There are plenty of obvious things that could be said about the revelation of Lomez’s identity on Tuesday. Not least of all we could—and should—talk about the omission of his image by the disgusting creature who shat out the execrable piece.

Funny how our guys keep turning out to be handsome, successful chads, and our enemies—who aren’t forced to hide their appearance or any other aspect of themselves—are hideous, crepuscular goblins, isn’t it? I’m going to write a longer piece on this later this evening, probably for Human Events.

But I want to talk about something else today: the issue of opsec.

First, as a quick preliminary, let me say that I’m not going to link the piece or refer to Lomez by his actual name (Ernest Khalimov). I think it’s a wise strategy, even when the doxxee confirms their identity, as Ernest has done, not to provide any kind of legitimacy to the doxxers, individual or collective.

Doxxings, rightly, are always moments for contemplation of the basics and even the subtleties of opsec, especially when the doxxers provide information about how they arrived at their identification. And this is true even if they’re not giving you the full story.

In the case of the Lomez doxx, I and others know that the official explanation given by The Guardian is far from the whole story. This is often the case with these doxx pieces. The journalist-activists responsible for them don’t want you to know that, for example, they collude with employees of social-media companies to gain backdoors to personal data (even the registered email for a Twitter account, if it includes a personal name, can be enough). But they do do this. Instead, the doxxers will say something like the following.

[Ernest] appears to have made considerable efforts to limit his online footprint, thereby reducing the possibility that he would be linked to the Lomez persona. [Ernest] has no discoverable profiles in his own name on social media, blogging or professional-networking sites.

The identification was made possible by unavoidable traces left in public records such as property deeds and public salary records, but also by the sequence of events that led up to the announcement of the first Passage prize.

So The Guardian want you to believe this disgusting blob responsible for the Lomez doxx just trawled through some company documents and found his first lead, and then got some corroboration from other sources and that was that. Case closed.

Like I said, I and others know that isn’t the case—and maybe the full story will come out in time.

The Guardian’s story will be good enough for most. After all, the target audience here is people who are glad for “dangerous right-wing extremists” to be exposed. Most of them would be happy for such people to be killed, without trial, or certainly sent to some kind of prison camp. How the information was discovered, fair means or foul, is not the issue here. But publications like The Guardian have to maintain an air of propriety by making it rigorously clear that they care about journalistic integrity and ethical standards—and so they make sure to produce as much corroborating evidence as possible.

That being said, let’s just take a lot at some of the main forms of evidence that are used to establish the doxx. They include:

• Registered company documents and web-domain registrations.

• Circumstantial evidence, including announcements on Twitter.

• Personal information given on Twitter and podcast appearances, including basic information about the person’s siblings—just the number—and events like deaths within the family.

• Occupational information given on Twitter (e.g. previous employment, indications of terminations and new appointments).

• Information given about previous online personas and haunts, including online message boards and blogs.