This particular addon is blocked on most western git servers, but can still be installed from Russian git servers. It includes custom paywall-bypassing code for pretty much every news websites you could reasonably imagine, or at least those sites that use conditional paywalls (paywalls for humans, no paywalls for big search engines). It won't work on sites like Substack that use proper authenticated content pages, but these sorts of pages don't get picked up by archive.today either.
My guess would be that archive.today loads such an addon with its headless browser and thus bypasses paywalls that way. Even if publishers find a way to detect headless browsers, crawlers can also be written to operate with traditional web browsers where lots of anti-paywall addons can be installed.
Wow, did not know about the regional blocking of git servers! Makes me wonder what else is kept from the western audience, and for what reason this blocking is happening.
Thanks for sketching out their approach and for the URI.
Most of them don’t check the IP, it would seem. Google acquires new IPs all the time, plus there are a lot of other search systems that news publishers don’t want to accidentally miss out on. It’s mostly just client side JS hiding the content after a time delay or other techniques like that. I think the proportion of the population using these addons is so low, it would cost more in lost SEO for news publishers to restrict crawling to a subset of IPs.
Curiously, this isn't the first time archive.today was implicated in a DDoS. A HN post from three years back shows some pasted snippets of similar XmlHttpRequest code running on archive.ph (an archive.today synonym site). Post link: https://news.ycombinator.com/item?id=38233062
On that occasion, the target of the attack was a site named northcountrygazette.org, whose owner seems to have never become aware of the attack. The HN commenter noted when they went to the site manually it was incredibly slow, which would suggest the DDoS attempt was effective.
I tried to see if there was anything North Country Gazette had published that the webmaster of archive.today might have taken issue with, and I couldn't find anything in particular. However, the "Gazette" had previously threatened readers with IP logging to prosecute paywall bypassers (https://news.slashdot.org/story/10/10/27/2134236/pay-or-else...), and also blocks archivers in its robots.txt file, indicating it is hostile towards archiving in general.
I can no longer access North Country Gazette, so perhaps it has since gone out of business. I found a few archived posts from its dead website complaining of high server fees. Like the target of this most recent DDoS, June Maxam, the lady behind North Country Gazette, also appears/appeared to be a sleuth.
Great work! This is seriously addictive.
I did some QA for you (after playing the game for more hours than I'd like to admit):
- Bristol Airport (bus station) is somehow located in Milan. This makes it possible to get a £6 ticket to the stop after Bristol Airport on the Bristol-Plymouth route. Then when you see the bus glitching its way towards Milan you can cut the journey short before passing Bristol Airport, and hey presto you're in Milan. Likewise, it's possible to get buses from this weird station in Milan directly to England, which is a bug.
- You make things easier for cheaters by printing the game start params to the console when users select one of the two/three starting options. Cheaters can just store the printed variable as a global var, set the end coordinates to be directly next to the finish line, and win the game in seconds. It would be best to introduce some basic cheat-detection: overall duration too short, velocity too high, too little money spent, etc. Best solution would be to do more things on the backend like logging game start and end times.
- Users are able to click on any bank to change currency, even if it's on another continent. Even if this is blocked on the UI, it can still be done in DEV tools.
- Likewise, players are able to use hotels anywhere, not just hotels in their vicinity.
- It seems you switch the currency for taxis only when the country officially changes. So, when there are glitches with this territorial transition sometimes the currency doesn't change. E.g. when I got a bus to Milan's "Bristol Airport" stop (from Bristol, England) I was then able to book taxis in GBP regardless of being in Europe.
- When you change timezones, fast-forwarding to your next departure can sometimes cause the game clock to go backwards by up to 1 hour. I was able to use this glitch to scrape an hour off my time at each stop on the continent.
- I noticed some people using nicknames like AdolfHitler in the leaderboard. I would consider running usernames through a character-level sentence transformer to calculate similarity to some banned usernames (there might even be a pre-trained transformer for offensive language, allowing you to classify usernames as allowed/offensive). The username field could otherwise become a shitshow of abuse and advertising spam if there are no restrictions placed here.
- Banks should close after 5pm and open at 9am.
- Seeing as most of the routes start on the island of Ireland, I'd recommend adding Cork ferry port (Ringaskiddy). It's a major connection to France and has some seasonal ferries to Spain also.
- Maybe remove the icon for tram stations until that functionality is available.
- Might be nice to allow players to see the timetable for other stations along their current route. I get that making all timetables visible might ruin the fun, but it's possible to hop off early at the next station anyway if you're quick enough to click into the station while approaching, pause the game, read the timetables, and hop off if appropriate. This style of play would definitely require some dev tools usage so might as well democratise access to timetables to all players.
- When a player begins to move along the route, I think it would be nice if the game speed accelerated proportionally to the length of the route. Going from 1x speed to 100x speed for a walking route is often instant for example, which removes the opportunity for players to use that walking time to think of their next move.
- Some train routes have strange, unrealistic detours, like the train from Edinburgh to Plymouth, it randomly turns east for a 100 miles near Leads before going back towards Leeds to resume its journey along the original direction. You could potentially detect these jagged turns in your route files automatically using some maths.
- Might be nice to integrate sailrail tickets. These allow travellers to go from any station in Ireland to any station in the UK for under 70 EUR usually.
- There's a great app called OSMAnd which provides offline public transport routes and direction routing for the entire globe. Although the app costs money I believe all the code is open source and I presume the data is publically accessible. You could potentially use this data to flesh out the routes and timetables in your game, and to make the contours between points on the route realistic as opposed to the current zig zag lines.
Great feedback. On the Inverness to Gibraltar race the leaderboard has impossible times, including some negative numbers. According to Google Maps the best time is 1 day 8 hours, but this requires leaving Inverness at 6:44. The race starts at 9:00. Then the earliest arrival time in Paris is 22:19. According to Google Maps the best time from Paris to Gibraltar at this time of night is 1 day 2 hours. Despite all this, there are several 1 day records. The best I can do is 2 days 5 hours. Of course I may be missing some better route, but I suspect cheating, especially from names like AdolfHitler.
This particular addon is blocked on most western git servers, but can still be installed from Russian git servers. It includes custom paywall-bypassing code for pretty much every news websites you could reasonably imagine, or at least those sites that use conditional paywalls (paywalls for humans, no paywalls for big search engines). It won't work on sites like Substack that use proper authenticated content pages, but these sorts of pages don't get picked up by archive.today either.
My guess would be that archive.today loads such an addon with its headless browser and thus bypasses paywalls that way. Even if publishers find a way to detect headless browsers, crawlers can also be written to operate with traditional web browsers where lots of anti-paywall addons can be installed.
reply