Good job on AdGuard's end for bringing this to the Internet's attention. I especially enjoyed the unearthed details about this "N"GO's short history.
I think the e-mail exchange should've been kept short, although it is good that the owner of archive.today was eventually notified (by them) about these links in good faith to remove them. Their reply should've been the following:
"Thank you for contacting us. If you have conclusive proof of illegal behavior, you should contact police and seek legal assistance. A website's administrator is expected to adequately react to illegal actions conducted by its users, such as removing media that's breaking a law.
We have visited the URLs provided by you (https://archive[.]today/ , ...) and found no evidence to corroborate your concerns. To avoid misunderstandings, we require you to send a certified mail to <Adguards company address> before further replies on this matter."
Remember guys, it should always be certified mail (bonus points for international). And yes, I mean literal index pages as provided in the first e-mail. Play by the legal understanding of words. Be creative and break the rules to the extent of not breaking them ;)
PS: If you want to see more of "funny replies" you should read Njalla's blog (<https://njal.la/blog/>) and TPB's infamous e-mail replies.
“You sent claims of CSAM hosted on someone else’s servers and we decided to download it.”
Hell no. I don’t want to see that and I don’t want it being ingested into systems I control. Of all the stuff here, “download some supposed CSAM to see if it’s real” is the absolute worst advice I can imagine.
Note that association's site is made from this free template [1] with minimal editing (can see it using diff). The web hosting account at name.com (prices starting from $5/year) was registered around Jan 12, 2025 [2]. The page also contains commented out section with a part of French mobile phone number and words "Emergency Standard" (the template contained fictional number here):
Quite possible that's just some bureaucrats kids running that site in exchange for EU grants. In fact in couple of countries that's precisely the case.
Probably not EU grant bureaucrat nepotistic corruption: all we have so far is A) FBI involvement B) el cheapo fake organization, claiming they are French, with a lowrent pressure campaign on behalf of commercial entities.
Smells like freedom fries to me (am American myself)
I don't know anything about Adguard, but good on the team for doing the extra digging instead of just going along with the claim. Even better that they're sharing what they've found with everyone else.
As a satisfied customer, I just recommended their adblockimg DNS on here a few days ago but am happy to do it again. If you really don't want to install anything, at least adblock at the DNS level. https://adguard-dns.io/en/welcome.html
> doing the extra digging instead of just going along with the claim.
That's the intention of intermediary liability laws - to make meritless censorship be the easy, no-risk way out. To deputize corporations to act as police under a guilty-until-proven-innocent framework.
The Ministry of Truth simply doesn't want unaccounted and uncontrolled snapshots of history. Too much hassle steering the narrative regarding any surfacing truth-now-meant-to-be-lies and vice versa into fake news territory, discrediting by association, cranking up troll farms.. Much easier to make this inconvenience disappear with the due cooperation from the controlled outlets of information.
Then they will come after our local storage, and making it prohibitively expensive is the least malign way they can come up with.
Archival sites could let you download cryptographically signed copies of the archived pages. If they get removed from the archival site, the authenticity of your local copies can still be attested.
Storage media and authenticity have zero overlap in the venn diagram. Authenticity is a cryptological feature of the internet, not a topological one.
The reason you believe that you're reading something on news.ycombinator.com right now is not the path by which the bytes were copied from one interface to the next before getting to you, but the certificate and signature that confirms you have a valid HTTPS connection.
If the archive.today contact is telling the truth, then this implies that WAAD had collected links containing CSAM and chose not to contact the person who could best get rid of the material. I think it implies either:
1. WAAD has developed a good way of detecting CSAM, but is ok with the CSAM staying available longer than it needs to, and remaining accessible to a wider audience than needed, in order to pursue their ulterior motive. In this case, they could be improving the world in some significant way, but are just choosing to do something else.
2. WAAD has intentionally had archive.today index CSAM material in order to pursue their ulterior motive.
Of course, option 2 is _much_ more damning than option 1, but I feel both are really bad, and naively I'd still expect option 1 to be illegal. If you know of a crime and intentionally hide it, that seem illegal.
A few weeks ago I noticed DNS4EU couldn’t resolve archive.is and assumed it was just a configuration mistake. I emailed them about it, and after a couple of days or weeks (not really sure) the domain started resolving again. Given AdGuard’s recent report about suspicious pressure on DNS providers to block Archive.today, I’m starting to wonder if DNS4EU’s temporary block was actually related to the same campaign
member of DNS4EU ops team here - This was not the case, we had reachability issues with the authoritative servers of archive.is and had to reach out to the team to allow our source IPs.
>The archive.is owner has explained that he returns bad results to us because we don’t pass along the EDNS subnet information. This information leaks information about a requester’s IP and, in turn, sacrifices the privacy of users.
Someone asked the archive.is owner why he does this in the past. It's because of similar situations to this one where someone who wants to get archive.is taken down uploads illegal content, requests archive.is to save it, and immediately reports archive.is to their country's legal authorities. His solution to this is using the EDNS information to serve requests from the closest IP abroad, so any takedown procedure requires international cooperation and therefore enough bureaucratic overhead that he gets notified and has time to take the content down. https://news.ycombinator.com/item?id=36971650
I also find the "we don't want to leak a requester's IP" explanation for blocking EDNS to be suspect. The way DNS works is that you ask for the IP address for a domain name, you get the IP, and then you connect to it. With Cloudflare's DNS, the server doesn't know your IP when you do the DNS lookup, but that doesn't matter because you're connecting to the server anyway so they'll still get your IP. Even if you're worried about other people sniffing network traffic, the hostname you're visiting still gets revealed in plaintext during the SNI handshake. What Cloudflare blocking EDNS does do is make it much harder for competing CDNs to efficiently serve content using DNS based routing. They have to use Anycast instead, which has a higher barrier to entry.
Am I crazy or did those WAAD guys themselves just link the public to potentially illegal content?
As of writing, they have a public response hosted on their website, including screenshots of emails to/from Google with URLs that Google agreed to remove. WAAD censored out the URLs, except they didn't actually because whatever paintbrush tool they used didn't have the opacity maxed out.
I'm not looking up those URLs to find out.
edit: They also leaked the Adguard admin's email, which WAAD complained about being the victim of.
How can you even sue without any legal identity? This website and an organisation does not happen to have any.
Might as well be some shell company in the Carribeans with no legal standing in France. It's not even good enough for public prosecution, as the tip would then go through French services.
This law is completely backwards, and worse than a SLAPP. If you cannot respond to a report in any way, it should be null.
Some good ones:
- United States v. One Solid Gold Object in Form of a Rooster
- United States v. 11 1/4 Dozen Packages of Articles Labeled in Part Mrs. Moffat's Shoo-Fly Powders for Drunkenness
- South Dakota v. Fifteen Impounded Cats
> How can you even sue without any legal identity?
The images of the various messages on the adguard page are not lawsuits.
They are threatening messages that threaten to create legal issues, but until and unless they carry through on the threats, are simply "threats" to the extent we've been given any visibility into the messages contents.
In the U.S., “John Doe” is typically used when cannot (yet) identify the person to name as a defendant. Once the case is filed then the plaintiff can execute the necessary subpoenas to identify the defendant specifically.
Readit News
I think the e-mail exchange should've been kept short, although it is good that the owner of archive.today was eventually notified (by them) about these links in good faith to remove them. Their reply should've been the following:
"Thank you for contacting us. If you have conclusive proof of illegal behavior, you should contact police and seek legal assistance. A website's administrator is expected to adequately react to illegal actions conducted by its users, such as removing media that's breaking a law.
We have visited the URLs provided by you (https://archive[.]today/ , ...) and found no evidence to corroborate your concerns. To avoid misunderstandings, we require you to send a certified mail to <Adguards company address> before further replies on this matter."
Remember guys, it should always be certified mail (bonus points for international). And yes, I mean literal index pages as provided in the first e-mail. Play by the legal understanding of words. Be creative and break the rules to the extent of not breaking them ;)
PS: If you want to see more of "funny replies" you should read Njalla's blog (<https://njal.la/blog/>) and TPB's infamous e-mail replies.
“You sent claims of CSAM hosted on someone else’s servers and we decided to download it.”
Hell no. I don’t want to see that and I don’t want it being ingested into systems I control. Of all the stuff here, “download some supposed CSAM to see if it’s real” is the absolute worst advice I can imagine.
Deleted Comment
[2] https://web.archive.org/web/20250112153727/https://webabused...
Author of response PDF to Adguard: someone named "bob"
Uses Microsoft and Office 365
RNA number W691110691.
Was declared on February 15, 2025, and published in the Journal Officiel on March 18, 2025
Headquartered at 131 rue de Créqui, 69006 Lyon 6 in the Auvergne-Rhône-Alpes region, specifically in the Rhône department.
Publication number: 20250011, announcement number 1688
Yeah, that's a postal box to host compagnies.
From the article, the penalty for a false report:
> ...shall be punished by one year’s imprisonment and a fine of €15,000.
Side note, would anybody know how "easily" do political elites get off the hook in France?
Smells like freedom fries to me (am American myself)
https://github.com/AdguardTeam/AdguardFilters/issues/216586#...
I would recommend it
That's the intention of intermediary liability laws - to make meritless censorship be the easy, no-risk way out. To deputize corporations to act as police under a guilty-until-proven-innocent framework.
Deleted Comment
Then they will come after our local storage, and making it prohibitively expensive is the least malign way they can come up with.
The reason you believe that you're reading something on news.ycombinator.com right now is not the path by which the bytes were copied from one interface to the next before getting to you, but the certificate and signature that confirms you have a valid HTTPS connection.
But what does care about local storage in this brave new gaslit world is my own sanity, for one.
1. WAAD has developed a good way of detecting CSAM, but is ok with the CSAM staying available longer than it needs to, and remaining accessible to a wider audience than needed, in order to pursue their ulterior motive. In this case, they could be improving the world in some significant way, but are just choosing to do something else.
2. WAAD has intentionally had archive.today index CSAM material in order to pursue their ulterior motive.
Of course, option 2 is _much_ more damning than option 1, but I feel both are really bad, and naively I'd still expect option 1 to be illegal. If you know of a crime and intentionally hide it, that seem illegal.
Yet this is a standard way to become a wealthy lawyer.
https://www.reddit.com/r/BuyFromEU/comments/1ohekv5/updatedn...
Deleted Comment
https://news.ycombinator.com/item?id=19828317
>The archive.is owner has explained that he returns bad results to us because we don’t pass along the EDNS subnet information. This information leaks information about a requester’s IP and, in turn, sacrifices the privacy of users.
I also find the "we don't want to leak a requester's IP" explanation for blocking EDNS to be suspect. The way DNS works is that you ask for the IP address for a domain name, you get the IP, and then you connect to it. With Cloudflare's DNS, the server doesn't know your IP when you do the DNS lookup, but that doesn't matter because you're connecting to the server anyway so they'll still get your IP. Even if you're worried about other people sniffing network traffic, the hostname you're visiting still gets revealed in plaintext during the SNI handshake. What Cloudflare blocking EDNS does do is make it much harder for competing CDNs to efficiently serve content using DNS based routing. They have to use Anycast instead, which has a higher barrier to entry.
I speculate it's due to archive.today wanting granular (not overly broad) legal censorship compliance. Which is somewhat related to this post.
Deleted Comment
As of writing, they have a public response hosted on their website, including screenshots of emails to/from Google with URLs that Google agreed to remove. WAAD censored out the URLs, except they didn't actually because whatever paintbrush tool they used didn't have the opacity maxed out.
I'm not looking up those URLs to find out.
edit: They also leaked the Adguard admin's email, which WAAD complained about being the victim of.
Here from their official "presse" announcement:
https://web.archive.org/web/20251116002625/https://webabused...
WAAD seems to be reading along here. Wonder if your archive.org link now makes archive.org one of their targets.
I mean, it's well known that governments possess and distribute more of the stuff than anyone else. Government or not, not a big surprise.
This law is completely backwards, and worse than a SLAPP. If you cannot respond to a report in any way, it should be null.
Some good ones: - United States v. One Solid Gold Object in Form of a Rooster - United States v. 11 1/4 Dozen Packages of Articles Labeled in Part Mrs. Moffat's Shoo-Fly Powders for Drunkenness - South Dakota v. Fifteen Impounded Cats
https://en.wikipedia.org/wiki/List_of_national_legal_systems...
It might not be possible to do something like that in France (though I assume there are other mechanisms available in that case).
The images of the various messages on the adguard page are not lawsuits.
They are threatening messages that threaten to create legal issues, but until and unless they carry through on the threats, are simply "threats" to the extent we've been given any visibility into the messages contents.
In rem = the thing is the defendant. You're not suing a person, and you're asking the court to decide who owns or controls a specific property.
The quintessential case is United States v. $124,700
https://en.wikipedia.org/wiki/United_States_v._$124,700_in_U...
Deleted Comment
https://arstechnica.com/tech-policy/2025/02/isp-sued-by-reco...