>Identifying a criminal is ethical.
This outsourcing of one's morals to the state is excessive even by already high western white collar internet standards.
Now, make no mistake, these guys are up to no good and probably should be identified and prosecuted, but to just declare that a bad thing is now good because government is doing it is basically an abdication of one's moral compass. At best this is still a bad thing but a necessary one because all the other options are worse. Like shooting someone in self defense, or putting someone in a cage for doing sufficiently bad things.
Edit: I'll admit I played too loose with ethics vs morality here, but still the point stands.
Certainly, criminals also have a right to privacy. However, the limited publication of personal data of criminals by law enforcement is generally a legally legitimate measure. Doxxing, on the other hand, is generally a process that violates the fundamental right to privacy.
>criminals
>law
>legally
You keep using these words but it causes circular logic as those are all defined by the same entity that is acting unilaterally.
The action the government took was not a "good" action by any moral standard. But it was perhaps the least worse action available all things considered. Can't just whisk people off the street in a foreign country or drone them over such matters, those options would be worse.
Running a ransomware gang is immoral. Catching someone running a ransomware gang is good. If publishing their name helps catch them, it's also good. Not sure where do you see the gap between legality and morality in this case
People often forget that Threat Actors (TA) are the ones keeping the infosec alive. They are doing a good job of scaring people into implementing actual security protocols and thereby improving everyone's security posture. The whole infosec would collapse without TAs, let's not forget that. They create jobs.
This is the “Broken Window” fallacy[1] which was explained by Bastiat.
[1] https://en.wikipedia.org/wiki/Parable_of_the_broken_window
I don't fucking care about made up terms. If you can't see the actual economic growth (not some vague, theoretical fallacy) they create, you're just another moron in denial.
It's not a "made-up term", it's shorthand for a well-known argument. Not allowing re-usable arguments is like not allowing the use of libraries in software: It wastes time better spent on moving the frontier forward.
The wildfire industry brings growth but it would be a whole lot better if we didn't have wildfires.
The same thing is true with computers. Imagine all the nice things we could have if we didn't have to worry about people abusing the systems we build.
Well, to be honest, those old enough remember when cryptography was considered someting for the military and special services, and considering using encryption would put you under immediate suspicion. Now we can at least argue we need it to protect us from the cyber crime, even if we really have privacy and free speech in mind
If economic growth at all cost is the solution, then you are wasting your time giving your fiction away for free.
That's right. They also create jobs for police though, and now German police is doing theirs
German govt is also one of the most corrupt and vastly incompetent govt. It's run by bunch of boomers. Most of the prolific ransomware gangs have terrible opsec. De-anon'ing them is child's play. Most of the opsec-aware TAs never even get attributed, let alone get caught for any breaches.
> One of the most corrupt
It's on like place 10 out of 180, which makes it one of the least corrupt places.
It also has some surprisingly non-boomer departments, like the Sovereign Tech Fund. Either way you need to celebrate police doing good things and immoral actors being exposed, it can only have good outcomes.
Perhaps it deters them, or deters the next generation of such hackers. Or at least it makes their life less enjoyable, which is fair since they were only able to afford their travels due to their illicitly acquired wealth.
> surprisingly non-boomer departments, like the Sovereign Tech Fund
The one that has just invested in Scala? In year 2026? There are many good things about Germany, but competence in tech is not one of them.
> You keep using these words but it causes circular logic as those are all defined by the same entity that is acting unilaterally.
It's not, in Germany we have separation of powers.
> The action the government took was not a "good" action by any moral standard.
Morals aren't binary. Morals have context.
Is it your position that privacy is a right regardless of any action you take? Many rights are dependent on circumstance and in tension with other rights. In this case I think you can make the case that their right to privacy is lost.
> Doxxing, on the other hand, is generally a process that violates the fundamental right to privacy.
It historically was used for this exact case: revealing someone hiding behind a pseudonym for purposes of law enforcement. The term dates back to the 90s, if not earlier.
This isn't something Gen Z made up. It's a Gen X term. "Hack the gibson" era. Wargames era.
Doxxing is basically a DDOS reflection attack but for real violence, or threat thereof, instead of 1s and 0s.
I might want to do violence upon you for some reason. Maybe I hate you. Maybe you're doing something that I don't like. If I'm lucky I can round up half a dozen buddies to help. But I don't have infinite resources and infinite reach, so my capability is rather laughable unless you live next door.
Buuuut, if I craft it just right, I can cause the state with it's practically infinite resources, infinite men with guns who kick in doors, etc, etc to choose to kick in your door and do violence upon you. (And the request usually looks a lot like doing their job for them "hey look over here there's this specific person doing this specific thing that you're supposed to go after", but that's beside the point.)
Same as how if I craft a request to a 3rd party server just right a few Kb of on my end can become dozens of Mb on yours.
The German police can't reach these guys. Hence why they're doxing them. They're hoping to structure things such that those who can reach them respond to the request (i.e. rounding up these guys will be a line item in some larger geopolitical context).
not the state, but the law
"Identifying a criminal" doesn't imply that it's done by the government, and being done by the government doesn't imply that it's done to a criminal. This comment seems like quite a leap.
It's the government who defines what "criminal" means.
Not necessarily. I'm free to make my own determination on the matter.
You are certainly free to make up your own definitions for words and speak a dialect that is niche but you will not be effectively communicating when you do. By commonly understood definition criminality is a matter of law.
Well, the dude here hasn't been put on trial, let alone convicted, as far as I can tell from the article. So he's not officially considered a criminal by a government. Yet we all seem comfortable calling him one, so I'd say that it is not, in fact, commonly understood to be exclusively a matter of law.
Innocent until proven guilty (in a court of law)?
ethics and morality are not interchangeable are they?
anyway individuals willingly give to teh state some autonomy in return for the safety of governance... that's the social contract free people have with government
"doxxing" a Russian ransomware group is the kind thing to do. bombing them out of existence is within the remit of the range of ideas a government could resort to...
Not disagreeing with your preface but I was under the impression that while it took governments some time to figure things out, kinetic bombing in retaliation for cyberwarfare was pretty much ruled out unless the cyberwarfare results in direct mass casualties (for example cyber sabotaging a refinery results in an explosion which results in casualties.). Else we’d have bombed North Korea, China, Ukraine, Russia, Romania, etc.
Yeah bombing as a counter to cyber attacks is a last ditch Pandora’s box thing