[wp-trac] [WordPress Trac] #14682: Privacy leakage: gravatars leak identity information
WordPress Trac
wp-trac at lists.automattic.com
Thu Aug 26 17:22:35 UTC 2010
#14682: Privacy leakage: gravatars leak identity information
-----------------------------+----------------------------------------------
Reporter: jmdh | Owner:
Type: feature request | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Comments | Version: 3.0.1
Severity: normal | Keywords:
-----------------------------+----------------------------------------------
Comment(by ryan):
The avenues of address are to never show gravatars, weigh down the form
with privacy policy tedium and explanations of baroque things such as md5
hashes, provide some sort of gravatar opt-in in the form which would have
to be stored per comment, or simply remove the "will not be published"
parenthetical. All of these seem unfriendly overkill for what is a
willful and deliberate leak at the source. "Mail (will not be published)"
does what it says. Plain text email addresses are not published so that
they cannot be scraped by spammers. Deriving other privacy assertions
beyond that is highly speculative on the part of a commenter who is giving
away his email address (not to mention his IP) to a third party.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/14682#comment:13>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list