How to prove that a web page that's there now, was really there, once it's not there anymore.
January 18, 2008 7:48 PM   Subscribe

How to prove that a web page that's there now, was really there, once it's not there anymore.

Here's the deal:

I'm havine a semi-public disagreement w. some folks. They have some slightly incriminating information on their web site that makes my side of the story look good, and their side of the story looks not so good.

My concern is that they're going to replace the incriminating information with unincriminating information, and then claim that the incriminating information was never there.

Are there any steps I can take now, while the incriminating information is still up, that I can use to prove later that it was there.

I thought about submitting the site to the wayback machine, but the timeframe is all wrong - if they take the site down, they'll do it soon. If I need to demonstrate it was there, I'll need to do that soon, too. I think the wayback machine works on a schedule of months...

(Details left out because they are too embarrassingly boring to explain - neighbourhood politics. Bah...)
posted by ManInSuit to Computers & Internet (47 answers total) 5 users marked this as a favorite
Best answer: Google cache? Just google the URL and click the little cache link in the description. Google never forgets.
posted by sanka at 7:50 PM on January 18, 2008

Response by poster: Sanka - Good idea. But I assume the time-window of usefulness is narrow yes? That the cached version is only available until google re-crawls the page. Anyone know if that's right?
posted by ManInSuit at 7:54 PM on January 18, 2008

The Google cache only preserves what the spider saw the last time it crawled the page. If it reindexes the page after said information is removed, it won't be there anymore. I would suggest screenshots with the URL clearly visible and printouts.
posted by calistasm at 7:55 PM on January 18, 2008

How about a screenshot with CNN in another window, to "prove" the date. Printouts. PDF.
posted by idb at 7:59 PM on January 18, 2008

I'm sorry, I didn't read the last half of your post, you already knew about Mr. Way Back. If it were me, I'd doubleclick on my clock, showing the date and time in the corner, screenshot the hell out of it, then email the screenshots to myself and someone else.
posted by sanka at 8:03 PM on January 18, 2008

Response by poster: idb - I thought of that (and some variations). But anything I can think of seems ridiculously easy to fake. Who's to say I didn't edit the page in dreamweaver or photoshop?
posted by ManInSuit at 8:03 PM on January 18, 2008

i think going low-tech will serve you well in this case: print out a copy of the most relevant page, fold it into thirds, staple it shut, and mail it to yourself. that way the postmark gets onto the page directly (and not just an envelope).
posted by thinkingwoman at 8:06 PM on January 18, 2008 [4 favorites]

thinkinwoman has the best answer so far. You can also take a video of it and have other things proving the date on the continuous video. That could all still be faked probably, but I assume you are just some guy, not Hollywood, and noone will think you went to all that trouble to fake it.
posted by Falconetti at 8:09 PM on January 18, 2008

Best answer: You might try taking a picture of the screen (with cnn clearly in view). People place more trust in actual photographs than they do in screenshots.

Really your best bet is to get multiple witnesses to the page in question, including some parties who have no interest in the dispute.
posted by tkolar at 8:11 PM on January 18, 2008

The cryptographic way to prove you haven't altered a picture is to take a hash of the image you create with the screenshot. A cryptographic hash is like an almost unique fingerprint of a file. It is generally infeasible to fake.

This link will let you hash things online. Use a MD-5 and SHA-1, and send both of those hashes.

Mail it to someone who is neutral and trustworthy and can verify the hash was sent when it was. Or just publish them here as well, so you can refer to them later.
posted by procrastination at 8:11 PM on January 18, 2008 [2 favorites]

Take a screenshot, and mail them a copy of it so that they know you know about the information etc.

Even if they take it the incriminating info down, they will always know you know, and depending on how computer savvy they are, this tactic alone might make them believe you have an inviolate record of what their site once said.
posted by extrabox at 8:12 PM on January 18, 2008

Best answer: Screenshots, hashes, mail, whatever: these prove that three was a file (or screen) that said X, but they do nothing to prove that that file or screen originated anywhere but a local photoshop/dreamweaver/emacs.

If you are at the stage of getting lawyers involved perhaps an injunction/restraining order that forces the ISP to keep records of the pages in question.
posted by IvyMike at 8:42 PM on January 18, 2008

Best answer: it's been a long time since I read up on cryptographic stuff (2001, when I was a sales engineer for a public key infrastructure (PKI) system), but this sort of situation is covered in the textbooks. In theory, the electronic way to do this would be to send this to a trusted/certified service that would timestamp it, hash it, and then sign it.

the 'real life' version of this would be something like printing out the page in question and taking it to a notary (or perhaps having the notary print it out themselves, i suppose).

No idea what the legal status of either of these options are -- I suspect neither would be a 'smoking gun', and probably both would need their case argued by a lawyer, as would 'poor man's copyright' (the mailing it to yourself process), which I've heard is ill-regarded in legal circles.

but hey, if it makes you feel better, I bet a notary would do it for under 10 bucks. If it's important enough, just hire a lawyer and have them tell you how to proceed.
posted by fishfucker at 8:51 PM on January 18, 2008

procrastination: Someone would only be able to verify the screenshot if the page had not changed by a single pixel (including ads, the current date, anything). Also, that person would need to take an identical screenshot in exactly the same size using exactly the same compression algorithm at the exact same settings. I don't understand how this would work.
posted by null terminated at 8:53 PM on January 18, 2008

Response by poster: Ivymike - it seems to me you're right. Any sort of hash or postmarking or any of that don't work without something to prove that the page was actuall up on their site. None of those things, on their own, prove anything, unless I'm missing something.

I guess I was imagining there might be some sort of trusted third party site where, say, you could submit an url, and it woudl digitally sign something saying "this page was at this url on date X'. I suppose this would still only be as trustworthy as the site signing it, but I'd be okay with that. (Like I'd be okay with depending on the reliability of the Wayback Machine or the Google cache).

When I posted this, I thought there might be a high-tech answer. But I guess the best solution is just the low-tech answer of witnesses, which is pretty much what tkoloar suggests - just get a couple of disinterested people to look at the page now (and maybe take a sreenshot).

I guess that'd work.

(Though the geek in me still wants an automated online url-signing machine. :)

(On preview - fishfucker - your notary idea also sounds like the right sort of low-tech solution...)
posted by ManInSuit at 8:58 PM on January 18, 2008

[I'm sure lawyers deal with this issue regularly]

Going one step beyond procrastination's link, you could have some trustworthy person cryptographically sign a copy of the page with their public key, accompanied by an affidavit stating that they downloaded it on such and such a date from that particular URL. Then, you could have printout of the crypto signed web page and affidavit notarized by a notary public.

Failing that, you could try ReadNotify, which appears to automatically cryptographically sign anything you email them. This would prove that you sent a copy of an exact page at an exact time. It wouldn't prove that you didn't create the page or mess around with a copy of their page, but it would be harder to fake than using a regular snail mail postmark (thinkingwoman's approach could be faked by mailing yourself some blank pages taped together, then printing something on them and refolding an stapling them).

Perhaps finding a notary who has a computer and can surf to an address, print it, have you sign it, then notarize it for you.
posted by i love cheese at 8:58 PM on January 18, 2008

you could try a service like browsershots or perhaps another like it that will archive these for you. That way the 'proof' would have been generated and stored without your complete control.

haha, or you could try to get it popular on digg, that way you'd have thousands of 'witnesses'. That's totally easy, right?
posted by JRGould at 9:14 PM on January 18, 2008

Sorry, I didn't do a good job explaining the idea of hash commitment before. The whole point is to prove that you had a particular file at a certain time.

Hashes can easily be created from a file, but given a particular hash, it is virtually impossible to find a file that will produce that hash.

So you take a screen shot and save it. This, as some people commented, does not prove the screen shot was not altered by you. Next, you create a hash of the saved screen shot.

Since the hash is infeasible to duplicate, you then make it public in a way that indelibly marks a particular early time that you had the hash. This can be done by sending it to a third party or publishing it publicly so you can show the hash was available at time A.

Later, at time B when you want to prove you had the screenshot file in question, you reveal the file. Anyone can compute the hash from the file. They can then see that you published the hash at time A. The only way you could have known the hash was if you had the file, and if the hash matches it shows that hadn't been altered since.

I see now that this wasn't what ManInSuit needed, since there is no way to prove you didn't fake the screen shot before hashing, but that is how it works. It is called hash commitment to crypto people.

Also, it is possible to fool the Wayback Machine. I don't have details, but some forensics person had a web page added that showed up at a much earlier date somehow. They did this recently to prove it wasn't trustworthy enough for court.
posted by procrastination at 9:19 PM on January 18, 2008

Save the html to disk. If this ever comes to a lawyer you might have to sign something saying this is from the site on this day. A photograph with you and your buddies holding a newspaper in front of the biggest LCD you can find is just as much evidence except saving the file doesnt make you look like a crazy kidnapper. Seriously, some lawyer is going to have a strong bellylaugh when you walk out of office. Are you also going to leave him some DNA to verify your identity?

Neither the judge nor the lawyer will remotely understand your long-winded cryptographic explanation and any expert will say that any digital file can be faked. Your best bet is to just make it look like you made some real good faith efforts to document your disagreement.
posted by damn dirty ape at 9:20 PM on January 18, 2008

Have someone who understands the information and the internets print it out with a date stamp and sign it. That person may need to testify in court as to the fact that they printed this out on such and such date, etc. so they should be someone who will make a good witness, and not a best buddy or relative who might appear biased. It's all about making a good showing that will be hard to poke holes in by the other side. If there is a lot of money riding on this then hire a lawyer to do it and then a separate lawyer for your litigation. The first lawyer is your witness.
posted by caddis at 9:37 PM on January 18, 2008

In any event you should print out copies straight away, with the time and date. That in and of itself is pretty decent evidence, and it sure beats nothing but your memory if they change it tomorrow.
posted by caddis at 9:40 PM on January 18, 2008

Hash commitments are typically used when someone wants to commit to a value without actually showing that value. For example, they can be used perform fair coin tosses over the phone. In this case, the screenshot wouldn't be secret, so publishing the hash or sending the hash to a third party is no more effective than simply publishing the image or sending it to a third party (besides the marginal size difference).
posted by null terminated at 9:48 PM on January 18, 2008

Hash and all that jazz are not the way to go. You are potentially going to have to convince a jury of regular folk that what you printed is a true and correct copy of the way the page is right now. Hash and all will require you to hire an expert who will give testimony that will likely confuse the jury. The screenshot idea is not bad as that is harder to manipulate so the assertion by the other side that that is what you did is more incredible. Still, one of the easiest ways to convince this audience is with a human being who can testify that the copy put before the jury is a true and accurate copy, printed by them, as of some date, and if that person is a court officer such as an attorney with too much to lose over perjury then even better. Think like a juror. What would you like to see?
posted by caddis at 9:56 PM on January 18, 2008

Post the relevant info here, along with the URL. We can go and verify that what you posted is on the site, and leave comments reflecting that. This thread becomes a time dated record on a public website of the relevant contents of the web site in question.
posted by jpdoane at 10:11 PM on January 18, 2008

It's simple. Print out the page, and get two witnesses unrelated to you to sign that that the screenshot they see corresponds to what is on the page right now. This is enforceable in a court, as you have signed witnesses willing to testify.
posted by markovich at 10:22 PM on January 18, 2008

Go to a notary's office, load the webpage on their computer, print it out from their system, and have them notarize the printout. It's what they do. It might cost you 40 bucks or something.
posted by Rumple at 10:33 PM on January 18, 2008

If you're lucky, maybe the version as you see it is in the Wayback Machine at
posted by secret about box at 10:54 PM on January 18, 2008

While everyone's saying the obvious truth here that you can easily alter EVEN LIVE WEBPAGES WITHIN YOUR BROWSER and thus screenshots are useless...

A LOT of people, including lawyers and judges don't know this to be the case. If these are lower-level tech people and the issue is relatively lower-level itself, the authenticity of the screenshots might never come into question if you have the URL and time/date printed as a footer.

Not saying that it couldn't or won't, but just saying start there, and maybe rely on or some such later. (An independent archiver of the site.)
posted by disillusioned at 10:56 PM on January 18, 2008

Is this a legal case? If it's just some internet argument, seriously, just post the URL right away and you have many many witnesses. You could point out to your foe that readers of the 4,394th most popular website on the internet saw their shame, which would probably preempt even actually having to get one of us to vouch for you. We don't have Goon Justice or a Party Van, but we're probably still good for something.
posted by TheOnlyCoolTim at 11:30 PM on January 18, 2008

Following on the line of getting a notary to sign it, there's digitalnotary who appear to specialise in this area, including online verifying of pages hosted on hostile remote servers for use in legal cases (for a fee)
posted by ArkhanJG at 11:46 PM on January 18, 2008 [3 favorites]

ArkhanJG, that sounds exactly like what ManInSuit was looking for. Neat. (I'd be interested to see how that service stood up in a real case, too.)
posted by IvyMike at 12:15 AM on January 19, 2008

Ah, digitalnotary -- again, the ideal of how the world would work if bruce schneier was in charge.

unfortunately, if you try to use it, "step 3" redirects you to some site where you can buy olympic apparel. I'm pretty sure this is not what you want to do.

so yeah, I'm skeptical that such an electronic service exists for this function. There ARE digital signing services -- we're using them at my work right now to sign preliminary legal contracts -- but I haven't seen one that specifically exists to do date-time stamping (disclaimer: haven't looked). I don't doubt that they could exist, I just don't think one is established yet to the point where anyone would give them any sort of legal standing.

meanwhile, this is still an interesting crypto problem for most people, so I'm sure there'll be a lot of folks who can advise you in theory how this SHOULD and WOULD work -- i just think you're a little early to be doing it (thank god -- I wouldn't want anyone holding me to what I said about metallica on usenet in 1992).
posted by fishfucker at 2:00 AM on January 19, 2008

People use printouts of websites as evidence in courts all the time, and none of this "open a CNN window" business is necessary.

Print the website. Make a note of when you printed it. If it gets down to it, swear a statutory declaration or an affidavit explaining how and when you viewed and printed the page, and annex your print-out.

Like I said, this is very common.

If you're really worried about being accused of forgery, get an independent person to print it out and swear to it. Lots of people have suggested a public notary, which is probably sufficient. Caddis suggests a lawyer, and if you're going to court over this you'll probably have one. No need to get a second lawyer to do it -- lawyers are officers of the court and there's not going to be any suggestion that your lawyer forged the document.
posted by robcorr at 4:11 AM on January 19, 2008

Best answer: I'm a notary public. I'll print out the page, put my seal on it and sign it for free, if that would help.
posted by Rock Steady at 6:12 AM on January 19, 2008 [1 favorite]

What about videotaping someone opening up this page? Go to the library (so no one can say that you set up your personal machine to force anything). Tape the librarian speaking the current date, or tape the front of the current newspaper or something. Tape the librarian going to one of the machines in the library, typing in the url, and tape the page displaying. Then post the video online, and keep the original ... somewhere - lawyer's office, safe deposit box, whatever.
posted by SuperSquirrel at 8:47 AM on January 19, 2008

These seem like pretty complex solutions with extensive loopholes for what sounds like relatively minor local politics. Relatively. I know it's a serious matter for the person asking.

Why not just e-mail a link to the page with the content copied below to all stakeholders in the issue (that is, folks on both or all "sides" of the dispute, or anticipated dispute)? I am certain that a significant number of parties would be able to view, save, print, and mentally process the said web page before anyone would be able to take it down or modify it (the former being a possible panicked reaction that would do more to bolster your case, frankly).

People would know what they saw, should it go away, and bolstered by their collective knowledge and your screenshots and printouts, I don't think the authenticity of the web page content claim will be much in doubt. Thinking back to even high-profile "the page said {x} before they changed it" cases, I'm pretty sure there weren't any hashes or videos next to newspaper website maneuvers involved to "prove" it.
posted by pzarquon at 10:26 AM on January 19, 2008

OP: take advantage of Rock Steady's very generous offer that perfectly suits your stated needs.
posted by Rumple at 10:57 AM on January 19, 2008

Very active post; would have been useful for me a few times. I would have to second/third the printscreen fxn with timestamp/date and then notary. Saw that other's provided links and from whom, but I would imagine this would be the best route.
posted by uncballzer at 11:01 AM on January 19, 2008

[Obligatory IANAL] I think merely printing it out and mailing it to yourself, or printing it out and getting a notary to stamp it, doesn't prove anything. I think you really need someone reputable (and impartial) to certify that they viewed the URL x on date y and it does, in fact, match what you have printed out in sealed envelope z.

I'm not sure that the CNN thing accomplishes anything useful in your case: what you're trying to prove isn't the specific date that it was there, but that it was there at all, as opposed to something you faked. It can't hurt to include CNN in the screenshots, but it seems tangential to what you want to do.

Also: the Wayback Machine may or may not be useful, but it can't hurt to submit the URL, can it?

As an aside, if it comes down to it, could you subpoena the file's timestamp on their webserver? While it's entirely possible to fake, it's not the most trivial thing to do, especially if they don't own the server. (And furthermore, unless they were acutely aware of your intentions, they probably wouldn't even think to fake it.)

Also, if you haven't already: print the webpage out right now, and forward the URL, right now, to some friends removed from your argument, to view and have them witness that the incriminatory statements are there. It's not the best, obviously, but I want to make sure that you do something now to start, as opposed to waiting until a perfect solution is available.

When taking screenshots, do it in IE. A screenshot within Firefox + Greasemonkey would be a defense attorney's dream.
posted by fogster at 11:49 AM on January 19, 2008

or printing it out and getting a notary to stamp it, doesn't prove anything.

Hence the suggestion that the screenshot be printed out by the notary.
posted by Rumple at 12:01 PM on January 19, 2008

You also might be able to find the old version on the internet archive's wayback feature. I think it takes a while for the archives to appear so this would be a last ditch effort if nothing else works out for you.
posted by GlowWyrm at 1:07 PM on January 19, 2008

Response by poster: Rock Steady- whoa!
Thanks! I'll send you the page.
posted by ManInSuit at 3:04 PM on January 19, 2008

Done and done. I'm happy to do it, but like others have said, I don't know if it will hold much water in a court of law, especially a Canadian one (I'm in the US).
posted by Rock Steady at 3:45 PM on January 19, 2008

Go to a notary (Rock Steady's kind offer notwithstanding) and videotape them typing in the url on their computer and videotape the contents of the screen. Take and print the screenshot, seal it in an envelope which the notary signs. You've been taping the whole time, one uninterrupted shot. Remove the tape from the camera and put that in a bigger envelope with the screenshot envelope. Seal it and have the notary sign the seal.
posted by dirtdirt at 4:54 PM on January 19, 2008

agghh, this stuff pains me. OK, talk to an attorney. You have gotten lots of not so hot advice here. You want to build a record and one that will be easy to present in court, easy for the jury to understand and rock solid. Robcorr's advice will get you there. I offered some slightly more conservative advice for more important matters. An affidavit is nice, but you want one that can be verified in court with testimony. Rock Steady's offer is very nice, but will Rock Steady be available for trial. Someone local is better. You want someone who understands what is on the web page so they can testify about it. You need someone who can find the page on their own, who can record the url on their own, who can refute in court any allegations that they received a url from you, one that might have been malformed to take them to a fake page, or that they used a computer under your control. All this videotaping and other stuff is on the right lines but pales by comparison to actual testimony from a neutral and disinterested party who is a smart and knowledgeable witness on the stand. An attorney would be best, a smart and computer savvy notary would be almost as good, although it all comes down to the person so even the notary might be the best depending. If all you have is a naked affidavit that is subject to attack in court, without the testimony of the notary you will have a hard time refuting those allegations. Your printing of the current page and testimony that it is an accurate representation of the current page is good, but to nail it down you want someone neutral who can make that same testimony. Talk this through with an attorney rather than taking a bunch of amateur advice from AskMe. We are probably all wrong, but if you think about how this will play out in a trial, much of the advice here is really not practical.
posted by caddis at 8:47 PM on January 19, 2008

Response by poster: Thanks for all the great and thoughtful advice. The issue I'm dealing with isn't a big enough deal to merit an attourney, and won't go to court. I've taken up Rock Steady's offer to print ant notarize the page, which should be more than good enough for the situation I'm facing. Thanks for your help, everyrone!
posted by ManInSuit at 9:09 AM on January 20, 2008

but will Rock Steady be available for trial

For travel expenses and a modest generous lavish per diem, I can be available for trial.
posted by Rock Steady at 9:15 AM on January 20, 2008

« Older A/S/...anybody, anybody?   |   Is it worthwhile to enter therapy if you're not in... Newer »
This thread is closed to new comments.