While I can get behind a lot of points in this post like "what can we do well in 60 days?" and "some problems aren't important," I shudder a little when I see that headline, when I note that the company provides SSO for enterprises, and when I then wonder about their test and QA pipeline.
I agree on both points and it's worth noting the cell phone in everyone's pocket has a lot more battery in it than a pager does.
IF this was truly done to unmodified pagers, then we ALL probably need to reconsider how we use and carry our phones and what the mAh rating on our batteries implies in the context of a similar attack.
*EDIT
Noticed this yesterday, probably going on for more than that. Makes me wonder if this is the twilight of the project. From what I heard in internet rumor that was always kind of the expectation from the person running the thing.
I did a look around to see if there are any services that duplicate the functionality but I didn't find anything terribly compelling.
I'm wondering if this might be a side effect of CGNAT. Stuffing a bunch of people into one or two ip addresses means you're sharing the IP with potentially other abusers.
And to think IPv6 has been around 20 years now....
Good theory. I wonder if that is some of it. Though I've got a dedicated IP from my local co-op ISP and I'm pretty sure I haven't done anything offensive. The issues from other users makes me really wonder if this is the death throws of archive.* and how in the world am I going to read all these newspapers I don't want to pay for now.
From my experience certain IP addresses are now less privileged than other IP addresses.
It worked for me up until I changed my ISP. Captchas usually use the IP address to determine how difficult to make the challenge. Abusive ip ranges get worse experiences than others.
That makes sense. My VPN testing affirms it. Houston node doesn't work, Atlanta node does. I guess someone decided my IP range warranted extra attention. Though that still doesn't quite square with what I'm seeing; it's feels like the CAPTCHA is broken.
All I have to base that on is when I click on the checkbox sometimes no images load and it checks and then unchecks. Sometimes I seem to get the "hard set" though I think I missed part of the boat or something. I've been able to run through enough fails that I'd expect to get the hard set but don't. Which makes me think it isn't actually working right...
I'm calling the "hard set" those images they give you that are super extra grainy.
I'm almost curious enough to see what I can divine from inspecting their network requests but I have a hunch they have a vested interest in making that annoying.
Or maybe there are way more CAPTCHAs to click through than I'm thinking. To anyone: What is the highest number of CAPTCHAs you've clicked through and actually got a site, any site, to load at the end? I'm legit curious at this point.
Leaving this here in case anyone runs into this. By putting chrome into incognito mode I am able to access archive.ph. Normal profile gets infinite CAPTCHA.
So I'm thinking messed up cookies or extensions and IP reputation stuff are probably the root of this.
Edit:
cookies or extensions based on testing with chrome normal vs incognito on the same host
IP reputation based on testing with VPN using the same browser
So CGNAT is exactly what it is. I tried using it through a VPN and it worked great. But through T-Mobile Home internet it doesn't work at all.
That IP you're using is being shared with bots and other malware to attack sites. So instead of trying to filter out all the potential attacks through things like fail2ban, etc. what archive.is is doing is to just block entire ip address ranges.
I'd never looked into CGNAT so that is really interesting, and yeah, yuck.
From what I can tell though I'm able to get to a webserver running on my local machine and hosted off my public IP through a paid VPN. That indicates to me I am not behind CGNAT from what I understood of the wikipedia.
Are you using Firefox? I've noticed certain website operators show lots of CAPTCHAs if you have tracking protection turned on, you're not logged in to a Google Account, or you've deleted your cookies.
What are you going to do, NOT accept card payments?
The sky high rates in the US is because fuck you, deal with it. It's pretty explicitly wealth transfer from poor people to credit card companies, with a small kickback to well off credit card users to make it popular and hard to regulate.
You don't have to be well off to not buy more than you can afford. That said, I'd be perfectly fine if CCs disappeared altogether, and limited people to only debit accounts.
Usury was forbidden by all major religions and was banned in most states until the US Supreme Court legalized it and everyone incorporated in deleware.
reply