[wp-trac] [WordPress Trac] #14682: Privacy leakage: gravatars leak identity information
WordPress Trac
wp-trac at lists.automattic.com
Tue Aug 24 14:54:42 UTC 2010
#14682: Privacy leakage: gravatars leak identity information
--------------------------+-------------------------------------------------
Reporter: jmdh | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version: 3.0.1
Severity: normal | Keywords:
--------------------------+-------------------------------------------------
If a commenter on a blog leaves a comment without having a log in to the
site, and the "Comment author must fill out name and e-mail" preference is
enabled for the blog, the author must provide an email address. The form
for this says "Mail (will not be published) (required)"
It's true that the email address itself is not published, but if the site
has gravatars enabled, the persistent identity of the commenter is
nonetheless revealed. Together with inspection of other posts where the
commenter has chosen to reveal their identity, on the same blog or other
blogs, or a brute-force approach taking a known email address to find
postings attributed to them (using a global search engine) this results in
a complete loss of anonymity.
At the bare minimum, the user should be aware of this, so that they can
choose not to comment; preferably, the software should be changed so that
gravatars are not used for these sorts of posts (or made configurable, in
combination with the user being made aware).
--
Ticket URL: <http://core.trac.wordpress.org/ticket/14682>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list