It bears repeating explicitly I think: you're not working against today's analysis tools, you're working against whatever analysis tools exist far into the future, since everything is recorded for eternity.
From what I've seen, success in this industry is predicated upon planning, caution, and constantly thinking of ways that people are going to screw you over.
If your first thought when making decisions was "what won't send me to prison" you probably wouldn't be engaging in criminal enterprise in the first place.
Most people who break the law do so because they either don't consider the consequences or accept the rewards as justifying the risks. And plenty of criminals go to prison because they judged wrong. That those who are successful for long periods of time buck this trend is just survivor bias.
Well, it's true that the official manual contains mostly short-term, actionable recommendations, but some of them do have the goal of avoiding long-term consequences.
These can be changed and you can be charged under other crimes which may have different statue of limitations. When the government decides they want you in prison, it doesn't particularly care how it does so. Tax evasion, drug trafficking, funding terrorism, CSA changes, weapons smuggling, or RICO or country equivalent, they'll use which ever seems easiest to get you.
For a buyer, this isn't as big of a deal because you won't have that level of target on your back, but for anyone running a marketplace I don't think statute of limitations will protect you once they figure out who you are.
I've seen the theme of "maintainer of popular open source product is threatened by person who doesn't understand it's just a component" show up a few times, but when I think about it most those times have been related to curl specifically. Maybe it's because of the domain haxx.se? Or maybe Daniel just writes about it a lot? Does this kind of thing happen so regularly to others?
It’s because curl and libcurl are used virtually everywhere, and clearly identified. This means in any problematic or malicious device or software, odds are good the first clearly identifiable thing you’ll find are references to curl.
Though the domain probably doesn’t help with the association. If you got hacked and the first clear string you find is “haxx.se” it’s not a big leap to interpret it as a taunt.
I'm guessing it is because people who create these hacking tools often need to do HTTP requests, so they just copy in libcurl source and before you know it Daniel's name is associated with all these tools and attacks.
Which food delivery apps do you have in mind? In my experience they are heavily engineered towards leaving only positive reviews, and as a result the range of scores is 4.0-5.0 rather than 1-5. Ubereats says things like "this review will be public with your name", and the timing of the review prompt and wording of the question all feels like it's trying to optimize the chance of a positive review.
It bears repeating explicitly I think: you're not working against today's analysis tools, you're working against whatever analysis tools exist far into the future, since everything is recorded for eternity.