[mirimir]

Krebs does indeed habitually doxx alleged criminals. There's a perfect example just a ways down from TFA: "Meet the World’s Biggest ‘Bulletproof’ Hoster".[0]

And he doesn't just rely on public sources:

> KrebsOnSecurity uncovered strong evidence to support a similar conclusion. In 2010, this author received a massive data dump from a source that had hacked into or otherwise absconded with more than four years of email records from ChronoPay — at the time a major Russian online payment provider whose CEO and co-founders were the chief subjects of my 2014 book, Spam Nation: The Inside Story of Organized Cybercrime.

> Querying those records on Yalishanda’s primary email address — stas_vl@mail.ru — reveal that this individual in 2010 sought payment processing services from ChronoPay for a business he was running which sold counterfeit designer watches.

And he posted a copy of the guy's passport!

0) https://krebsonsecurity.com/2019/07/meet-the-worlds-biggest-...

[tptacek]

Where by "habitually doxx", you mean "reports", which is what reporters do. When it's Fortune 500 executives or politicians, we seem to have no problem with this behavior; in fact, we get mad when it doesn't happen. But when it's someone in our "tribe" getting reported on, there's this whole new set of rules that supposedly applies. It seems like special pleading to me.

[mirimir]

Sure, that's what some journalists do. But Krebs' thing is being a grey-hat vigilante. He does social engineering on forums. He trades data with other vigilantes.

> ... you mean "reports", which is what reporters do ...

So this doxx site just reports on people, no?

The distinction between him and the doxx site he writes about is subtle.

[tptacek]

Mainstream reporters semi-routinely break actual laws to break stories, and are received as heroes for it.

[mirimir]

I'm sure that the doxx site in TFA is "received as heroes" by some. As with many things, much depends on whose ox is getting gored.

Also, "semi-routinely break actual laws" is a huge bin. Reporters also get sued for libel. And sometimes lose.

Edit: And hey, once you're "break[ing] actual laws", you're a criminal. And by Krebs' standard, you're fair game.

[tptacek]

Sure? OK? And?

[mirimir]

It was dumb of me to get into this thread. Arguing about the morality of Krebs' blog in a discussion about neofascist (and arguably, ironic neofascist) doxxing and SWATing was off-topic whataboutism. So sorry.

But for what it's worth, I'll briefly clarify my position. I'm rather anarchistic, but not very collectivist or communitarian. I believe that we're all free to do what we like, consistent with our principals and values. Notwithstanding whatever laws exist. And that includes self defense, and weeding out troublemakers.

So in that sense, I agree that Krebs has the right to doxx supposed criminals. But I also believe that others arguably have the right to act against those who attack them. And of course, everyone else has the right to act against those who attack them, recursively.

So it's fair to root for Krebs, and to attack neofascist doxxers. But, in my opinion, it's deceptive to argue that one is moral, and the other is evil.