Mastodawn

BrianKrebs Dec 24, 2022

Everything online gets leaked, lost, sold or stolen eventually. This is a fundamental reality that catches up with everyone. BTW this is not a recently acquired conviction: https://web.archive.org/web/20190216141214/https://twitter.com/briankrebs/status/1045091640480804864

But please, convince me I'm wrong if you can!

I know that over the years I've radically overhauled how I interact with companies I chose to do business with. For starters, I assume breach, which means that any information I share with them is likely going to be on the Internet at some point.

E.g., I no longer sign up for a new account somewhere without also doing it in a local, hardened VM and VPN.

I assume that the IP address I used to sign up there will be leaked in connection with my other account details, and probably the last IP I used. I assume records of what I'm doing or buying there will also be leaked.

Hell, I do pretty much all of my news reading now in the same kind of (separate) setup. No way I'm agreeing to run 97 pieces of Javascript from 22 uncertain destinations on the web. I know a lot of my readers unfortunately swear by ad blockers and rarely make exceptions (I'm not a big user of them myself for a variety of reasons), but being able to reset your system after a weekend of wantonly browsing the web is also nice.

Those are just a few basic examples. But I'm curious to hear from others -- How have the folks here altered the way they live and work online in response to the incessant reminders that everyone gets pwned?

Some food for thought over the, er...food coma the next few days :) Cheers!

briankrebs on Twitter

“Being in infosec for so long takes its toll. I've come to the conclusion that if you give a data point to a company, they will eventually sell it, leak it, lose it or get hacked and relieved of it. There really don't seem to be any exceptions, and it gets depressing.”

Twitter

@briankrebs signing up for websites makes no sense to me in a vm. That honestly just sounds like you're looking for additional points to make.

Nowhere did I see you mention that you then re-access those websites through that specifically created VM, thusly obviating the need for it in the first place.

I want to think that this is all meant in good honest intentions but I mean it really sounds a little bit like fear mongering.

Maybe that's just what you have to do these days, and I don't mean that a shot at you, I mean generally, just to earn eyeballs.

I fully understand that the threat models are different for you and myself, but I don't understand the holes in yours as you laid them out.

Allison Nixon Dec 24, 2022

@stoXe @briankrebs Krebs is a case study in how far bad actors can go in targeting someone. The amount of retaliation he's gotten for his cybercrime reporting over the years is insane. He's basically a honeypot, for what those of us in the fraud space will see targeting regular people, but 2 years in advance.

@nixonnixoff @stoXe @briankrebs krebs has had several attempts on his life. Idiots have swatted him multiple times in attempts to silence him. I respect that he refuses to be intimidated and continues to fight.

Allison Nixon Dec 25, 2022

@D0xter @stoXe @briankrebs The first guy that swatted him was destined for great things. He's now in a Phillipines prison for murdering a girl.

A later guy that tried to swat him grew up to become the latest hosting provider for Kiw*farms.

Threat intel people should always pay special attention to threat actors that harass Krebs, because they tend to be more dangerous than usual.

Also because it's wrong to let attacks on journalists slide.

D0xter Dec 25, 2022

@nixonnixoff @stoXe @briankrebs wow! That’s….that is horrible. I mean the starters both don’t care about human life. Swatting is lower than low, someone can easily die at the hands of police because of it.

JShafer817 Dec 25, 2022

@nixonnixoff @D0xter @stoXe @briankrebs Whitepacket swatted me.. like he isn't getting caught lol

D0xter Dec 25, 2022

@JShafer817 @nixonnixoff @stoXe @briankrebs they always get caught. That is horrible that you had to experience that.

JShafer817 Dec 25, 2022

@D0xter @nixonnixoff @stoXe @briankrebs I guess well see.

Fritz Adalis Dec 25, 2022

@nixonnixoff
@D0xter @stoXe @briankrebs
Krebst Canary

@nixonnixoff @D0xter @stoXe @briankrebs

"Also because it's wrong to let attacks on journalists slide."

So is getting doxxed by journalists because you disagree with them.

Allison Nixon Dec 25, 2022

@mrgl @D0xter @stoXe @briankrebs sometimes I see this refrain among bitter cyber criminals many of whom got arrested later on as a direct result of his reporting.

@nixonnixoff @mrgl @D0xter @briankrebs do you know what the word refrain is? Not sure you're using it in the right contacts because I have no idea what you're saying no one refrained from anything

Allison Nixon Dec 26, 2022

@stoXe @mrgl @D0xter @briankrebs "a common refrain"

luneellise21 (xe/xer)Dec 27, 2022

@stoXe @nixonnixoff @mrgl @D0xter @briankrebs in the right CONTACTS lmao

@luneellise21 @nixonnixoff @mrgl @D0xter @briankrebs that's what happens when you use voice to text and don't check it oh well you know exactly what I meant

Robin Norris Dec 29, 2022

@stoXe @nixonnixoff @mrgl @D0xter @briankrebs
See, I just thought it was in this context: “phrase or verse recurring at intervals in a song or poem, especially at the end of each stanza; chorus.”

luneellise21 (xe/xer)Dec 27, 2022

@mrgl @nixonnixoff @D0xter @stoXe @briankrebs pft go back to Twitter then

Patrick Dec 27, 2022

@D0xter @stoXe @nixonnixoff @mrgl @briankrebs Krebs isn’t doxxing randos who disagree with him, he’s reporting on crime.

This is like complaining that a journalist referred to a mobster by his name instead of “clamps” or whatever his nickname is.

Allison Nixon Dec 27, 2022

@tcb @D0xter @stoXe @mrgl @briankrebs Here's a screenshot of some comments we captured from a specific user in a hosting provider's Discord server, username removed. This person was the same swatter that Krebs reported on years ago. The swatter seems to think the real crime was associating his name to his acts.

@nixonnixoff @tcb @D0xter @mrgl @briankrebs what is that supposed to show? A lot of people dislike the fact that he dox people. Just because he's disliked by some doesn't mean anything

@tcb @D0xter @nixonnixoff @mrgl @briankrebs this is actually not true. If it were crime wouldn't there be a court case following it. Or if he was publishing some information that was unknown to authorities wouldn't there be a court case following?

You just have to Google it and you can find out who he has doxed without criminal charges.

Regardless, I don't feel, it's the right way to do things generally.

Allison Nixon Dec 27, 2022

@stoXe @tcb @D0xter @mrgl @briankrebs There's pretty much always a court case following it so you're going to have to cite some specific example to support what you're saying. The major exceptions I can think of are the Russians who are hiding in RU.

Krebs is a huge outlet for whistleblowers seeking to motivate the authorities to do an investigation. I don't know what country you are in, but in America law enforcement is almost entirely media driven. Without the media constantly pushing them, almost no cybercrime would be prosecuted, ever.

Krebs' reporting is quite often a very blatant showcase of "look how easy it was, what are you doing?" directly at law enforcement. It's not immediately obvious but what you think of as "dox" is a massive shaming exercise some of the time.

And if you've ever looked at any real "doxes", they look vastly different than a journalist's article. "dox" in reference to journalists is just a term thrown around by shady people bitter about having to face accountability. Real doxes are a list of the person's home address, PII, and their family's PII, and clearly for an intimidation or extortion purpose.

pron00b Dec 25, 2022

@nixonnixoff @D0xter @stoXe @briankrebs lmao, krabs is like a joker honeytrap...

luneellise21 (xe/xer)Dec 27, 2022

@pron00b @nixonnixoff @D0xter @stoXe @briankrebs joker like you?

@D0xter @nixonnixoff @briankrebs but his actions do nothing to prevent it is what I'm saying