Pink Edition
Identity Theft
Identity theft is an annoying thing. It is when somebody else uses your name as their own and I have been the victim of this 3 times now.
Three times somebody have decided to write a comment using my name. That is, you will see a comment where "Thomas Baekdal" commented on an article, using my contact details and my website in the website field - making the impression that I had a specific opinion on a given subject.
The problem, of course, was that it was not I who wrote the comment, but somebody else. And today it happened again. A person from Korea wrote a comment using my name. It was an innocent comment, no harm was done, but I obviously deleted it anyway.
Identity Theft is very difficult to prevent, but what I do is three things:
- All comments from my person is marked "Site Owner" and is orange in color - as opposed to lime. This indicates that my site has identified that the comment was written by me, from my computer. So if you see a comment that doesn't say "site owner", with my name on it, then it is a fake.
- Every person that pretends to be me, or from baekdal.com is added to my block list. This person is blocked from writing any comment in the future.
- I have added my name to my anti-spam list. So any comment made using my name (or close resembles thereof) is automatically blocked as spam.
I hope this solves the problem. But remember, I am the one commenting in "orange" - with the label "site owner". That is my mark of authenticity :)
Comments
Ali Servet Dönmez - May. 21, 2008
Why not check Name, Email and Website fields, block (or not allow) comment and commenter automatically?
This wouldn't be an one-for-all solution, but would certainly help.
Regards,
Ali Servet Dönmez
Thomas Baekdal - May. 21, 2008
George, I have been thinking about OpenID, but I do not know enough about it to implement it just yet. Some day I will look try to learn more about it, but right now work schedule is packed :)
It is a serious problem. The last comment made in my name was not really a problem. But the first time this happened, the person told another commenter to buzz off in a very offensive way - using my name.
Luckily, I was online at the very moment that it happened, so I delete it within a minute or so. Just imagine the damage it could have caused if I didn't detect it.
Ali, that is what I do now (I implemented that today). You can see the effect of this block in the last image above (where the comment is blocked by my spam filter because it detected "identity theft" :)
Jonathan - May. 24, 2008
OpenID itself doesn't prevent impersonation, but some providers like myopenid.com let you add an SSL certificate to help make sure that it's really you logging in (they also have a phone verification service too). If they added the ability to trust key certifiers (like Verisign or somebody) then that would add another pretty good layer of assurance.
But the problem is that most people today don't understand PKI. Perhaps future generations will laugh at us for complaining about online identify theft when perfectly good systems were readily available to prove identity in cyberspace - and indeed have been for well over 10 years. But hey, that's human nature.
Published: May. 21, 2008
in personal notes
Thomas Baekdal is a Writer, Interaction Designer, Change Advocate and Project Manager.
George - May. 21, 2008
The best thing would be to force commenters to use OpenID or something similar. That way they can't hijack an identity. You could have an anonymous name you want to use on each site, but verify your identity with some kind of framework (or a combination of frameworks).
This is a very serious problem when it comes to political blogging, where reputations can be tarnished by pretending to be someone else and making comments on their behalf.