[mcantelon]

Exposing the real names of anonymous/pseudoanonymous people, regardless of whether it's hard to find out (given that many people suck at opsec), is probably the most common scenario people refer to when using the word "doxing".

"researching and broadcasting private or identifying information (especially personally identifying information) about an individual or organization"

https://en.wikipedia.org/wiki/Doxing

[tptacek]

I don't care what you call it. If that's what "doxing" means, then I don't know why Krebs would ever be obligated not to "dox". What I see here is a motte and bailey argument where the argument people seem to want to make is that everyone in the world is obliged to honor message board norms that say the real identities of pseudonymous people can't ever be revealed, but when that's challenged, they retreat to the banal argument that the personal addresses and phone numbers of journalists shouldn't be circulated on sites that encourage SWATting.

I'm not talking about personal addresses and phone numbers. I'm talking about names and public LinkedIn profiles.

[mcantelon]

So you think it's okay to connect a pseudonym to a real identity, but not a real identity to a physical address?

[tptacek]

I don't know how I feel about the latter case but can stipulate that it's problematic. What does that have to do with the former case?

[mcantelon]

You're asking what one form of doxing has to do with another? Well... they're both forms of doxing. You seem to arbitrarily consider one form a problem, but not the other.

[tptacek]

That is correct. Just because you apply some name with negative message board valence to a set of conduct, that doesn't by itself make it reasonable to condemn every behavior in that set. This seems pretty obvious to me. What am I missing?

[mcantelon]

I'd say it's pretty reasonable to condemn two ways of exposing people to possible harassment and violence.