain? archive.is? and blog.archive.is is a subdomain? it's a primary source.

you are fucking retarded. fuck off, retard.

...

You're not even trying.

are you having some sort of stroke?
please settle down, imkampfy or therealmoonman.
be sure not to get too upset or you might end up stickying a raid thread accusing Holla Forums of harboring leftists or some shit. better yet being CTR's base of operations on Holla Forums. that'll whip your spergs into a frenzy to shit up our board, for sure.

though, with any luck, no one will be able to see the thread, because no one will scroll past the 9 threads already stickied, and they're just on Holla Forums for the trump dicksucking of holocaust denial general.

I have other shit to do instead of making fun of a shitty board that's a shadow of its former self. Hopefully you don't suffer too much brain damage from the toldening that happened here.

...

If that's how you want to put it

keemstar tier tbh

...

Correct.
Install Gentoo, faggot.

>>>/killyourself/

...

Well, yes, but if all the archive sites are going to bend over backwards to fuck you in the ass as hard as possible, what's the alternative?

Okay. Sit down and explain how the site is "compromised", and what your definition of "compromised" is.

...

Not that same user, but the fact they require javascript and then copy javascript directly from the target website or otherwise even is a big reason I imagine.

Isn't javascript the worst thing in the world by Holla Forums standards?

I'm sorry, I must be hard of understanding. Where is the server-side execution of code, and how did we find it?

No. Fucking kill yourself.

The first is a hotlinked image, that's referenced throughout the web with copypasted javascript snippets. It's pajeet tier, but it's not evidence of anything, as the code is on archive.is itself.
The second is google analytics, which is spelled out in archive.is privacy policy, but has a caveat in that it's not used on every request, nor is it used on every domain. Indeed, a github issue says that archive.is is the domain where google analytics is used, but there's an alternate domain where it's not. Who knows how the architecture fits together, whether google analytics is only used periodically (on few requests) or what not.

So no, this is not "compromised."
You're going to argue and try to force this fucking meme, but you're still a retard.

No, no, let him try to explain this. I want to see how severe his incompetence is. I also want him to experience it for himself.

I bet you let Youtube track you in Holla Forums threads too.

...

Why not?

Read a book, nigger. I'm not spoonfeeding you just because you're not fit to breed.

Are you unable to fucking read or are you going to continue this bullshit for 300 posts until people get tired of toying with the fact that you're obviously a subhuman?

Explain how it's compromised.

The "for-profit university" bullshit has already been debunked. A vodka nigger copy pasted shit code and a hotlinked image.
Now, considering that, explain how it's compromised. Using your own words, like a big boy.

He can't. He has been asked to a long time ago, he would have responded by now if he could.

That's not an answer. If you believe my answer is not a valid criticism, you're welcome to post why you feel this way. So far, all you've done is call me retarded while you spout oneliners.

Which begs the question of exactly whom is retarded here.

Because it's not doing that.
It has already been explained that archive.is contains google analytics, using its own referral code, on some, but not all requests.

There's nothing to discuss in this thread.
The only purpose of it now is to laugh at Holla Forums, and incompetents like you.

Except it hasn't.

Okay, now actually show what you were talking about; server side code execution. That's client sided, you fucking mongoloid, and does not execute if you don't let it. Please do your parents a favor and kill yourself.

...

But it requires javascript. I might have been wrong about copying of javascript still not entirely certain of that since you're clearly a female on her period but the fact it requires javascript makes it a shitty site bound to be compromised by someone.

Hell, one of the global rules of thumb for Holla Forums is "do not enable javascript" for christ's sake. I suppose you're going to argue it's okay to enable javascript for google, right?

also an incompetent calling others incompetent. Get the fuck out summerfag for real mah niggah

Open your fucking eyes.

I didn't think it was possible to have less than zero credibility

No, it doesn't.
It does with cloudflare now, but it didn't before. That's a protection that could be enabled on Holla Forums in under a minute, since it's also using cloudflare?
Why are you using Holla Forums, in that case?
And why are you using so many buzzwords to try and defend this shitty thread.

It's not even "compromised" in their definition of the word, because 1. the google analytics referral code is the archive.is referral code and 2. the image in question, again, a hotlinked image that's copypasted by an asian nigger.

There's no point trying to argue with them, they're just going to keep repeating the same fucking thing over and over again to try and "defend" their dumbfuck moderators. I'm guessing we're arguing with imkampfy or realmoonman themselves, come to think of it.
They're just going to shit up the thread and repeat bullshit until more retards join the thread, totally oblivious to what's going on.

...

Contradicted in two sentences. Glorious.

AAAAHAHAHAHAHAHAHA

I don't have to enable javascript. For starters. I do in fact use javascript on Holla Forums. I accept the responsibility that entails. If I get v& it's my own failt. But I don't have to. Freedom of choice hombre.

Like what my friend?

You're not even trying.

You were told to use umatrix 50 posts ago, retard.

It's not compromised because of the reasons stated.
duckduckgo.com/?q="http://www.henley-putnam.edu/Portals/_default/Skins/henley/images/loading.gif"
google.com/#q="http://www.henley-putnam.edu/Portals/_default/Skins/henley/images/loading.gif"
This image is referenced tons of places, it's copy-pasted.

Kill yourself, retard.
Please, go back to Holla Forums. You've embarassed yourself too much today.

I mean, nobody took them seriously before, but nobody is ever going to consider taking them seriously again after this.

hue hue Holla Forums is always right!

...

...

asian nigger i.e. russian.

...

or technically, czechoslovakia? who gives a shit tho.

looks server-side to me! :^) that's why it's minified, right?

the only reason Holla Forums is freaking out is because they're retarded windows users who don't know how to privacy

...

webkit sourcde code found in Holla Forums
8chan is an apple spy!!!!!!!!!!

Boy. All this FUD. Where to begin:
1) Hotlinking is traceable. Not only are you surrendering your internet-facing IP to archive.is, but also to henley-putnam.edu, which is actually serving you the image, not archive.is
2) A static loading.gif is suspicious on archive.is, a website that normally depends on server side content creation. (archive.is will serve javascript, but its not necessary for its primary function.) In addition, it wasn't hotlinked from image services, and doesn't come at all near the top in a meta search. Which is odd.
3) Without the google-analytics, which I assume was added for this purpose with the image change, It can not tell what you are viewing on archive.is (i.e. fetch the URL, or even archive.is at), all henley-putnam.edu knows is that it is serving loading.gif to your internet facing IP at a certain time. (For the buzzword autists, there are no refers here). They can filter ip traffic from typical sources to speculate that the new IPs were on archive.is.

Given this, I merely conclude that this is not a honeypot, but just denying archive.is from serving its archives

You really don't have a clue what I'm talking about, do you?

I know you're a lying nigger trying to claim "nothing to see here goyim, it's just a prank bro".

Except it's not gone. And it's an exact archive of mail.ru.

You niggers are retarded. It's archiving the page. In some cases, it removes things like google analytics, deduplicates things like jquery libraries and hosts them locally, but you faggots seriously don't know how this works.

You need to go back to Holla Forums asap.
You've only embarassed yourself in this thread.

Hotlinking is someone referencing another image instead of hosting it locally. It's pajeet tier. There's no fud, it's obviously a mistake, but I've run into this in the past on archive.is/archive.fo with this specific image.
No, google analytics has been on archive.is since 2015. Sometimes it is, sometimes it isn't.

This thread is embarassing. You are fucking retarded.

Obfuscating your own ignorance with feigned offense won't work on this board.

...

To be fair, Holla Forums is the rot in Holla Forums's foundation. A little knee-jerk hatred is to be expected.

...

Not even close. You're saying this isn't just xss, but the only proof you have is screencaps of supposed xss.

And not one shill here has explained why (((google analytics))) is both supposedly ok on an archive site, and why it's tied into a loading gif that displays and prevents any other content on the page displaying.

i think we both know that's not what he meant. you're assuming Holla Forums stays in Holla Forums

Perhaps you should read that post again.
You don't write:
and not replace the cover the whole page as a "mistake"

Do you know what fud even is? Its what's happening in this thread. Its not what's happening with that source.

Well that's just fucking convenient.

...

Yeah and I guess the copy-pasted shitcode going back years throughout the web referencing that image is also convenient.
See, pajeet invented a time machine to carry out this ruse.

You are fucking retarded.
Seriously.

And not one shill here has explained why (((google analytics))) is both supposedly ok on an archive site, and why it's tied into a loading gif that displays and prevents any other content on the page displaying.

The irony is palpable.

...

...

...

REDTEXT MAKES MY INCOMPETENCE LESS NOTICABLE PLEASE LISTEN TO ME

Here's my informed guess, as Holla Forums, and not as an incompetent Holla Forumsack.
Periodically, archive.is uses google analytics to check uptime, as explained in their privacy policy:
blog.archive.is/post/131808179241/private-policy
Instead of doing this on every page load.

And, they use a 302/301 redirect in the process, which is why it's the whole page.

That'd be my best guess. It's stupid, the way it's done, and the way they're using a hotlink image that's not their own, but that's how they're doing it.

You done being incompetent yet? You going to go back to your fucking board?

did you get permission from the CNN to post this?

Kill yourself. You expect us to take your anecdotal evidence as fact?

okay fine just don't actually respond to that, Holla Forumstard cuck lol

I got permission from the big boss of CTR marketing firm, if that's what you're asking.
This comes straight from the top.

Kill yourself. You expect us to take your anecdotal evidence as fact?

Not an argument whatsoever.

And not one shill here has explained why (((google analytics))) is both supposedly ok on an archive site, and why it's tied into a loading gif that displays and prevents any other content on the page displaying.

No, I honestly think the pajeets of the world have created a time machine to carry out this very ruse. Pajeets and a time machine are a dangerous combination. It's actually happening, for real this time.

It's literally archive.is telling you that google analytics may be on the page when you load it.
Seriously faggot, now might be a great time to just stop posting before you embarass yourself, or your shitty politics board, further.

What a shame you have no reliable proof Holla Forums actually found this. :^)

Still no argument.

>>>Holla Forums8057875 nigger. It's linked in the OP.

denied.

...

ducks on the ground, I repeat, ducks

I'm not convinced this thread isn't disinfo shilling itself.

Is this board full of lazy groids,I mean i know halfchan /g/ has a lot of niggers who sit and complain all day.Didn't expect here to be the same.

...

Holla Forums is shit these days. That's why it has almost 0 pph usually, and slips further down the board list by the day. Almost no one on here knows anything about technology, they just shitpost about how everything is complete shit and/or botnet.

This thread is the only reason the user count and pph is as high as it is right now.

Well I'm convinced that something odd is happening in archive.is/, anyone has more "fuck off fuck off fuck off you're retarded idiot" posts to throw? Maybe they'll work this time.

This thread is a deliberate diversion to try and get people to forget that Assange was abducted and extradited a week ago. Good old dickless Holla Forums fell for it again!

This has been happenings since 2015
reddit.com/r/KotakuInAction/comments/3m6cgs/whoa_archive_today_is_currently_down/#cvcd632

It's exactly as described in this thread. It's a way to check uptime.

why does Holla Forums not know how to admit that they're wrong, this thread is hilarious.

spotted the newfaggot

Hugbox

8/pol/ is run as a Communist state, there's almost nothing Right wing about it other than the surface level pro Trump and (((jews))) type stuff.

Holla Forums really went to shit after the waves of migrations and forced hand off of the board to new volunteers

The election and Trump have made it even worse

Sorry BO but you're a faggot and your board is shit

Wtf? What does Holla Forums have to do with this despite the crossboard links?

If OP is a retard just call him once and let this thread die, there's nothing to gain when you scream "back to Holla Forums" a millionth time this week. Your Schizo is showing.

Back on topic, for safety sake is there a list of archive service alternatives out there? In case some letter agencies decide to shut archive.is down.

topkek, retarded as the BO this one

go back to librechan

After you go back to Holla Forums

Do you have anything on-topic to discuss?

Don't you have one of your nine stickies to post in?
>>>Holla Forums
You got fucking told, fag. By multiple people. Just let it die, hang your head in shame.

If this is about the gif, then you people are overreacting.

Whenever there's too much load on the servers/some skiddie is DoSing em, then a.is just serves up that page with the hotlinked gif spinner. I think some other people in the thread have explained why it's that specific spinner.

This thing has happened tons of times before. Just wait for the load/DoS to either go down to normal levels or for it to end.

sage for needless gunjumping by retards who can't into Holla Forums

Too bad people now only post the archive link.
I don't use javascript, so it's useless after they changed their site to captcha.

Hey guys are you totally brain dead or whay?
When you visit any website (including archive.is), their server gets your IP address, and it totally can send it to anyone they wish if they want, and you (the visitor) cannot even get a smallest hint about whether it's happening or not.

The fact that there's no spooky javascript code doesn't in any way make your IP address more private. If you want to hide your address, just use Tor or I2P, niggers…

there is a concerted effort to water down any discussion about this. putnam-henley is a trail back to corporate efforts. who exactly? we may never know because they may be a lot of people in on this.

anyone who tells you to kill yourself or is otherwise unreasonable should be considered suspect. this is something trump and co. have been doing since late 90s.

>abcnews.go.com/Technology/wireStory/trump-master-domains-bash-43208525

look up donaldtrumpsucks.com in archive.org and you'll see in 2001 it led to sucks500.com
web.archive.org/web/20011202173431/http://donaldtrumpsucks.com/
in 2003 sucks500.com began to have hate speech on it
>web.archive.org/web/20040210034857/http://sucks500.com/viewforum.php?f=1&sid=cbf429299a5249ed1d039383d79118ce

this is a domain that is owned by planet.net a "ISP" hosted on squarespace for some reason. I believe trump is involved in market manipulation by swaying public opinion. he may be involved in more nefarious activities.

putnam-henley has a fictional "hitman" character attached to it named Michael Corcoran Ph.D, you can find him on linkedin. This is a character that was created by Kristin Corcoran and if you look her up on 2012 white house visitor logs you'll see she visited with Michael Merritt who is referenced in the todd & clare letter as uk film crew. Kristin Corcoran is part of a group of ghost writers in australia called the ghost girls and is also employed by National Democratic Institute, perhaps as a mole.

the ghost girls intentions may be good but it's short sighted since it prevents true discussion

miswrote at the end there, ghost girls are not employed by ndi, kristin corcoran is

Archive.is does not require JS.

...Or it's simply a hotlinked image.
You faggots really read too much into situations.

okay but you missed the part where this confirms Half Life 3

Hello Google shill. WTF would anyone want to participate in Google Analytics, of all things?

GTFO.

Shillary, pls. Don't be too salty on Wed the 9th. too much salt is bad for you, fatty

Would a VPN get around this problem?

this is why Holla Forums needs a wiki

They have one - Uncyclopedia

I doubt their captcha shit is going to work except in "kosher" browser.
Also I use anti-ads hosts file from winhelp2002.mvps.org/hosts.htm with some custom additions, to keep facebook, google, youtube, twitter anrd related clutter out of my face when I'm browsing random websites.

rollan in shit thread

Dude don't bother trying, it's not worth the time

It's Cloudflare actually, not a.is. I mean cloudflare-nginx is in the fucking server headers.
Try spoofing your UA as the current stable version of chrome(ium) or firefox or something.

Google Analytics is pretty common you know. Tons of people legit just use it for what's written on the tin. In any case it's not like you're forced to "participate" in it.

Whoo, that was tough.

asian niggers are japanese though

The noscript fallback captcha will work so long as your browser supports iframes and your machine has some method of viewing images. Links2 and elinks will work last I checked, but by all means keep going on about how (((the man))) is trying to keep you down.

It's not about oppressions, it's about how I don't feel like jumping through a bunch of hoops to see archive site when I could easily browse most news sites just fine with even Lynx (except user comments that often need javascript). So since now they mostly only post archive links, I don't bother to read any of that anymore.

And yet Holla Forums will consistently claim that the only reason you hate them is because of false flags, not because they've steadily become more retarded and paranoid.