Correct. The OP was very noble but quite misguided.
0) Let it burn was how CA operated until we started fighting fires and building in unsafe spaces and it worked pretty well. The Thomas Fire is a good example of this problem. You can reduce the damage but there still will be damage.
1) Legal issues if you are detected and someone wants to "make an example" to be malicious doing this, even if you are found "not guilty" the consequences are non-negligible.
2) In any capitalist culture, prevention only becomes "cost effective" when multiple headline making disasters convince people in suits they will look like idiots if they don't pay at least lip service to prevention.
3) If a criminal ever figures out who you are and that you are invalidating their large $$ investment in a criminal attack, they may be willing to engage in criminal acts to stop you specifically and you don't have the legal protection and training a LE organization would have.
> It’s been a remarkable week for cyber justice. On Thursday, a Ukrainian man who hatched a plan in 2013 to send heroin to my home and then call the cops when the drugs arrived was sentenced to 41 months in prison for unrelated cybercrime charges.
If you aren't equipped to handle events like this, tangling with blackhats means a single opsec mistake is going to result in shit like that.
0) Let it burn was how CA operated until we started fighting fires and building in unsafe spaces and it worked pretty well. The Thomas Fire is a good example of this problem. You can reduce the damage but there still will be damage.
1) Legal issues if you are detected and someone wants to "make an example" to be malicious doing this, even if you are found "not guilty" the consequences are non-negligible.
2) In any capitalist culture, prevention only becomes "cost effective" when multiple headline making disasters convince people in suits they will look like idiots if they don't pay at least lip service to prevention.
3) If a criminal ever figures out who you are and that you are invalidating their large $$ investment in a criminal attack, they may be willing to engage in criminal acts to stop you specifically and you don't have the legal protection and training a LE organization would have.
https://krebsonsecurity.com/2017/02/men-who-sent-swat-team-h...
> It’s been a remarkable week for cyber justice. On Thursday, a Ukrainian man who hatched a plan in 2013 to send heroin to my home and then call the cops when the drugs arrived was sentenced to 41 months in prison for unrelated cybercrime charges.
If you aren't equipped to handle events like this, tangling with blackhats means a single opsec mistake is going to result in shit like that.