Pastebin: Running the site where hackers publicise their attacks By Leo Kelion

Technology reporter Published duration 1 April 2012

image caption Pastebin has become increasingly associated with Anonymous hack attack revelations since it changed ownership in 2010.

Over recent years Pastebin.com has become a must-visit site for anyone wanting to keep track of the exploits of Anonymous and other hackers.

Text files containing emails, passwords and other hijacked information are often made public on the service - drawing attention as they climb its "trending pastes" list.

Twitter messages are frequently used to direct followers to the Pastebin, which has the advantage over the microblogging service of allowing "pastes" to run up to 0.5 megabytes in size rather than limiting them to 140 characters.

The platform was founded a decade ago, but its original owner sold it after thousands of people's Hotmail email passwords were exposed on the site in October 2009, leading him to briefly shut it down.

It was bought by Jeroen Vader - a Dutch internet entrepreneur who upgraded its features and has seen its popularity surge.

When he took it over in early 2010 Pastebin had 500,000 unique visitors a month. That number is now 17 million.

But as its profile has grown so have its problems.

Although many of the articles contain legally-shared information, Mr Vader says the authorities in Turkey and Pakistan have taken action to block the site after confidential data was exposed.

He also says that Pastebin itself has become the target of numerous hack and spam attacks.

Mr Vader agreed to be interviewed over email by the BBC - the following is an edit of the conversation:

Your site appears to have become one of the hacking community's favourite locations to publicise the results of its attacks. Why do you think this is - and does it cause you concern?

I am very happy and quite proud that so many people trust Pastebin as a place to publish their text. With the Trends section being checked by many journalists and the high search engine ranking on pastes, it can be quite beneficial for people to have their content on Pastebin. Often minutes after posting something it can be found in search engines such as Google.

image caption Many users disregard the guidelines posted in Pastebin's FAQ (frequently asked questions) section

How important do you think it is that hackers have an easily accessible facility like Pastebin to release their material rather than using parts of the net less likely to be visited by the general public?

The term hacker has received a lot of negative press over the years, but often that isn't fair at all. I think it is very important that people have access to sites like Pastebin, because it offers them total freedom of speech. Especially if they post their items behind a proxy of some kind, there is no way to trace who posted what. It is great to see that people use Pastebin as a platform to get their thoughts and ideals out to the rest of the world. A lot of items in the Trends section can be very interesting to read actually.

Your guidelines say users should not to post emails, stolen source code or password lists. Yet people associated with Anonymous often do this - and at times you have flagged up their actions on your own Twitter account - for example the YouPorn attack you tweeted about on 23 Feb. Do you accept that the popularity of such posts help drive traffic to the site and ultimately generates you advertising revenue?

We do indeed not allow people to post email lists and other personal information that does not belong to them. That said, we are very much aware that it happens a lot, but trying to automatically filter out such pastes is a pretty impossible task. Instead we heavily rely on our users to report items that do not comply with our FAQ. On average we get over 1,000 abuse reports a day via our on-site abuse report system, and another 200 or so come in via email. These are all monitored.

We would never link to sensitive information via our Twitter feed. The item you are referring to is rather harmless. It contains no user-names, but only some funny and rather shocking password statistics.

It has been reported that Pastebin has been blocked in Pakistan and Turkey by the authorities following the release of hacked local material posted to your site - can you provide an update on this, and comment on what you make of their actions?

Pakistan blocked us a few months ago, and three weeks ago Turkey also blocked us. We found out about this when users started to email and tweet about it. The authorities of these countries never told us about those blocks though. We have been asked to remove certain pieces of content by the authorities of both countries, and in both cases we have complied. Looking at our Google Analytics reports, it shows that even though the site has been blocked in those countries, the visitors drop is only about 50% in both cases. People still find a way to connect.

Some of our readers have expressed concern that some Pastebin posts reveal personal details of people working for the authorities - such as home addresses - or the identities of people paying for pornography which they might have wanted to keep private. Do you have concerns that your site could put lives in danger, or at the very least disrupt people's personal lives?

I am very much aware of the fact that it can be quite shocking when your personal information gets posted online by someone else. I've had it happen to me in the past, but luckily the information was posted on Pastebin so I was able to remove it quickly. It's important to understand that Pastebin.com monitors all removal requests, so when someone does get its personal information posted, we can often remove it within hours, sometimes minutes.

You say you monitor removal requests, but should you be more proactive? Bearing in mind people's home addresses and other personal details are sometimes posted to the site, do you have a responsibility to at least check what is trending at any time?

I am looking to hire some extra people soon to monitor more of the website's content, not just the items that are reported. Hopefully this will increase the speed in which we can remove sensitive information. This will give us more time to look at trending items in detail if they haven't been reported yet. Often articles contain a lot of information, and part of that can be a person's details. This does not mean straight away that it should be removed. Reading all those items, and determining which ones are hurtful, and which ones aren't, requires a lot of time. That's why we rely on the abuse report system at the moment. But there are plans to improve on this.

Last year you told one reporter that you tracked IP addresses - and had passed on the details to the authorities when asked in some cases. Can you provide more detail?

The main reason why we track IP information when people create a paste, is to be able to block them in case they spam a lot. Something which is a huge issue on Pastebin at the moment.

There have been a few cases when authorities request IP information from Pastebin, and we tend to comply with such requests, but only with a valid court order of course. Sharing IP information without such a court order is illegal in many countries. We do see that when a court order is presented, and we share the IP information, that it is often an IP from a proxy or some kind of anonymous browsing service. People who post sensitive information hardly even use their own home IP.

image caption Recent messages by the Antisec movement include details of an attack on a Spanish security firm

In February Pastebin came under attack by a botnet attack involving more than 22,000 unique IP addresses. Can you provide more detail about the attack and who you think might have been responsible?

February was a terrible month, so many attacks. It was a real nightmare to run the site. In the last three months not a single day has gone by that we didn't get some kind of DDOS attack, but in February there were some really long attacks going on. The longest one went on for more than 48 hours. Until this day not a single attack has been claimed. I do hear from people in the hackers community that many hackers like to test their DDOS skills on Pastebin.

You recently tweeted that you had upgraded your servers and code. Can you give an outline of what is involved in keeping Pastebin live and how you plan to develop it in the future - eg how soon might there be a move to mobile devices?

I am constantly working on the site, seven days a week, and when all the abuse reports have been dealt with, I try to improve the site's software. Everything is custom coded from scratch, which makes it very easy for me to perform update/upgrades as I know all the code. Once in a while new features are implemented, but most of the work goes into keeping everything running smooth, keeping the site free(ish) of spam, and handling removal request. And of course handling DDOS attack when they happen. Hopefully with our new hoster in place, this will require less and less of my time.