[wp-trac] [WordPress Trac] #14682: Privacy leakage: gravatars leak identity information

WordPress Trac wp-trac at lists.automattic.com
Tue Aug 24 14:54:42 UTC 2010


#14682: Privacy leakage: gravatars leak identity information
--------------------------+-------------------------------------------------
 Reporter:  jmdh          |       Owner:                 
     Type:  defect (bug)  |      Status:  new            
 Priority:  normal        |   Milestone:  Awaiting Review
Component:  Security      |     Version:  3.0.1          
 Severity:  normal        |    Keywords:                 
--------------------------+-------------------------------------------------
 If a commenter on a blog leaves a comment without having a log in to the
 site, and the "Comment author must fill out name and e-mail" preference is
 enabled for the blog, the author must provide an email address. The form
 for this says "Mail (will not be published) (required)"

 It's true that the email address itself is not published, but if the site
 has gravatars enabled, the persistent identity of the commenter is
 nonetheless revealed. Together with inspection of other posts where the
 commenter has chosen to reveal their identity, on the same blog or other
 blogs, or a brute-force approach taking a known email address to find
 postings attributed to them (using a global search engine) this results in
 a complete loss of anonymity.

 At the bare minimum, the user should be aware of this, so that they can
 choose not to comment; preferably, the software should be changed so that
 gravatars are not used for these sorts of posts (or made configurable, in
 combination with the user being made aware).

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/14682>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list