<p>It seems people don’t read between the lines. They took what I <a href="https://archive-is.tumblr.com/tagged/patokallio">wrote on finne troll</a> for neuroslop.</p><p>So let’s say it plain.</p><p>There is a family. A big one. They move in politics and in the arms trade.</p><p>There is one man in that family who does something else. He doxes people on the internet. He does it to drive traffic to his little blog, packed with ads.</p><p>In other words, he is the fool of the family. No use to the real business.</p><p>He shames the family name and gets in the way of his father and his brother.</p><p>You don’t believe it?</p><p>He used to run a blog at <i>patokallio.name</i>. Now it’s called <i>gyrovague.com</i>. The name “Patokallio” is hidden in the sidebar. You have to click to see it. It’s not in the text at all. In the posts, even in quotes, he cuts the name out every time.</p><p>So the talk with the family already happened. It must have gone like this: live how you want, but you are not our brother, avoid using our name.</p><p>And now, in that position, the man has taken up doxing random internet projects just to make a little money.</p><p>Epic, isn’t it.</p>

<p>The <a href="https://blog.archive.today/post/806832066465497088/">finne troll</a> published <a href="https://archive.today/QZtsw">his response</a> with <a href="https://archive.today/XlxYY">&ldquo;lightly redacted copy of the entire email thread&rdquo;</a>.</p><p>And guess that has been <i>lightly redacted</i>?</p><p class="npf_chat">- &ldquo;an OSINT investigation&rdquo; on your Nazi grandfather <span style="color: #ff4930;">who changed the name in 1944</span>, will not vibecode a <span style="color: #ff4930;">patokallio</span>.gay dating app<br />+ &ldquo;an OSINT investigation&rdquo; on your Nazi grandfather, will not vibecode a <span class="npf_color_ross">gyrovague</span>.gay dating app </p><p><br /></p><p>That&rsquo;s the sore spot. His grandfather seems to have been a real Nazi criminal, even by Finnish standards. We need to dig deeper.</p>

<p>When the lease on your domain expires, it often gets snapped up by what are called “parking” outfits (which is like calling a toll booth a “roadside hospitality concept”). A parking domain is basically a dead address turned into a little money farm: no real content, just ads, redirects, tracking pixels, and a vague pretense of being a website, all optimized to squeeze value out of whatever stray visitors still wander in.</p><p>But what if the domain that falls into a parking company’s hands was not serving articles or blog posts or cat photos, but scripts. Say, for example, a CDN endpoint. Or a banner network. Or some forgotten third-party JavaScript that thousands of living, breathing sites still quietly load in the background.</p><p>Well then the fun starts.</p><p>Because now the parking company is sitting in the middle of someone else’s supply chain. They can redirect visitors from perfectly legitimate, still-active sites that happen to reference that old domain. And they do it in a way designed to stay invisible. No big splash. No obvious breakage. Just a slow siphoning of traffic that can go unnoticed for years.</p><p>For example, here is a case where traffic was stolen from <a href="https://ej.ru/">EJ.ru</a> for four years. Four. Nobody noticed until someone sent a bug report that basically said: “Why can’t I archive pages from EJ?” And the answer turned out to be: because somewhere in the stack, a script was loading from a dead domain that had been picked up by a parking company and turned into a redirect machine.</p><p>Here is the archive: <a href="https://archive.today/ww82.echobanners.net">https://archive.today/ww82.echobanners.net</a></p><p>And another similar story: <a href="https://archive.today/www3.widgetserver.com">https://archive.today/www3.widgetserver.com</a></p><p>So when people start talking about hacker ethics, about bug bounties, about responsible disclosure, you start to wonder how that whole moral economy is supposed to function when the so called respectable domain investors are behaving a little worse than the hackers. Not breaking in, not exploiting zero days, just quietly sitting on expired infrastructure and milking the pipes that nobody remembered to shut off.</p>

<p>Yesterday one of the archive’s early adopters sent me a <a href="https://www.niemanlab.org/2026/01/news-publishers-limit-internet-archive-access-due-to-ai-scraping-concerns/">link to an article</a> about how various sites block archive.org and asked how things are on our end.</p><p>I wrote back something like: “Honestly, the bigger trend we’re dealing with lately is front-enders shipping a hundred JavaScript files per page, so if even one of them fails to load the whole page collapses like a house of cards. Against that background, even if something like what the article describes did happen, it probably passed unnoticed.”</p><p>&hellip;</p><p>An hour later an email arrives from a sysadmin at Condé Nast: “Are you blocking our office IP?”</p><p>“Oh. Right. Yes, we are. You’re reprinting the seed-crystal of a <a href="https://blog.archive.today/post/806832066465497088/">finne troll’s black-tar propaganda about us</a>, laundering it with your brand’s legitimacy, and you still expect to keep using our free service? Have you people completely lost your damn minds over there?”</p><p>&hellip;</p><p>Back in the dawn-of-the-Internet era, when hosting providers billed by the gigabyte even for dedicated servers and the Great Firewall of China was still a glimmer in some bureaucrat’s eye, lots of sites just blocked visitors from China. They weren’t buying anything anyway.</p><p>Now everyone blocks everyone they don’t like or don’t profit from.</p><p>Walmart (or Target?) blocks everyone outside the U.S.</p><p>Ukraine’s been blocking VK for a decade.</p><p>Things that feel almost like core infrastructure - (((ifconfig.me))), (((ipinfo.io))), &hellip; - block Iran.</p><p>We block Cyprus because it has a suspiciously high density of people with a past best left undisclosed starting shiny new “European” lives from scratch.</p><p>&hellip;</p><p>To deal with that reality, a multi-exit VPN, one that chooses a exit node depending on the target IP, has been a necessity for a long time now, for bots and humans, long before “VPN” became a lifestyle accessory.</p><p>But it comes with problems:</p><p>First, privacy. Tracking scripts don’t see one IP, they see several. And even that pattern by itself is a de-anonymizing signal, because there aren’t that many surfers who look like that.</p><p>Second, Cloudflare. The exit gets chosen for the IP, not the domain, and multiple sites are mixed together on the same IP. Some only let you in from the U.S., others only from Europe, etc. There’s no good solution. So you pick some compromise region <i>X</i> based on which of your favorite sites you’re least willing to have broken. All your Cloudflare traffic now goes through region <i>X</i>. And if you yourself aren’t actually in <i>X</i> (because you chose it not by proximity but by least-badness for your personal web ecosystem) then your packets start doing laps around the planet.</p><p>For a multi-VPN user, a site behind such a “mixer” CDN ends up slower than a site with no CDN at all.</p><p>And this is yet another reason — after EDNS, captchas (that can pop up instead of any one of a hundred included JavaScript files), random de-platformings, did I miss anything? — that makes Cloudflare a kind of natural antagonist.</p><p>Not exactly an enemy.</p><p>More like a sparring partner you keep finding yourself matched against, again and again, in different disciplines, in different rings, each time convinced this bout will finally settle something, and each time walking away a little more bruised and a little more aware of how strange the whole fight has become.</p>

<p>Some time back, I sat down for an interview with <a href="https://www.lto.de/">Legal Tribune</a>. The subject was mainly about paywalls and about the use of public archives to get around them. Now, that interview hasn’t seen the light of day yet (maybe it still will) but I reckon there are two reasons it got shelved. And those two reasons, in my judgment, deserve to be heard by the public.</p><p>They asked me, plain and proper: “Doesn’t the work of these archives undermine the business model of German media and by extension, democracy itself, truth, justice, and the whole Teutonic order?”</p><p>Well now, the natural answer to that is another question: What undermines that business model more — an archive that quietly exists, or a big newspaper article that reminds precisely those who can afford subscriptions that paywalls can be avoided?</p><p>Especially when we’re talking about Germany, a country with a mighty fine library system. A system where just about anyone with a library card (which is to say, just about everyone) can already get past paywalls. Even the hard ones. Even the kind the archives can’t crack. There are even <a href="https://github.com/stefanw/bibbot">special browser tools</a> built just to make it easier. And you can’t fix that with some grand gesture like calling it “piracy” and blocking a domain on <i>der Bundesbrandmauer</i>.</p><p>But what can kill their business model is a public debate that marches straight into every German living room and says: “You don’t actually have to pay for this”, that in fact it is not “pay for access”, but merely “donate for our democracy”, and who would subscribe to that? That kind of idea spreads faster than any archive ever could.</p><p>Now, the second reason. And while I’m at it, let me address those who might accuse me of comparing Jani Patokallio to Hunter Biden yesterday. Yes sir, there <i>is</i> some friction between us and the German media. But it ain’t about paywalls. It’s about their wish to scrub from the archive the articles they already took down from their own site. And that makes a man wonder: how do they pull those same articles out of libraries too when a publisher has second thoughts?</p><p>What’s curious is this: almost every one of those stories is about the misadventures of wayward scions from respectable families, boys and girls who manage to tarnish their own last names with their behavior.</p><p>The most “toxic” content for us isn’t politics at all. It’s pages of hookers (kinetic ones, not virtual) and these well-born kids splashed across the papers. Not ministers. Not presidents. Just reputations in free fall.</p><p>And maybe that shouldn’t surprise us. After all, the word <i>reputation</i> comes from the same old root as <i>puta</i>.</p>

<p>Ladies and gentlemen,</p><p>In the autumn of 2025, I published a subpoena received from the Federal Bureau of Investigation.</p><p>Since that day, I have been asked time and again: “And what happens next?”</p><p>Well, allow me to tell you.</p><p>I published that subpoena as an act of responsible disclosure. I did not maintain a so-called “canary page” - the kind some operators use to signal they remain free from legal gag orders. My circumstances were such that I was far removed from jurisdictions where such orders carry immediate, enforceable weight. Moreover, my site was never prominent enough to attract a dedicated cadre of volunteers who might vigilantly monitor such a page for changes. Thus, I resolved upon a simple principle: should any authority send me a legal instrument, I would publish it forthwith. And that is precisely what transpired.</p><p>I confess, I anticipated interest from no more than a handful of crypto-anarchists - the very same individuals who had previously urged me to implement a canonical canary page, yet who offered no commitment to actually watch over it.</p><p>Imagine my surprise, then, when the matter spilled into the mainstream news and reached million eyes.</p><p>But let us be clear: these were not news reports in any genuine sense. The standard refrain read, “We have reached out to the site&rsquo;s operator and will update this story upon receiving a response.” Yet no journalist ever contacted us (only exception is Meduza, asking for an interview and a bigger article later). This was not investigative journalism; it was dissemination - pure and simple. A prepackaged narrative, delivered to newsrooms with the polite request: “Dear comrades, here is the truth - please publish it.”</p><p>Curiously, every one of these ersatz “news” pieces prominently cited a two-year-old blog post by a certain Jani Patokallio as its authoritative source - a rather odd choice, given that it was merely a personal blog entry by an unaffiliated third party. One might charitably argue it was a piece of enduring open-source intelligence. Very well, let us grant that. But then, why do nearly all the links within that “investigation” point exclusively to <a href="https://blog.archive.today/">blog.archive.today</a>? Why not cite the original sources directly? And more tellingly, there exist at least five other substantial OSINT analyses concerning archive.today. Why, then, did every journalist - seemingly in lockstep - select this one particular post? Unless, of course, they were not writing at all, but merely copying and pasting a ready-made text.</p><p>This raises a more troubling possibility: what if that link to the old blog post was not a citation, but a SEO backlink? What if Mr. Patokallio was not a passive observer, but the very author of the seed?</p><p>First of all, he had already attempted to promoute that very blog post in the media two years ago. On that prior occasion, it found a home only at <a href="https://boingboing.net/2023/08/05/the-internets-other-archive.html">Boing Boing</a>. The second try achieved far wider circulation.</p><p>A cursory AI-groking into Mr. Patokallio&rsquo;s background reveals a man no stranger to the shadowed corridors of media manipulation. He was instrumental in repackaging community-written content from WikiTravel into commercially published Lonely Planet guides under his own editorial imprint.</p><p>But that is merely the beginning.</p><p>The <a href="https://www.dundernews.com/pdf/Canberran-Uutukainen-2013-02.pdf">Patokallio family</a> presents a profile of considerable geopolitical entanglement. His brother, Mikko Patokallio, serves as Senior Manager for Ukraine at the Crisis Management Initiative (CMI), a Finnish NGO deeply involved in conflict mediation and Eurasian affairs.</p><p>Their father, Pasi Patokallio, is a career diplomat who has served as ambassador to Israel, Canada, and Australia. He is also a noted critic of the Ottawa Treaty banning anti-personnel landmines, and his advocacy appears to have borne fruit: Finland withdrew from the treaty recently, paving the way for the mining of its 2,000-miles eastern border.</p><p>As for the family name itself - Patokallio - it was coined and officially <a href="https://www.tuomas.salste.net/suku/nimi/index-suojatut.html">registered in 1944</a>, a year of profound realignment for Finland, as the nation shifted its wartime allegiance. In Finland, surnames can indeed be “registered” like domain names, securing exclusive rights to their use. One cannot help but wonder what prompted the adoption of a new name at such a pivotal historical moment.</p><p>Thus, we are not dealing with a mere hobbyist blogger who “saw a neat website and wrote a post,” as Jani Patokallio once <a href="https://news.ycombinator.com/item?id=46629573">claimed</a> on Hacker News. This is the work of a member of a family with a shady Nazi-era story and deep roots in diplomacy, the Ukrainian conflict and information operations (the profile resembles more of Hunter Biden than an IT blogger) - a long-term, systemic interest in the archive project that may well prove more consequential, and perhaps more dangerous, than the attention of either the proprietor of luxuretv.com with his fake <a href="https://adguard-dns.io/en/blog/archive-today-adguard-dns-block-demand.html">French child porn alliances</a> or even the FBI itself.</p>