Wow, this entire article seems to be more a "let's repost every tweet that hates Krebs". Most of it assumes he is a "a 50-year-old dude in a suit" doing cyberstalking, but I don't think that is an accurate description. Keep in mind, much of the criminal hackers do not like Krebs because he exposes them. People Swat his house and attempt to entrap him. So reposting a bunch of hate-Tweets is stupid.
Yes, Krebs' does his own research, but he also has hundreds of security researchers and contacts that provide him info, many of those are insiders. In his book Spam Nation, he even goes to Russia to visit a crime boss to ask tough questions. This isn't some cyberstalker.
Krebs is a better researcher than most, so I tend to trust his doxx. Most of the info he publishes is already public (poor opsec) and he is more thorogh than Reddit. Can he be wrong? Sure..... should he doxx? I don't know, that's an ethics question.. but if he's wrong on this, I'm sure Brian will reconsider that in the future
There are two issues to consider here: whether he is correctly identifying the people he doxxes and the ethical implications of his decision to do so. He received a fair bit of backfire for doxxing security researchers a few years ago (including @notdan) https://itwire.com/security/infosec-researchers-slam-ex-wapo...
For me (and I'd imagine most folks coming to a board called "Hacker News"), doxxing independent security researchers for the crime of port scanning is highly unethical behavior, and this vigilante crusade to doxx hackers is appearing to generate yet more collateral damage in the reckless pursuit of clout.
I suppose we can never truly know what motivates anyone to do anything. I'm not committed to that stance, but even if he had the most pure of motivations it wouldn't materially change the consequences (both ethical and practical) of his actions.
> In March 2018, he came under fire from users of a German image board pr0gramm.com after he revealed details about several admins and moderators in an article which claimed to identify who was behind the cryptocurrency mining service Coinhive.
> In April last year, Krebs was again slammed by security researchers after he doxxed two of them on Twitter, apparently because he disagreed with them about the operations of Spamhaus.
He might be good at his work but he's not a god, he can't be right 100% of the times. We still have to evaluate him based on evidence everytime he utters anything.
Yes, Krebs' does his own research, but he also has hundreds of security researchers and contacts that provide him info, many of those are insiders. In his book Spam Nation, he even goes to Russia to visit a crime boss to ask tough questions. This isn't some cyberstalker.
Krebs is a better researcher than most, so I tend to trust his doxx. Most of the info he publishes is already public (poor opsec) and he is more thorogh than Reddit. Can he be wrong? Sure..... should he doxx? I don't know, that's an ethics question.. but if he's wrong on this, I'm sure Brian will reconsider that in the future