Hey everyone! 📚 I’m excited to introduce Bookracy, an open-source shadow library dedicated to preserving and freely sharing knowledge. With a large and growing collection, Bookracy is (annoying) ad-free, non-profit, and lightning-fast ⚡—plus, it’s fully open-source and powered by a passionate community. Whether you’re a reader, researcher, or developer, there’s a place for you here. Check out our Reddit, website, GitHub, and hop into our Discord to join the conversation and help grow this movement for open access! 🤝❤️
putting aside the obvious glowie talk someone else raised, you should really, really reconsider your opsec. And I mean, really. Using discord to communicate? And spamming Reddit, from a non-dedicated account, no less? Posting PII to justify downtimes? If this gets any traction at all, you’re in deep shit. There’s a good reason Anna is as anonymous as she is. Cat is out of the bag at this point, I’d recommend shutting it down. You could always continue developing the code for it, the frontend looks pretty good. But please, reconsider if you have the dedication and knowledge it takes to run a shadow library and not be caught.
I’d be more than a little interested to be pointed towards a guide, or even just a bullet point list, of good opsec considerations or tools for a project like this. I’ve got time and technical ability but don’t spend a lot of time thinking about these concerns. The last thing I want is to cause myself trouble I’m not ready for, but I’d like to make a significant contribution to the community, so I want to prepare adequately.
Any guides or lists you can think of?
our model is just like the old movie-web, we are open source and if we are DMCA’d then we will take it down but our mirrors will still be up but i understand the opsec point and may move from discord to signal
that’s good and all, but as it stands now, it seems almost guaranteed your PII will leak. Are you okay to never set foot into a country that extradites to the US again?
Are you saying there is a way to escape my student loa*s forever?
since its open source and the backend will be open source in the future (after i rewrite) i can still step away from the project and everything can be taken and hosted by a different person
that’s not how it works. the code and website may live on, but you are committing a crime right now (nothing wrong with that). If law enforcement comes after you, it won’t matter if you’ve ‘stepped away’ in the mean time. You can either go the route of Anna, keep very tight Opsec and make sure nothing seeps through the cracks. Or you go the way of Alexandra Elbakyan, make your piracy public, to make a point. That means you willingly accept never being able to travel anywhere that has enforced copyright laws. If you half-ass it somewhere in between, you will get caught, and you will face prison time or hefty fines (potentially millions). Are you aware of that?
Bookracy doesn’t exploit the copyrighted material for financial gain, unlike typical piracy websites that might sell access to pirated content or host popup / redirect ads for profit And for the part of me commiting a crime its always innocent until proven guilty - if it can be proven im storing the books fair play but weve taken precautions against that paying through crypto bulletproof servers ect
The publishers don’t care. They’re suing LibGen, scihub, etc nonetheless. Non-commercialism will not protect you. Crypto can be very traceable, it’s by definition an open ledger, and “bulletproof servers” is a term applied very broadly, often by dubious actors. Besides that, any Opsec is only as strong as the weakest link. You’re running a second domain via Namecheap, for fucks sake! Don’t take this lightly, this is not a game. A state actor could probably identify you within days. Are you ready for that?
My opsec doesn’t allow for any Russian projects at all
having a .ru domain is just precaution against takedowns - none of the devs are russian its just the west and russia dont get along so takedown requests for a .ru domain would be ignored by russia
Fair, at least as long as they’re not open-source