From 1600 CEST yesterday, all name resolutions for theswissbay.ch are handled by our own authoritative server. This effectively solves the glue record issue from 23.05.2023. The Swiss Bay is therefore 100% self-hosted and free from its previous CloudFlare dependency.
Any and all issues regarding the following services can now also be tracked in real time on the issues page in addition to this page:
Arch Linux mirror
Date: 23.05.2023@2025 CEST
The DNS records for theswissbay.ch were hosted on CloudFlare until today 1600 CEST, at which time the registrar proceeded with the following changes:
ns1.theswissbay.ch is the primary server
ns1.theswissbay.ch points to 184.108.40.206 (glue record)
For some obscure reason, the glue record actually points to 220.127.116.11, an IP that has not been used for years. As a result, no DNS query makes it to the actual resolver and all services on theswissbay.ch are unavailable. The registrar has been notified of this issue and a fix is due.
In the mean time, theswissbay.ch may be manually set to 18.104.22.168 in your hosts file or recursive DNS resolver.
Date: 08.04.2023@2145 CEST
From 06.01.2021, a paranoid endpoint was available to access The Swiss Bay, using no public PKI but our own CA instead. Because it sets no limit with respect to what domains for which it can issue certificates, one could argue that it can turn rogue any try to steal legitimate connections to sites other than theswissbay.ch or even get leaked with a similar effect in the hands of threat actors.
To help clear fear and mistrust, an intermediate CA will be deployed starting from next month. This new CA uses Name Constraints from RFC 5280 so that only theswissbay.ch and its subdomains can be subjected. You can already download and install it from here to be ready for the change, just don't forget to remove the old CA which won't be used publicly afterwards.
Date: 10.03.2023@1100 CEST
The current storage pool is based on 8x2TB disks with over 60'000 80'000 work hours, and reliability issues start to appear. With size becoming a limiting factor, time has come for an upgrade. A maintenance window will be put up to migrate existing data to the new pool of 4x18TB. The usable space will go from 8TB to 36TB, allowing much more content to be hosted in the future. The post will be updated accordingly.
Update 12.03.2023@2039 CEST: new disks are ready for install and a short downtime period is to be expected between 2200 and 0100 CEST. Update 13.03.2023@1227 CEST: migration was completed around 0200 CEST, some minor downtime is to be expected in the next 24 hours.
Date: 23.09.2022@2347 CEST
Periodic upstream link loss have been observed in the last 24 hours, with an unknown cause. A hardware change is due early next week. In the mean time, the site may be unreachable at times.
Update 04.10.2022@1600 CEST: the hardware change did not resolve the issue, which appears to be located elsewhere and not in our infrastructure. Troubleshooting goes on. Update 30.03.2023@1357 CEST: test hardware from another brand just arrived and testing will take place today. Expect connectivity issues during the day.
Date: 16.08.2022@0225 CEST
According to official and
press sources in Switzerland, the country will face issues importing enough electricity this winter due
to the current geopolitical situation in Europe. In the worst case scenario, if consumption still exceeds availability despite advisories on power savings,
rolling blackouts lasting multiple hours (most
likely between 4 and 8) may be implemented to prevent a total grid collapse.
In order to mitigate this situation, the existing backup power system has been upgraded so as to provide double the previous uptime (from ~2.5 to ~5 hours). While IT equipment under direct control of The Swiss Bay will
continue to operate, other upstream devices may or may not be kept powered on. Therefore, because it is difficult to predict if and when outages will occur, it is just as hard to say if this website will remain accessible.
While efforts are made to secure the reliability of The Swiss Bay despite the uncertainty of current times, information integrity remains the number one priority, because bad information is worse than no information. If
circumstances require it, servers may be shut down for an undefined amount of time to preserve them in a fully working state. In such cases, uptime may be greatly reduced so as to prevent frequent start-stop cycles.
If you want to host a copy of any or all parts of The Swiss Bay's PDF archive, and if you have storage space with a decent Internet connection to spare, you may reach out to theswissguy at theswissbay dot ch. If you prefer
to help in another way, for instance by donating hardware or money, you can use the same address. Your generosity is greatly appreciated.
This page will be updated accordingly, following situational changes in the coming months.
Update 18.08.2022@1601 CEST: a short period of downtime is to be expected due to modifications to the electrical system which require de-energizing all devices. A follow-up will also take place next week, with a
slightly longer duration to allow for other maintenance tasks to take place. Update 13.09.2022@0013 CEST: follow-up will take place this morning, expect downtime until mid-day.
Date: 11.07.2022@1454 CEST
Our public IP address is now static: 22.214.171.124. Services were unreachable from roughly 1000 to 1430 CEST.
Date: 20.04.2022@1802 CEST
Following some cabling work, our public IP has unfortunately expired. The new one is 126.96.36.199.
Date: 09.03.2022@1355 CEST
A software error on our edge router broke TLS, which was not functional from around 1820 CEST yesterday until now. A reboot fixed the issue.
Date: 18.11.21@1127 CEST
A DMCA removal request was sent to us on 06.11.21 demanding the removal of two works from the Gentoomen Library:
"[...] a collection of descriptive grammars and pedagogical textbooks [...] of various natural
languages and a few
prominent created languages [...] well over 2400 separate grammar books and dictionaries
languages from every inhabited region of the globe."Browse
Notice: maintenance work will take place during the morning (approx. 1000 CEST), during which the website
will not be available.
Date: 29.7.20@2027 CEST
Notice: due to ISP connectivity issues, the website was unavailable from roughly last midnight to now.
The IP was subsequently changed to 188.8.131.52. Notice 2: now stable on 184.108.40.206.
Date: 7.5.20@1203 CEST
Notice: due to the previous complaint, the ISP had cut the Internet access until the situation was
resolved. To prevent future censorship from any party, The Swiss Bay will slowly be transitioning to more
Detailed information about this change will arrive in due time.
Notice: the maximum upload rate (i.e. download rate for users) has been set to 25Mbps globally. Our new
WAN link grants us greater bandwidth.
Date: 12.12.17@1726 CEST
Notice: the upstream provider changed its IP allocation scheme without prior warning, resulting in
invalid IP configuration on our side. The previous IP
address (220.127.116.11) was changed to another one (18.104.22.168). This unexpected change is to be considered
Notice: the website will be unavailable for some time during the day because of maintenance work on
electrical installations. This is planned to
happen every 6 months.
Update 6.9.17@1722 CEST: all services are now available again. Many backend components were also migrated
to a new infrastructure, hence the rather
long downtime. In the future, this should not last more than 30 minutes.
Date: 30.8.17@0105 CEST
Notice: the maximum upload rate (i.e. download rate for users) has been set to 10Mbps globally in order
to prevent the WAN link from becoming
too slow or even unresponsive due to ISP throttling.
Date: 10.8.17@0120 CEST
Notice: during the last two days, there have been periods during which the website was unreachable. This
is due to hardware upgrades that
aim to improve the internal network with respect to stability and performance. More connectivity losses are to
be expected in the near future.
Date: 16.6.17@2030 CEST
Notice: at around 1800 CEST, a power outage has occured. The UPS currently in use can provide current for
a few hours, depending on
the load. As the upstream issue has not been resolved yet, there is a chance the webserver will be powered off
(and hence the website will
be unavailable). This is expected to last a few hours, if not more. An update will be posted here when the
Update 17.6.17@0250 CEST: input from the power company was OK but HPC fuses were blown on all phases,
hence cutting power to anything.
The server likely shut down around 2130 CEST. The cause of the issue remains unknown but since 0240 CEST power
is back (at least for now).
Date: 24.4.17@2250 CEST
Added The Intercept's fourth dump of NSA's SIDtoday (second half of '04) Browse
The SIDtoday directory now uses Git to stay up to date instead of requiring a manual copy of new
documents. That is why the "Last modified"
date shows today.
Date: 12.3.17@1849 CEST
Changes: Crypto whitepapers
Added "High-speed implementation of bcrypt password search using special-purpose hardware" by Friedrich
Wiemer, Ralf Zimmermann,
Horst Görtz Institute for IT-Security (HGI), Ruhr-University Bochum and Germany
Added "Are your passwords safe ? Energy-efficient bcrypt cracking with low-cost parallel hardware" by
Katja Malvoni, Solar Designer
and Josip Knezovic View
Added "The rebound attack and subspace distinguishers: application to Whirlpool" by Mario Lamberger,
Florian Mendel, Christian
Rechberger, Vincent Rijmen and Martin Schläffer View
Added "The Twofish team's final comments on AES selection" by Bruche Schneier, John Kelsey, Doug
Whiting, David Wagner, Chris Hall,
Niels Ferguson, Tadayoshi Kohno and Mike Stay View
Added "Cryptanalysis of AES-based hash functions" by Martin Schläfer View
Added "Imperfect forward secrecy: how Diffie-Hellman fails in practice" by David Adrian, Karthikeyan
Bhargavan, Zakir Durumeric,
Pierrick Gaudry, Matthew Green, J. Alex Halderman, Nadia Heninger, Drew Springall, Emmanuel Thomé and
Added "Chosen-prefix collisions for MD5 and colliding X.509 certificates for different identities" by
Marc Stevens, Arjen Lenstra
and Benne de Weger View
Added "The first collision for full SHA-1" by Marc Stevens, Elie Bursztein, Pierre Karpman, Ange
Albertini and Yarik Markov
Added "Security dangers of the NIST curves" by Daniel J. Bernstein and Tanja Lange View
Added "The rebound attack_cryptanalysis of reduced Whirlpool and Grøstl" by Florian Mendel, Christian
Rechberger, Martin Schläffer
and Søren S. Thomsen View
Added "Preimage and pseudo-Collision attacks on step-reduced SM3 hash function" by Gaoli Wang and
Yanzhao Shen from School of Computer
Science and Technology, Donghua University, Shanghai and China View
Added "Faster and timing-attack resistant AES-GCM" by Emilia Käsper and Peter Schwabe View
Added "Unaligned rebound attack: application to Keccak" by Alexandra Duc, Jian Guo, Thomas Peyrin and
Lei Wei View
Added "Energy-efficient bcrypt cracking" by Katja Malvoni and Solar Designer View
Added "Rebound attacks on the reduced Grøstl hash function" by Florian Mendel, Christian Rechberger,
Martin Schläffer and Søren
S. Thomsen View
Added "How to improve rebound attacks" by Marı́a Naya-Plasencia from FHNW, Windisch, Switzerland View
Added "ECDH key extraction via low-bandwidth electromagnetic attacks on PCs" by Daniel Genkin, Lev
Pachmanov, Itamar Pipman and
Eran Tromer from Tel Aviv University View
Added "The number field sieve for integers of low weight" by Oliver Schirokauer View
Added "Analysis of SHA-512/224 and SHA-512/256" by Christoph Dobraunig, Maria Eichlseder and Florian
Mendel from Graz University
of Technology, Austria View
Added "Teaching an old dog (not that new) tricks - Stego in TCP_IP made easy (part 1)" by John Torakis
Added "Pozzo & Lucky, the phantom shell - Stego in TCP_IP (part 2)" by John Torakis View
Added "Manufacturing consent - The political economy of the mass media" by Edwards S. Herman and Noam
Added "La cryptographie militaire" by Auguste Kerckhoffs View
Added "nginx_A practical guide to high performance" by Stephen Corona View
Added "Fundamentals of digital logic with VHDL design (3rd edition)" by Stephen Brown and Zvonko
Added "Interactive computer graphics: a top-down approach with shader-based OpenGL (6th edition)" by
Edward Angel and Dave Shreiner
Added "Google infrastructure security design overview" by Google View
Added "The ProjectSauron APT, indicators of compromise" by Global Research and Analysis Team from
Kaspersky Lab View
Added "BETA CONTENT_ AppLocker FAQ" by Microsoft View
Added "BETA CONTENT_Planning and deploying Windows AppLocker policies" by Microsoft View
Added "Art of anti detection - 1, Introduction to AV & detection techniques" by Ege Balci (Invictus
Added "(Cross-)browser fingerprinting via OS and hardware level features" by Yinzhi Cao, Song Li and
Erik Wijmans View
Added "I know where your page lives - De-randomizing the latest Windows 10 kernel" by Enrique Elias
Nissim (IOActive) View
Added "Information security in Sweden - Situational assessement 2009" by Swedish Civil Contigencies
Added "Bringing real muscle to bear against Syria" by CIA View
Added "Rebuilding America's defenses_Strategy, forces and resources for a new century" by The Project
for the New American Century
Added "Child sex rings - A behavioral analysis for criminal justice professionals handling cases of
child sexual exploitation"
by National Center for Missing & Exploited Children View
Added "Executive summary of joint FBI-CIA report on extent of Saudi government support for terrorism" by
FBI and CIA View
Added "N2006P digital multi power, volt & amp meter operation manual" by e3b6a5y GlobalDigital View
Date: 31.12.16@2125 CEST
Added volumes 6-21 of Microsoft's Security Intelligence Report Browse
Date: 19.12.16@2245 CEST
Added "Higher order differential analysis of NORX" by Sourav Das (Infinera), Subhamony Maitra (Indian
and Willi Meier (FHNW) View
Date: 19.12.16@2218 CEST
Added "Dalvik Executable (DEX) trick: Hidex" by Axelle Apvrille from Fortinet View
Added "Hide Android applications in images" by Axelle Apvrille (Fortinet) and Ange Albertini (Corkami)
Added ""I've got nothing to hide" and other misunderstanding of privacy" by Daniel J. Solove View
Date: 18.12.16@1045 CEST
Added The Intercept's third dump of NSA's SIDtoday (first half of '04 and some '05) Browse
Date: 18.12.16@0044 CEST
Added "Password Interception in a SSL/TLS Channel" by Brice Canvel1 (EPFL LASEC), Alain Hiltgen (UBS
Vaudenay (EPFL LASEC) and Martin Vuagnoux (EPFL SSC & Ilion) View
Added "Cache-oblivious algorithms - Extended abstract" by Matteo Frigo, Charles E. Leiserson, Harald
and Sridhar Ramachandran from the MIT Laboratory for Computer Science View
Added "Password security: past, present, future (with strong bias towards password hashing)" by Solar
and Simon Marechal View
Added "Forward secrecy in TLS - A systematic study" by Nick Sullivan and Filippo Valsorda View
Added "The Linux kernel hidden inside Windows 10" by Alex Ionescu View
Added "A riddle wrapped in an Enigma" by Neal Koblitz and Alfred J. Menezes View
Added "Learning to Read Encrypted VoIP Conversations" by Fabian Monrose View
Added "Leaking beeps: unencrypted pager messages in industrial environments" by Stephen Hilt and
Added "Efficient zero-knowledge proofs" by Jens Groth View
Added "NORX v3.0" by Jean-Philippe Aumasson, Philipp Jovanovic and Samuel Neves View
Added "Not-quite-so-broken TLS 1.3 mechanised conformance checking" by David Kaloper-Meršinjak and
Added "DiskFiltration: Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard Drive
by Mordechai Guri, Yosef Solewicz, Andrey Daidakulov and Yuval Elovici from the Ben-Gurion University of
Negev, Cyber Security Research Center View
Added "Color image encryption using spiral encoding technique and symmetric key" by Jayeeta Majumder and
Pratim Bankura View
Added "Traffic analysis: or... encryption is not enough" by Carmela Troncoso View
Added "Microsoft Security Intelligence Report Volume 20" by Microsoft View
Added "Faster and timing-attack resistant AES-GCM" by Emilia Käsper and Peter Schwabe View
Added "RSA key extraction via low-bandwidth acoustic cryptanalysis" by Daniel Genkin, Adi Shamir and
Added "Does the online card payment landscape unwittingly facilitate fraud ?" by Mohammed Aamir Ali,
Martin Emms and Aad van Moorsel View
Added "Security flaws induced by CBC padding applications to SSL, IPSec, WTLS..." by Serge Vaudenay View
Added "How can quantum cryptography contribute to cyber-security ?" by Nicolas Gisin and Hugo Zbinden View
Added "Selecting cryptographics key sizes" by Arjen K. Lenstra and Eric R. Verheul View
Added "The ProjectSauron APT (v1.02, 9.8.16)" by the Global Research and Analysis Team from Kaspersky
Added "Electromagnetic Radiation from Video Display Units - An Eavesdropping Risk ?" by Wim van Eck View
Added "Windows 10 mitigation improvements" by David Weston and Matt Miller View
Added "Ceph, Gluster, Swift - Similarities and differences" by Thiago da Silva and Prashanth Pai View
Added "Efficient ephemeral elliptic curve cryptographic keys" by Andrea Miele and Arjen K. Lenstra View
Added "Case study: a computer science perspective of bridge design" by Alfred Spector and David Gifford
Date: 7.11.16@2146 CEST
Notice: the website was unavailable from the afternoon of Friday 4.11.16 until the evening of Monday 7.11.16 due
to an unexpected connectivity issue with the upstream provider. NO file has been altered during the downtime.
Date: 5.10.16@2322 CEST
Added "A High Throughput/Gate AES Hardware Architecture by Compressing Encryption and Decryption
— Toward Efficient CBC-Mode Implementation" by Rei Ueno, Sumio Morioka, Naofumi Homma and Takafumi
Added "Making master/slave systems work better with pgpool-II" by Tatsuo Ishii, SRA OSS, Inc. Japan
Added "Key-Recovery Attacks on Universal Hash Function based MAC Algorithms" by Helena Handschuh and
Bart Preneel View
Added "Practical Forgeries and Distinguishers against PAES" by Jérémy Jean, Ivica Nikolić, Yu Sasaki
and Lei Wang View
Added "Practical Cryptanalysis of PAES" by Jérémy Jean, Ivica Nikolić, Yu Sasaki and Lei Wang View
Added "Off-Path TCP Exploits: Global Rate Limit Considered Dangerous" by Yue Cao, Zhiyun Qian, Zhongjie
Wang, Tuan Dao, Srikanth V. Krishnamurthy and Lisa M. Marvel View
Added "Using AES Round Symmetries to Distinguish PAES" by Jérémy Jean and Ivica Nikolić View
Added "PAES v1: Parallelizable Authenticated Encryption Schemes based on AES Round Function" by Dingfeng
Ye, Peng Wang, Lei Hu, Liping Wang, Yonghong Xie, Siwei Sun and Ping Wang, Institute of Information
engineering, Chinese Academy of Sciences View
Added "Spot me if you can: Uncovering spoken phrases in encrypted VoIP conversations" by Charles V.
Wright, Lucas Ballard, Scott E. Coull, Fabian Monrose and Gerald M. Masson, Johns Hopkins University
Added "Truncating TLS Connections to Violate Beliefs in Web Applications" by Ben Smyth and Alfredo
Pironti, INRIA Paris-Rocquencourt View
Added "Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow" by Shuo Chen,
Rui Wang, XiaoFeng Wang and Kehuan Zhang View
Date: 16.8.16@1203 CEST
Added "Bicliques for Preimages: Attacks on Skein-512 and the SHA-2 family" by Dmitry Khovratovich,
Christian Rechberger and Alexandra Savelieva View
Added "Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice" by David Adrian, Karthikeyan
Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green, J. Alex Halderman, Nadia Heninger,
Drew Springall, Emmanuel Thomé, Luke Valenta, Benjamin VanderSloot, Eric Wustrow, Santiago
Zanella-Béguelin and Paul Zimmermann View
Added "NISTIR 8105 Draft: Report on Post-Quantum Cryptography" by Lily Chen, Stephen Jordan, Yi-Kai
Liu, Dustin Moody, Rene Peralta, Ray Perlner and Daniel Smith-Tone View
Added "On Collisions for MD5" by M.M.J. Stevens View
Added "To Decode Short Cryptograms" by George W. Hart View
Added The Intercept's second dump of NSA's SIDtoday (second half of '03, plus '04-'05) Browse
Date: 8.7.16@1920 CEST
Added "On the Possibility of a Back Door in the NIST SP800-90 Dual Ec Prng" by Dan Shumow,
Niels Ferguson, Microsoft Corporation View
Date: 16.6.16@2304 CEST
Added "Erasure Codes for Storage Systems - A Brief Primer" by James S. Plank View
Date: 13.6.16@1804 CEST
Added FF 2015 6597 by the Federal Chancellery of Switzerland View
Resolved issues with the rendering of non-ASCII characters
Date: 10.6.16@1957 CEST
Added "Untangling The Web - A Guide To Internet Research" by the NSA View
Date: 8.6.16@1358 CEST
Added manual for the Supermicro X10SRL-F motherboard View
Date: 8.6.16@1007 CEST
Added NSA's reply to Jason Leopold's Freedom of Information Act request
regarding Edward Snowden View
Date: 25.5.16@1710 CEST
Added "Plaintext-Recovery Attacks Against Datagram TLS" by Nadhem J.
AlFardan and Kenneth G. Paterson, Information Security Group, Royal
Holloway, University of London View
Date: 18.5.16@1743 CEST
Initial release of this document; pre-existing PDF files are not
Added The Intercept's 2003 dump of NSA's SIDtoday Browse