Interesting to see @haveibeenpwned / @troyhunt having decided to start offering "Threat Intelligence".
While I understand the thinking, the quote from the article
But even when you get the full dump of the data from the shadiest providers*, it's just been a waste of time.
Sure, there is some value in informing people about problems. But it's important to provide actionable information.
A better approach might be to provide this information to the breached sites to allow them to 1. validate the information. 2. inform the users. 3. force changes.
That approach has it's own problems**, but seems like it more effectively attacks the core of the problem instead of the symptom.
And if that is not possible, then maybe something proactive like identity-protection services which you pay to take actions on your behalf of any data.
Maybe this isn't something Troy wants to do, which is fine. But I felt like I needed to write down my thoughts on why I don't think it's the right approach.
Footnotes:
=> More informations about this toot | View the thread | More toots from gnyman@infosec.exchange
=> View haveibeenpwned@infosec.exchange profile | View troyhunt@infosec.exchange profile
text/gemini
This content has been proxied by September (ba2dc).