Gravitas

Sun, 30 Jan 2005

Gravatar (Globally Recognized Avatar) looks cool, but I don't think I'm going to implement it yet. I think the idea of a central repository for avatars is a good one, since it would enhance recognition of individual commenters across blogs. For example, I often find myself mousing over URLs to find out which John or Kevin wrote a particular comment. Avatars, if used consistently, would help this problem a lot.

Gravatars are really cool right now because they are (to steal a phrase from Aquarion) the simplest thing that could possibly work. Your image, retrieved by a MD5 hash of your email address. So why am I not jumping on the bandwagon? Because Tom Werner, the developer of Gravatar, is having all sorts of ideas to expand the service, which would be fine except that he's departing from the central purpose of Gravatar and running into privacy issues.

Gravatar is a cool idea, but I think that for all his good intentions, Tom hasn't thought through all the issues. His privacy policy assures us that we are safe from spam, but what about identity spoofing? Especially if the blogging community becomes accustomed to identifying commenters by avatar, it's easy to impersonate me if you know my email address (and it's very easy to guess). How can you secure such a system?

Actually, there's a system already built with security in mind: TypeKey. It would probably not be a bad idea to set up Gravatar with TypeKey as authentication, but I don't know how that would actually work.

In any case, given the current and future issues of Gravatar, I'm going to wait on implementing it. If there's one thing I've learned at the iSchool, it's that the newest and greatest gets better with a little age.

Comments

Senji says:

On the other hand the spoofing issue is already there. There isn't currently any way to know that I'm the same "Senji" who has made all those previous comments...

I am, of course :-).

Laurabelle says:

Of course the spoofing issue already exists, and this is one reason why LiveJournal and more recently Movable Type have the ability for commenters to authenticate themselves.

The thing is, I don't think it makes a whole lot of difference on the basis of an individual comment. If someone is trying to destroy your reputation by faking your identity in comments, right now they'd have a pretty hard time making an impact before you figured it out.

On the other hand, if it were possible (as Tom has proposed) to view all your comments on Gravatar-enabled blogs, all the impostor has to do is make ten comments (even on ten different blogs), and those ten comments are instantly linked to your identity.

Spoofing was possible before, but now there's more reward for doing it, which is where it starts to get dangerous.

Maybe I'm being paranoid, but to some extent that's my job. Librarians care a lot about security and privacy (hello USA PATRIOT Act).

Senji says:

I'm quite in favour of being paranoid. Being paranoid when the situation is already bad tends to make me wonder though :-).

Post a comment











XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

OpenID: If you use OpenID, your comment will be approved automatically and will not be held for moderation.