's Wayback Machine is legit legal evidence, US appeals court judges rule

Big thumbs up to Internet Archive for now

Analysis The Wayback Machine's archive of webpages is legitimate evidence that may be used in litigation, a US appeals court has decided.

The second circuit ruling [PDF] supports a similar one from the third circuit – and, taken together, the decisions could pave the way for the Internet Archive's library of webpages to be considered evidence for countless future trials.

The second circuit, based in New York, was asked over the summer to review an appeal by an Italian computer hacker in which he sought to exclude screenshots of websites run by him that tied him to a virus and botnet he was ultimately convicted over. Prosecutors had taken screenshots of his webpages from the Internet Archive and used them as trial evidence – and he wanted the files thrown out.

Fabio Gasperini argued that the presented Wayback Machine archives of his webpages were not adequately authenticated as legit and untampered, and so shouldn't have been included in his criminal trial. He cited a decision by the second circuit to argue his point, noting that in a 2009 case, the appeals court had agreed with a lower district court decision to exclude screenshots of Wayback Machine snapshots because their authenticity could not be proven.

However, the second circuit argued that its decision in that earlier case was over whether the district court had made an error in excluding the screenshots of the archived pages, and it decided only that the court had followed its rules and so had not made an error. In other words, it didn’t make a determination over the validity of the snapshots themselves, only whether the process had been followed.

In the Gasperini case, however, the second circuit noted that the prosecution had included testimony from the Internet Archive's office manager, "who explained how the Archive captures and preserves evidence of the contents of the internet at a given time."

The Wayback Machine works by crawling over the web with bots that automatically fetch as many pages as they can find and store it all in a searchable public database, effectively snapshotting the world's websites on a given day. For instance, if you want to see what The Register looked like in 1998, go right ahead.

The manager also testified that the prosecution's screenshots of the Wayback Machine's archive of Gasperini's webpages really did match the contents of the Internet Archive. And, combined, this created a sufficient degree of authenticity. Gasperini's lawyers were also able to cross-examine the office manager, the appeals court noted.

Take two

The appeals judges' decision reflected a similar one back in 2011 by the third circuit (United States v. Bansal) where a witness testified "from personal knowledge" how the Wayback Machine worked and how reliable it was. The court decided this provided "sufficient proof" that its mirrored pages were authentic.

Taken together, this latest decision gives a strong foundation for the Wayback Machine to be seen as a legit source of future evidence – something that is likely to become ever more important as the internet continues to pervade all aspects of our lives.

Of course, it may still be the case that if a prosecution does not have an Internet Archive staffer to act as a witness in a case to explain the process by which it takes a snapshot and testify the screenshots were not faked, the material could be thrown out at a later date. But assuming that the Internet Archive continues to use the same system as it does now, it could arguably meet the standard for criminal evidence in certain circumstances.

The Internet Archive in San Francisco

Inside Internet Archive: 10PB+ of storage in a church... oh, and a little fight to preserve truth


At some point, we imagine, it will no longer be necessary for there to be a witness, and the Internet Archive will stand up as a wholly legitimate source of past online activity.

As for the case itself, back in 2014, Gasperini managed to infect more than 150,000 computers – most of them in the US – with malware he created that exploited an unpatched hole in storage devices running QNAP's software.

It then installed malware that did five things: set up a super-user account; patched the hole; stole system username and passwords; send clicks to online ads; and scanned for other computers to create a botnet to be used for future denial-of-service attacks.

Prosecutors found a range of evidence against Gasperini. It tracked the servers hosting the malware back to him and found a test copy of the virus in his personal email. But a key part of the evidence was that websites hosting advertisements that his malware clicked on were registered under his name – as were the advertising deals he cut for those ads.


That's where the snapshots of what those websites looked like in the past came into play, especially after Gasperini was able to delete his Google email account and his Facebook account after his arrest and somebody – presumably under his instruction – also found and erased his hard drives at his home. The archives effectively acted as business records.

Gasperini was charged with computer intrusion with intent to defraud, wire fraud and money laundering. After a seven-day jury trial, he was acquitted of the felonies but was convicted of computer intrusion. At sentencing, the judge said the government had proven that Gasperini had committed the felony offenses and considered that when calculating his punishment: 63 to 78 months in jail. His sentence was capped at one year in jail, however, since he was only convicted of a misdemeanor.

Gasperini appealed that conviction, arguing three things: that the law under which he was convicted was too vague because the terms "access", "authorization" and "information" were not defined and the definition of "protected computer" is overbroad; that the Italian police were acting under the instruction of US police when they raided his house and so should have followed American standards for search; and that the Wayback Machine's snapshots should not be accepted as evidence.

The appeals court rejected all three arguments. ®

Other stories you might like

  • LGBTQ+ folks warned of dating app extortion scams
    Uncle Sam tells of crooks exploiting Pride Month

    The FTC is warning members of the LGBTQ+ community about online extortion via dating apps such as Grindr and Feeld.

    According to the American watchdog, a common scam involves a fraudster posing as a potential romantic partner on one of the apps. The cybercriminal sends explicit of a stranger photos while posing as them, and asks for similar ones in return from the mark. If the victim sends photos, the extortionist demands a payment – usually in the form of gift cards – or threatens to share the photos on the chat to the victim's family members, friends, or employer.

    Such sextortion scams have been going on for years in one form or another, even attempting to hit Reg hacks, and has led to suicides.

    Continue reading
  • 5G C-band rollout at US airports slowed over radio altimeter safety fears
    Well, they did say from July, now they really mean from July 2023

    America's aviation watchdog has said the rollout of 5G C-band coverage near US airports won't fully start until next year, delaying some travelers' access to better cellular broadband at crowded terminals.

    Acting FAA Administrator Billy Nolen said in a statement this month that its discussions with wireless carriers "have identified a path that will continue to enable aviation and 5G C-band wireless to safely co-exist."

    5G C-band operates between 3.7-3.98GHz, near the 4.2-4.4GHz band used by radio altimeters that are jolly useful for landing planes in limited visibility. There is or was a fear that these cellular signals, such as from cell towers close to airports, could bleed into the frequencies used by aircraft and cause radio altimeters to display an incorrect reading. C-band technology, which promises faster mobile broadband, was supposed to roll out nationwide on Verizon, AT&T and T-Mobile US's networks, but some deployments have been paused near airports due to these concerns. 

    Continue reading
  • IBM settles age discrimination case that sought top execs' emails
    Just days after being ordered to provide messages, Big Blue opts out of public trial

    Less than a week after IBM was ordered in an age discrimination lawsuit to produce internal emails in which its former CEO and former SVP of human resources discuss reducing the number of older workers, the IT giant chose to settle the case for an undisclosed sum rather than proceed to trial next month.

    The order, issued on June 9, in Schenfeld v. IBM, describes Exhibit 10, which "contains emails that discuss the effort taken by IBM to increase the number of 'millennial' employees."

    Plaintiff Eugene Schenfeld, who worked as an IBM research scientist when current CEO Arvind Krishna ran IBM's research group, sued IBM for age discrimination in November, 2018. His claim is one of many that followed a March 2018 report by ProPublica and Mother Jones about a concerted effort to de-age IBM and a 2020 finding by the US Equal Employment Opportunity Commission (EEOC) that IBM executives had directed managers to get rid of older workers to make room for younger ones.

    Continue reading
  • Misguided call for a 7-Zip boycott brings attention to FOSS archiving tools
    It's good to highlight some alternatives, but security issues are overblown

    Analysis A blog post calling for a boycott of the well-known 7-Zip compression app is attracting some discussion on Reddit.

    However, it seems criticism for Igor Pavlov and his FOSS compression app 7-Zip is somewhat overblown and may reflect the anti-Russian sentiment of the times.

    7-Zip has been around since 1999 and in that two-decade span there have been more widely used Windows compression tools (WinZip and WinRAR, in particular) they are shareware, so try-before-you-buy versus free.

    Continue reading
  • Toyota, Subaru recall EVs because tires might literally fall off
    Toyota says 'all of the hub bolts' can loosen even 'after low-mileage use'

    Toyota and Subaru are recalling several thousand electric vehicles that might spontaneously shed tires due to self-loosening hub bolts. 

    Toyota issued the recall last week for 2023 bZ4X all-electric SUVs, 2,700 of which are affected, the automaker said. Subaru is recalling all-electric Solterras, which were developed jointly with Toyota and have the same issue, Reuters reported.

    Japan's auto safety regulating body said "sharp turns and sudden braking could cause a hub bolt to loosen," Reuters said, though it's unknown if any actual accidents have been caused by the defect. In its recall notice, Toyota said "all of the hub bolts" can loosen "after low-mileage use," but said it was still investigating the cause of, and driving conditions that can lead to, the issue. 

    Continue reading
  • Alcatel-Lucent Enterprise adds Wi-Fi 6E to 'premium' access points
    Company claims standard will improve performance in dense environments

    Alcatel-Lucent Enterprise is the latest networking outfit to add Wi-Fi 6E capability to its hardware, opening up access to the less congested 6GHz spectrum for business users.

    The France-based company just revealed the OmniAccess Stellar 14xx series of wireless access points, which are set for availability from this September. Alcatel-Lucent Enterprise said its first Wi-Fi 6E device will be a high-end "premium" Access Point and will be followed by a mid-range product by the end of the year.

    Wi-Fi 6E is compatible with the Wi-Fi 6 standard, but adds the ability to use channels in the 6GHz portion of the spectrum, a feature that will be built into the upcoming Wi-Fi 7 standard from the start. This enables users to reduce network contention, or so the argument goes, as the 6GHz portion of the spectrum is less congested with other traffic than the existing 2.4GHz and 5GHz frequencies used for Wi-Fi access.

    Continue reading
  • Will Lenovo ever think beyond hardware?
    Then again, why develop your own software à la HPE GreenLake when you can use someone else's?

    Analysis Lenovo fancies its TruScale anything-as-a-service (XaaS) platform as a more flexible competitor to HPE GreenLake or Dell Apex. Unlike its rivals, Lenovo doesn't believe it needs to mimic all aspects of the cloud to be successful.

    While subscription services are nothing new for Lenovo, the company only recently consolidated its offerings into a unified XaaS service called TruScale.

    On the surface TruScale ticks most of the XaaS boxes — cloud-like consumption model, subscription pricing — and it works just like you'd expect. Sign up for a certain amount of compute capacity and a short time later a rack full of pre-plumbed compute, storage, and network boxes are delivered to your place of choosing, whether that's a private datacenter, colo, or edge location.

    Continue reading
  • Intel is running rings around AMD and Arm at the edge
    What will it take to loosen the x86 giant's edge stranglehold?

    Analysis Supermicro launched a wave of edge appliances using Intel's newly refreshed Xeon-D processors last week. The launch itself was nothing to write home about, but a thought occurred: with all the hype surrounding the outer reaches of computing that we call the edge, you'd think there would be more competition from chipmakers in this arena.

    So where are all the AMD and Arm-based edge appliances?

    A glance through the catalogs of the major OEMs – Dell, HPE, Lenovo, Inspur, Supermicro – returned plenty of results for AMD servers, but few, if any, validated for edge deployments. In fact, Supermicro was the only one of the five vendors that even offered an AMD-based edge appliance – which used an ageing Epyc processor. Hardly a great showing from AMD. Meanwhile, just one appliance from Inspur used an Arm-based chip from Nvidia.

    Continue reading

Biting the hand that feeds IT © 1998–2022