Nothing is permanent on social media. Users deleting their posts or webpages can lead to the erasure of a trail of evidence that may be crucial to your investigations. But how do you keep that vital data? We've improved our Auto Archiver tool to make archiving your sources easier and set it up to be more manageable to navigate as a research team... https://www.bellingcat.com/resources/2025/08/13/the-open-source-tool-that-has-preserved-150000-pieces-of-online-evidence/?utm_source=mstdn
Discussion
Loading...
@Bellingcat what a positive spin on "we're helping you be tracked forever". Can you start recording my verbal conversations, too?
Launched publicly in 2022, our Auto Archiver tool has helped newsrooms and NGO’s preserve over 150,000 web pages and social media posts to date. It is a staple in our newsroom.
If you work in a newsroom or research team and want to access a demo or help to deploy the Auto Archiver internally you can reach us at contact-tech@bellingcat.com with the Subject “Auto Archiver at [my team/organisation]” and tell us more about your organisation and archiving needs.
Of course no tool is perfect and we’re looking for feedback, if you have suggestions for the tool please reach out via an issue in our GitHub: https://github.com/bellingcat/auto-archiver
@Bellingcat I've a question: when you archive something, let's say a tweet: is there a way to prove that the webpage you saved is authentic and timestamped? Like, it was delivered from https, can you use it to "save" the https signature and prove the webpage existed on this domain and this date? 🤔
@lutindiscret
yes, that's possible!
the way we do it is a getting the SSL certificates, calculate hashes for archived media and the certificates, and then timestamp those with external services.
We have two timestamping alternatives: one is blockchain based https://auto-archiver.readthedocs.io/en/latest/modules/autogen/enricher/opentimestamps_enricher.html
The other relies on RFC3161 timestamping authorities https://auto-archiver.readthedocs.io/en/latest/modules/autogen/enricher/timestamping_enricher.html - both are free.
Here's an example from a recent tweet where both timestamping strategies are used: https://bellingcat-archive.nyc3.cdn.digitaloceanspaces.com/no-dups/60b4da5262174b5c403abced/bdc9da4201174fa1ae19f27f.html
yes, that's possible!
the way we do it is a getting the SSL certificates, calculate hashes for archived media and the certificates, and then timestamp those with external services.
We have two timestamping alternatives: one is blockchain based https://auto-archiver.readthedocs.io/en/latest/modules/autogen/enricher/opentimestamps_enricher.html
The other relies on RFC3161 timestamping authorities https://auto-archiver.readthedocs.io/en/latest/modules/autogen/enricher/timestamping_enricher.html - both are free.
Here's an example from a recent tweet where both timestamping strategies are used: https://bellingcat-archive.nyc3.cdn.digitaloceanspaces.com/no-dups/60b4da5262174b5c403abced/bdc9da4201174fa1ae19f27f.html
@Bellingcat @lutindiscret We do something similar with the WACZ format for high-fidelity web archives, see: https://specs.webrecorder.net/wacz-auth/0.1.0/ which is signed with a timestamped and also our cert to prove that we created the web archive.
Note that both our approach and @Bellingcat involves trusting third party (us) - it is not possible with TLS to prove that data was *actually sent* over TLS once its decrypted, because
TLS itself does not support non-repudiation, see: https://security.stackexchange.com/questions/103645/does-ssl-tls-provide-non-repudiation-service
Note that both our approach and @Bellingcat involves trusting third party (us) - it is not possible with TLS to prove that data was *actually sent* over TLS once its decrypted, because
TLS itself does not support non-repudiation, see: https://security.stackexchange.com/questions/103645/does-ssl-tls-provide-non-repudiation-service
bonfire.cafe
A space for Bonfire maintainers and contributors to communicate
Automatic federation enabled