DISQUS

Hal · 6 months ago

This isn't sneaky at all. You obviously setup a photo at some point. So instead of blaming Gravatar or WordPress for being "sneaky" as you say look at your own ignorance. Or perhaps you didn't have anything to post about so you made this idiotic post.

erlichson · 6 months ago

Of course I submitted the photo to wordpress at wordpress.com. That is not an issue. Privacy issues are always about the way the receiver uses the information you give to them. What is your point?

I never signed up at gravatar, and it was certainly not clear that signing me up for one service opted me in to the other. I created a blog on wordpress and now wordpress is giving up my identity without notice to millions of wordpress blogs. This is privacy 101.

You need to look at how this works. When I go to any blog that is hosted by wordpress, even when that blog is a completely separate domain, and I post a comment, even if I deliberately use a false email address and name, then my photo will appear.

They do this by placing a link to gravatar.com or wordpress into the blog and because I have logged into wordpress from that browser, it passes my cookie to wordpress and they give up my identity.

It would not be difficult for wordpress to fix this. In the comment field. It just needs to say

"Wordpress Blog: You are logged in as Andrew Erlichson" Logout.

In fact, given that Wordpress knew who I was on the page and planned to give my identity up, why did the even make me type an email address and name to post the comment?

Disqus does this right. Right now, I am t yping a comment into this blog and I see my photo and a note that says "logged in as erlichson" and a link that says "Logout from DISQUS"

anon · 6 months ago

i think a lot of people are going to accidentally post comments they intended to be anonymous that turn out not to be -- not a photo problem but just a username showing up problem