Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

From the article:

"Anyone can cobble together a website with some APIs and load in a ton of data breaches, but establishing trust is a whole different story. Trust in the way I run the service is an absolutely pivotal part of HIBP and it's something I built organically rather than setting out to earn it, now here I was with big companies putting a value on it."



Yeah, so it's nothing but branding. There is nothing about this site that requires trust, since the data is already available. HIBP got popular on Twitter / the internet and is now a well known name in cyber.


Well, to be pedantic, it's not just a simple SQL query, it's also a percolation query server and notification system.

It's like saying that Pingdom is nothing more than a cron job.


The reason that trust is important could be to do with verifying breaches.

In some of his articles discussing various breaches, he mentions reaching out to selected (potential) victims to verify some of the details.

Doing that does require a fair amount of trust by various victims of the people asking to verify.

If I was randomly contacted to verify some details in a breach, I'd be skeptical it was a phishing scheme.

If I was randomly contacted by Troy Hunt / HIBP - then I'd look at it much more seriously.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: