Note: Author requested permission to post this.
this post was submitted on 11 May 2025
623 points (100.0% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
61026 readers
460 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
🏴☠️ Other communities
FUCK ADOBE!
Torrenting/P2P:
Gaming:
💰 Please help cover server costs.
 |
 |
|---|---|
| Ko-fi | Liberapay |
founded 2 years ago
MODERATORS
From the responses in this thread, it seems like OP is either a fed, or, much more likely, extremely inexperienced and naive when it comes to Opsec. At the very least, they are putting themselves at risk. Is it still advisable to leave this post up?
ty i forgot to clarify❤
Since you're maintaining a subreddit, you might want to create a comm in lemmy as well. Reddit has already taken down other piracy subs like GenP
load more comments
(3 replies)
Glad to see this initiative. A genuine question: isn't this redundant with Annas Archive?
annas archive doesnt have fast downloads for free users - downloads take around a good 30 mins for a decently sized books
bookracy aims to fix this issue
Thx for clarifying! I usually don't notice that bc I always use the external downloads. It would be rly cool to see bookracy in the external downloads of Annas Archives then!
also pls keep your humour, it's funny to see the libs get mad bc they see a "Russian Federation" tag
lmaoo ty yeah i genuinely dont understand the hate 😭 yeah annas archive soon come 😊
putting aside the obvious glowie talk someone else raised, you should really, really reconsider your opsec. And I mean, really. Using discord to communicate? And spamming Reddit, from a non-dedicated account, no less? Posting PII to justify downtimes? If this gets any traction at all, you're in deep shit. There's a good reason Anna is as anonymous as she is. Cat is out of the bag at this point, I'd recommend shutting it down. You could always continue developing the code for it, the frontend looks pretty good. But please, reconsider if you have the dedication and knowledge it takes to run a shadow library and not be caught.
Seriously, I though Lemmy users would be a little more aware of this stuff. I've seen people openly saying they want to assault federal agents and government property, and now this guy
I'd be more than a little interested to be pointed towards a guide, or even just a bullet point list, of good opsec considerations or tools for a project like this. I've got time and technical ability but don't spend a lot of time thinking about these concerns. The last thing I want is to cause myself trouble I'm not ready for, but I'd like to make a significant contribution to the community, so I want to prepare adequately.
Any guides or lists you can think of?
Becoming a provider (on any significant scale) should be treated like a second job, at least. If you want to go the silent route, you need to completely separate your daily life from the illegal stuff. Obvious stuff, like no shared email- or other accounts, but even down to no shared browser sessions. The old fashioned way is a second laptop. If you want to make an impact and contribute to the community, consider seeding torrents for some of the existing shadow libraries. Anna's Archive has about a petabyte of torrents that have less than three seeders, for example.
I can appreciate your concern and point of view, but I asked "so if I want to do this, how can I prepare to do it safely?" And your response was "just don't, do this instead." I can certainly seed, but that's not what I'm aiming for. I am far more interested in creating systems and providing content. My time is...flexible. Suffice to say, the time concern is not going to be the roadblock.
You're right, and I'm sorry if I came over as condescending. The thing is, with projects like these, you need to front load a lot of the safety concerns if you are going to be the one actually hosting the content. It'd be an easier entry to contribute to existing structures, staying more low-key and learning along the way. Many established projects are open-source and need programmers and hackers to help improve and secure their codebases, for example.
That said, if you wanted to start something of your own, I think Anna's blog is a nice starting point, before you delve into the technical nitty-gritty:
https://annas-archive.org/blog/blog-how-to-become-a-pirate-archivist.html
https://annas-archive.org/blog/how-to-run-a-shadow-library.html
Then, for the actual hosting process, much depends on the stack you use. Never pay for anything in a way that can be traced, which basically only leaves cash or anonymous crypto like Monero. Don't use any account names, emails, passwords, etc that you've ever used before. Never, ever go boasting to strangers, or even worse, friends, about what you're doing. Do all the standard things of hardening your servers, but always plan around some or all of them being shut down it seized. Even "bulletproof hosting" providers get raided every once in a while. That means decentralization, and don't put convenience over safety.
Now, while shadow libraries and other forms of media piracies certainly are sought-after targets, you're likely not going to be anyone's number one priority, while there's still rings of child abusers and terrorists on the web. But once you reach a certain size, state actors will come after you, like they did after z-lib a while ago. I don't have any comprehensive guides on Opsec (and I'm no expert on it, by any measure), but most of it boils down to common sense and keeping your mouth shut, anyways. Most people that get busted don't have missed some technical vulnerability, but because they've talked about their illegal projects on accounts linked to their real name, or something similarly trivial.
My opsec doesn't allow for any Russian projects at all
having a .ru domain is just precaution against takedowns - none of the devs are russian its just the west and russia dont get along so takedown requests for a .ru domain would be ignored by russia
load more comments
(1 replies)
our model is just like the old movie-web, we are open source and if we are DMCA'd then we will take it down but our mirrors will still be up but i understand the opsec point and may move from discord to signal
that's good and all, but as it stands now, it seems almost guaranteed your PII will leak. Are you okay to never set foot into a country that extradites to the US again?
Are you saying there is a way to escape my student loa*s forever?
load more comments
(6 replies)
why github and not codeberg?
project started a few months ago idk we started on github but I will host a repo on codeberg soon
This is giving me Fed vibes
I personally find weird the read on web mechanism.
load more comments
(13 replies)
Being “private” and having a discord is like an oxymoron.
I only see a front end on GitHub. Is this just a libgen mirror?
load more comments
(5 replies)
view more: next ›