[oldkn]

I've seen the theme of "maintainer of popular open source product is threatened by person who doesn't understand it's just a component" show up a few times, but when I think about it most those times have been related to curl specifically. Maybe it's because of the domain haxx.se? Or maybe Daniel just writes about it a lot? Does this kind of thing happen so regularly to others?

[masklinn]

It’s because curl and libcurl are used virtually everywhere, and clearly identified. This means in any problematic or malicious device or software, odds are good the first clearly identifiable thing you’ll find are references to curl.

Though the domain probably doesn’t help with the association. If you got hacked and the first clear string you find is “haxx.se” it’s not a big leap to interpret it as a taunt.

[sime2009]

I'm guessing it is because people who create these hacking tools often need to do HTTP requests, so they just copy in libcurl source and before you know it Daniel's name is associated with all these tools and attacks.