Laurabelle's Blog

Gravatar (Globally Recognized Avatar) looks cool, but I don't think I'm going to implement it yet. I think the idea of a central repository for avatars is a good one, since it would enhance recognition of individual commenters across blogs. For example, I often find myself mousing over URLs to find out which John or Kevin wrote a particular comment. Avatars, if used consistently, would help this problem a lot.

Gravatars are really cool right now because they are (to steal a phrase from Aquarion) the simplest thing that could possibly work. Your image, retrieved by a MD5 hash of your email address. So why am I not jumping on the bandwagon? Because Tom Werner, the developer of Gravatar, is having all sorts of ideas to expand the service, which would be fine except that he's departing from the central purpose of Gravatar and running into privacy issues.

Gravatar is a cool idea, but I think that for all his good intentions, Tom hasn't thought through all the issues. His privacy policy assures us that we are safe from spam, but what about identity spoofing? Especially if the blogging community becomes accustomed to identifying commenters by avatar, it's easy to impersonate me if you know my email address (and it's very easy to guess). How can you secure such a system?

Actually, there's a system already built with security in mind: TypeKey. It would probably not be a bad idea to set up Gravatar with TypeKey as authentication, but I don't know how that would actually work.

In any case, given the current and future issues of Gravatar, I'm going to wait on implementing it. If there's one thing I've learned at the iSchool, it's that the newest and greatest gets better with a little age.

A student on the ichat mailing list posted today about an interesting post on a lawyer's blog about the safeness of weblogs.

Are you a young professional, excited that your blog gives you the freedom to speak out to a large audience? Well consider what a smaller and more powerful audience (i.e. your employer) might think about what you say, and how well you say it. And of course remember that while you blogging your innermost thoughts you are also creating the world's most accessible databank of stuff that can be used against you later.

The other day, a KCLS patron emailed in and requested Amazon-like features for iPac (the web catalog), such as people who checked out this author’s work also checked out these other authors. Now, of course we can’t do that right now because it’s not one of the features available in iPac, but the question got me thinking about all the reasons why one wouldn’t want to do something like that in a library system. All I said to the patron at first was that it was contrary to KCLS’ privacy policy. He wrote back, asking if it were possible to remove the patron data, so that privacy wouldn’t be violated. Since he asked, and since he referred to the so-called Patriot act, I decided it was probably safe to talk to him honestly.