nitter.net has disappeared #1150
Comments
|
nitter.net is unavailable because Njalla (domain vendor) suspended my account. I'm waiting for them to respond. |
Thx for the quick answer, I was a bit worried as the website hasn't been available for the whole day |
|
Hope this gets resolved! |
|
Any idea as to why they may have done that? |
|
We need to know if Twitter is whining to domain vendors about Nitter instances. |
|
in the meantime add 185.246.188.57 nitter.net to your hosts file and you can still use it |
|
That gets a login request on an otherwise blank/white page |
|
That IP works. You can't, however, go to https://$ip/ as that'll cause your browser to send the IP in the Host: header, which means the server won't dispatch the request to nitter.net. You need to do something like add it to your hosts file. |
|
Do you people not read? "in the meantime add 185.246.188.57 nitter.net to your hosts file and you can still use it" add |
|
Someone without a relatively thorough understanding of webhosting will go to https://$ip/, get an error, and then conclude that the IP is wrong. Since the IP is wrong, why go to the effort of modifying a hosts file to something wrong? Anything related to name resolution you'll just have to explain three times. |
|
I was about to try the raw IP itself lol |
|
When using DNS over HTTPS in Firefox, /etc/hosts is ignored by the browser. I consider this
a nuisance side effect of forcing any ISP surveillance to use raw IP addresses and look them
up themselves (which automated snooping may not bother with) as it makes blocking things
like Facebook, Google, and their embedded content more difficult.
|
|
How do I stop Firefox from redirecting 185.246.188.57 to https://185.246.188.57 with DNS over https engaged? Also I finally got Firefox to at least show just the IP address in the address bar but got error 401 "authorization required." Webhosting I know little about, BTW. EDIT: same with browsers, mostly I know how to block things like trackers and ad networks, and not to use Chrome for anything,. |
|
|
Just disable DNS over HTTPS and give it another go |
|
@lukefromdc In Firefox, I believe you can set |
|
Yeah added to hosts file on macos, and seems to be working with Chrome |
|
@lukefromdc @stopmotio someone filed a complaint to Njalla about unconsensual nudity being hosted on nitter.net, with a link that actually came from another instance. It's the first time I've ever gotten any semblance of a takedown request via Njalla, so I didn't think much of it when I got an email with the subject "Njalla: New Message", and the body just being a link, while traveling. A couple days later and one more email, they just suspended the account. I only found out when nitter.net became unreachable. |
|
These are the two emails I received prior to suspension: Hetzner at least included plenty of information about the urgency and the full report information, until they gave up and suspended my account. Njalla's handling of this is amateurish at best. Here's the actual support message: A funny thing to note here is that the image link, which first points at nitter.it, is a /enc/ link which only gets created by Nitter if the instance admin enables base64 link encoding for media proxying. This is not enabled for nitter.net, so I know for a fact someone copied an image from another instance (presumably nitter.it), changed the domain, and sent a complaint to Njalla. |
That means they suspended your account without properly investigating the complaint. There are a great many classes of dispute where innuendo and fake complaints about everything from copyright to CSAM are used to silence an opponent. Elon Musk may consider all of Nitter an opponent worthy of this-or it could be some chump doing it for laughs but that seems awful convenient to me. Also, doing ANYTHING permanent and non-revocable because you didn't have staff on call to service all messages within 24 hours is very unreasonable. |
|
https://nitter.it/ does seem to be working, though you do have to click through an expired certificate warning. Given what Nitter is used for, I am assuming TWITTER is the host of any nonconsensual nudity found via any nitter instance. |
|
It's really funny that people here and on Hacker News hypothesize that Twitter is behind this. In fact, Twitter couldn't care less. If they did, they won't bother sending takedown requests, they would just block Nitter on their end, which should be easier for them and which is something they are entirely in their right to do. |
|
@zedeus Might be time to create some backup domain names? Wonder if it's also useful to use a registrar that doesn't roll over to random takedown requests too? (easydns.com springs to mind, but there are probably others) |
They've tried repeatedly to block nitter 🤣 if you don't know what you're talking about then don't talk |
Twitter cares since Nitter is growing and making Twitter losing ad revenue and also losing possibility for Twitter to merge statistics with other sources and sell your information to others. But going from these facts into some conspiracy theory that Elon Musk himself have an evil plot on how to shutdown Nitter well... is a bit far fetch to say the least. Could simply be verified if the URLs in question works when going directly to Twitter or not. If they are blocked going through x.com but not when proxied through Nitter (unless some cache at Nitter) then we can turn the conspiracy theory into a reality. Workaround is to pick another mirror for now: Other status for when the downtime started (depending on timezone in the night between saturday and sunday 13-14 january 2024): https://updownradar.com/status/nitter.net Regarding the domain itself what should be fixed is to use a:
That is vendors who doesnt shit bricks due to some complaints but rather find out whats really going on and in this case the solution would probably have been to let nitter.net refresh its caches (for the case where the URLs have already been removed at the source which is Twitter/X) or if needed add these URLs to a blacklist in case Twitter itself dont block these. |
Already exists, take a look at https://status.d420.de/ for mirrors and their status. |
welcome to 2024. political pressure will make any of them snap. there is no such thing as a 'proper registrar' anymore. njal.la is just a proxy (we use them too but I'm definitely moving after this). we use porkbun which has been stable and in the event a friend had his domain taken they were not at fault and tried to help him recover it. epik was okay until they had their entire database leaked. this is the same issue people right of center politically speaking have been fighting for the last 7 years. the walls are closing in on any and everything and it's only going to get worse from here |
If I worked at Twitter and my task were to block Nitter, the first thing I would do is to write a script that gets IPs of all Nitter instances, and adds them to a block list. The second, if Nitter started using proxies, would be to make a script that requests a random nonexistent ID through every instance, and block all IPs that happen to request the same ID from Twitter. Since Twitter hasn't done any of this, I conclude that they aren't really trying to block Nitter. |
|
|
|
It's back! (for now) |
Then you will unfortunately have to look at how others does this. For example Piratebay seems to currently use Namebright as registrar. |
|
again, njalla is a proxy. njalla registers (or maintains registration) on your behalf with registrars they work with. if njalla gets a complaint about your domain, in this case from tucows about CSAM on nitter.net they are legally obligated to forward it and follow up. njalla is charging people extra to act as a proxy so they dont have their info exposed. it's run by ex-or-current pirate bay people who seem to want nothing to do with it. we had a run in with them in regards to tucows in 2021 and njalla assured me what happend with nitter today was not something that would ever happen so I've begun the migration process and suggested the ~8k people following me to do the same if they have any njalla domains |
Does not compute... its runned by someone who want nothing to do with it? Again, there are 3 parties here in the supply chain which you must choose carefully:
|
|
What is "tucows"? |
one of the oldest registrars in north america. in this case, njalla is acting as a proxy registering or maintaining registration for domains via tucows (tucows.com) you can see this via |
|
Have you discerned if this was Tucows or the NIC? Njalla says it was the responsibility of .ORG's NIC, but you're on .NET which is owned by Verisign, while .ORG is managed by the Public Interest Registry. If you do find out, please let us know. |
|
Njalla has responded. Good ending I guess, but they clearly didn't enjoy the negative publicity. |
|
I think the the "New message" title policy is very reasonable but they should tweak it a bit to inform the user the message requires urgent action. |
|
Simply adding the words "urgent" or at this level maybe "emergency" should be generic enough to protect privacy while getting the urgency of the situation across. Fighting CSAM and nonconsensual nudity is time-sensitive as this stuff spread so fast. Important thing here is nothing irreversible was done in the process of attempting to take the safest course, had it been impossible to reach support or the issue been blown off this would have been an entirely different matter. Twitter themselves also needs to be on the ball about actually hosting this stuff, but Musk has fired so many staffers this might be impossible. |
|
If your email address has been seized by the government you probably deserve what's coming to you. It's not Njalla's responsibility to keep that data safe, and even if it was they're arguably making it worse than if they hadn't intervened |
That wasn't a very smart take given what the government does in China, Russia and even Europe nowadays. |
Fair, but IMO those safeguards ought to be optional |
@lukefromdc I would agree, but in this case the link wasn't generated by nitter.net so the image would've still been shown if you found the tweet. Also, getting one of dozens of Nitter instances to block one image url is not preventing any spread at all. It would be like contacting VPN or proxy providers to block links. Thankfully Njalla understood this and took note of their mistake. |
|
Any chance a Nitter user saw the offending content, passed the link to a well-meaning friend for action, and that person didn't realize the content was actually on Twitter and Nitter is just an alternative frontend? |
|
CSAM is a tool to shut down small websites. There are numerous small platforms (including privacy proxies like Nitter, imageboards like 4chan, even large websites like Omegle) which have closed down due to an inability to moderate CSAM. Big companies have access to paid-for filtering from Microsoft's PhotoDNA or Cloudflare's CSAM Scanning tool, but if you don't have access to those programs, you're just out of luck. It is a very serious emergent threat. I would not be surprised if someone upset at Nitter's existence (insert your own conspiracy theory) uploaded it on Twitter, immediately accessed it on Nitter, and then reported it themselves. Nothing stops a person from doing so. |
|
I don't believe so. They specifically took a nitter.it link and changed the domain to nitter.net |
|
In any case, your provider has stated they have made note not to do it again, therefore we can close this issue now |
|
I don't see any issue with how Njalla dealed with the situation. The only problem I see is unwarranted vitriol against a perfectly reputable domain registrar proxy that has been regarded for many years as one of the best for privacy. My experience with Njalla has been excellent, and their conduct has exceeded expectations. Their attitude toward legal complaints is both hilarious (in a good way) and professional, since they play by the rules but they're not pushovers. Their formal writing and PR skills could use some improvement, though. While PorkBun sounds interesting, I've never used it, but the last thing I would do is move to whatever a "proper registrar" means. EDIT: It looks like they require personal information, I'm not really sure why porkbun is being considered here. WHOIS privacy means nothing to me. |
|
Personally, I would like more confidence that Njalla will let you transfer away any domains that they suspend or don’t want to host. |
|
I certainly would not want to run something like this with my legal name etc on it, so I agree
with the decision not to use a "proper registrar."
|
The issue is that they want their bad behaviour to be erased from the history... Edit: Many TLD's have also recently changed their terms of service to ban proxied contacts. Which is another risk since then the proxyservice is the one owning the domain and not you. As in you will not be able to force a transfer etc if needed. But now we are getting a bit off-topic :-) |
|
Consider the heat they'd get if they ignored a complaint about CSAM from a site actually
hosting it, leaving it showing for say, a week.
|
Their behavior was perfectly justified and they did exactly what they should have done, plain and simple. I wouldn't expect anything more from them. I don't want to use a registrar that breaks the law, and what they did was clearly in line with the law. The bad behavior comes from the person who reported it (who apparently manipulated the domains so as to blame nitter.net), and also (probably) tucows or the NIC or whoever requested njalla to take action.
I don't know about anyone else, but I see no justification for using a registrar that forces you to provide your identity when there are alternatives (good ones) that allow you to set up a domain anonymously. I value my privacy enough that I wouldn't even own a domain if I had to provide my identity. I'd rather use something like SimpleLogin, even it means using them for accounts that are really important. |
|
Again, forwarding complains is nothing now. Problem here is that they are trying to erase history that they misbehaved. |
|
We need to assume that there is no perfect registrar |
and others
This isn't an issue with nitter software, but I'm getting the following:
Hmm. We’re having trouble finding that site.
We can’t connect to the server at nitter.net.
When attempting to navigate to Twitter's user pages via nitter.net.
Comparatively, has the DNS registration disappeared? (The registration is valid until 2024.08.06, according to a whois lookup)
nslookup twitter.com
Non-authoritative answer:
Name: twitter.com
Address: 104.244.42.65
Name: twitter.com
Address: 104.244.42.1
Name: twitter.com
Address: 104.244.42.129
Name: twitter.com
Address: 104.244.42.193
nslookup nitter.net
Non-authoritative answer:
*** Can't find nitter.net: No answer
The text was updated successfully, but these errors were encountered: