Infosec Press


Read the latest posts from Infosec Press.

from Fennix

Preface: I was originally going to go on a rant but fell down a rabbit hole of looking at examples of older newspapers and instead this became more of an article/blog.

Like many other people focused on their privacy, I run Pi-hole at home to block advertising domains, among other annoyances, and personally make extensive use of Privacy Badger and NoScript. The Pi-hole alone has the effect whenever anyone of the household is out of the building and not connected to our home's wifi, they get the jarring experience of seeing a completely different version of the web, plastered with ads, most of which are animated and attention-grabbing. This is especially true in mobile apps.

There's been a lot of lip service given to the way the “old web” used to appear versus how things are now, so I'm not going to do more of that here. I think what a lot of us “web old-timers” maybe don't realize is that how the web looks now is actually pretty common and has its origins in the way newspapers and magazines were laid out in the past.

If you've never had cause to go back and look at old newspaper archives, you might not have experienced this, so I'm going to show you some examples. You'll see the bones of modern web advertising buried in newspapers a century old, and then I'll explain what I think is critically different about how the web is these days. Spoiler: it's not better.

The front page of the New York Times,' Tuesday, February 1, 1921 edition. It looks very different to modern day front pages of newspapers, being divided into 8 columns with a dozen or more stories visible. There are no ads present. ref:

You can see there's a few modern innovations in papers missing here — no “above the fold” style of breaking up the layout. Another trick newspapers did initially was to never put the ads on the front page — they were selling you the news after all.

Now onto page two:

Page two of the New York Times,' Tuesday, February 1, 1921 edition. From left to right the page is approximately divided 80/20 between real news and ads. There are between half a dozen and a dozen stories on the page. ref:

This layout is common amongst the meatier news-focused sections of the paper. The first 5.5 columns are dedicated to news stories and then the rest is devoted to ads. Three are larger double-column spaced ads, while two are smaller and occupy the space in an ad. The rest of the Times' early layouts in the news sections were like this, with sometimes more space dedicated to ads on the lighter topics.

For example, here's the sports section: Page 12 of the New York Times,' Tuesday, February 1, 1921 edition. This is the sports section. It's divided roughly 65/35 between ads and stories, and features early versions of a popular web advertising layout where the side columns are dedicated to advertising. ref:

Here ads are placed in a very familiar format for the modern web; The ads effectively bookend either side of the center columns which house the articles themselves.

However, it's worth noting this layout was not universal. Here's an example of the Victoria Daily Times, from Victoria, British Columbia: Page 2 of the Victoria Daily Times' Friday July 22, 1921 edition. This uses a very different layout than the New York Times. Here ads are sometimes placed in the center columns breaking up the stories. There does not appear to be any standardized ad sizes either, beyond snapping to columns for width. ref:

I can only imagine its print runs were much smaller than the New York Times. The paper lives on to this day as the Victoria Times Colonist, having merged with another local paper in the 1980s. Attempting to read this layout now, I understand why the format the Times is using won out over other layouts. The ads being so close to the article is visually distracting.

Now let's compare those older examples to modern web news media. Let's start with a relatively tame example: Yahoo! News:


Here you can see the remnants of the earlier newspaper design. The page is divided into roughly fifths, and a fifth is allocated to the side ads. All in all this doesn't look too unreasonable, but let's now look to what modern newspapers' sites look like. Here's the front page of the New York times:

Front page of the New York Times' website, January 19, 2023 (20th in some locales). A large banner ad which failed to load occupies the top two fifths to one half of the visible page space, with stories below. Stories appear to have one primary column, occupying three quarters of the width, with the last quarter being devoted to other smaller articles. ref:

Because of the nature of the web and the drive to obtain impressions versus what works in print there's a huge functional difference: Each article is given its own webpage, so what is displayed on the main page landing page actually looks more like older newspapers, where a single viewing space — in that time period, paper, in ours, screen real estate — is subdivided into several articles. I don't have any insider knowledge or analytics but I believe that in today's social media dominated world, most users do not visit the front pages of newspaper sites, yet the philosophy persists of the relatively “clean” first page.

Now let's look at what happens when we load an article:

Screen shot of the New York Times' article titled 'Supreme Court Says it Hasn't Found Who Leaked Opinion Overturning Roe', dated January 19, 2023. There is a large banner ad consuming approximately two fifths of the viewing space for a subscription service to the Times. The bottom half of the page is a popup message asking the user to create a free account or log in to continue reading articles. Only the very tops of the upper-cased letters in the article title are visible at all. ref:

Here we can see probably the worst feature of modern advertising: the pop up modal dialog requesting subscription or registration. This is commonplace among all newspapers websites at this point in time and that's not news to any of you. On what should be an article page the title is not even visible! There are two separate subscribe buttons visible, plus our lovely “create an account” modal dialog.

Not that I'm unsympathetic, the trials of various news organizations are well documented so I don't need to go into them here. What I would like to highlight is simply that some philosophies and design elements in use a hundred years ago persist. For example, we still have the behavior of keeping the first point of arrival largely ad free. Not completely of course, because the tombstone of the 2015+ web will be engraved with “Subscribe, Click that like button, and share it with your friends”, but the front page is relatively ad-free compared to the hilarious experience of trying to view an article.

On that note though, the viewing an article experience is very reminiscent of the Victoria Daily Times' layout. Maybe they were right all along.

The problem this creates is that whenever I visit friends or family who aren't tech-savvy, I realize just how bombarded they get with advertising.

It also really drives home Google's impetus for working on DNS-over-HTTPS and Manifest V3: It will help them take back control over ad visibility in the era of every user using an ad blocker in their browser and things like Pi-hole becoming cheaper and simpler for people to run at home.


from Vorinstanz

Eva Horn, Kultur- und Literaturwissenschaftlerin an der Universität Wien, beschäftigt sich in ihrem 2020 bei Fischer erschienenen Buch mit dem Katastrophennarrativ. Sie zeichnet kulturwissenschaftlich die Linien hin zu Zukunftsbeschreibungen nach, die dem Leitmotiv der Katastrophe unterliegen.

“Die künftige Katastrophe zu entziffern bedeutet ... immer, eine Geschichte schon zu Ende zu erzählen, die sich erst noch ereignen soll.”

Habe gerade mit dem Lesen des Buches begonnen. #About


from Stories by MJ

ᴙoᴙᴙim | mirror: Part One

Few things are as scary as data loss due to encryption failure within the information security realm. So frequently, we plan for it, test it, use it, and eventually, bitrot sets in, and it fails. This is why your RAID needs constantly rotating disks, especially when a checksum failure or S.M.A.R.T. error pops up.

No one could be as happy as an engineer with a RAID 15 (1+5) environment where every service is duplicated, any work processes can fail, and your site has procedural queries for everything. Even better, you have a tokenization solution that guarantees you never store credit card information in the clear. The nice thing about tokenization is that it is a rather ingenious use of encryption and hashing; the not-lovely thing about it is that it has a key vault for all the little secrets. Unfortunately, the vendor didn't know how to mirror the servers properly, and they were coming out of sync. This is a problem when you're dealing with time-based key-value stores that weren't matching the key assigned to them. You can see where this is going; my phone rings.

It's the “Under Pressure” opening ringtone, which means it's my mentor and something went wrong. She emails me to schedule anything and texts if it's routine, which means if she's calling from her desk from the caller I.D., there are suits surrounding her looking for a solution, and she's calling me. I answer.

“Hey, how's it going?” “Another beautiful day in paradise; how's the farm?” “Doing great, the horses are happy. We'll have hay to throw again soon.” “Sounds like a great time; what can I do for you?”

We constantly banter like this at the beginning of calls; it drives anyone listening crazy, and we have our little games.

“So, we've got a tokenization system, as you know, for our card processing,” she reminds me to benefit those around her. “Yeah, the system I spec'ed out last year,” I reply “Yeah, it's been performing great,” she hints “Until...” I give in “This morning” Ah fuck. “I'm already on my way, coming from Uptown.”

I pack up my laptop and signal to my waitress that I'm running out, and the approximate amount is on the table. I make it a generous tip; they give me power, caffeine, and company. Plus, it's basically my office away from home.

Continued... soon.


from Stories by MJ

A Study in Magenta

The day started like any other one; rolling over and falling out of bed, hitting my head on the nightstand as I did so. This has happened more times than I would like to admit. However this time it was accompanied by a small voice coming from a little flat box seemingly asking “Hello? Are you there?” to which I snapped into Incident Response mode and answered “Yes, how may I help you?” while grabbing a pen and paper as a headache started to creep in.

The voice on the other end of the little flat box told me a heartbreaking story about data loss, bad USB drives, and vacation photos followed by: “I was told if anyone could recover them, you could.” “Oh, that's nice, who should I thank for the compliment?”

We agreed to meet at a nice cafe nearby and she would bring all the drives she needed to be recovered, I would bring a short contract, and they would pay 50% upfront plus any expenses capped at $1K with no guarantee as data recovery is difficult. They agreed.

I brought with me some static protection bags, some stickers, and a felt tip pen. They brought a pink USB rust drive, a pink SD thumb drive, and a pink nail polish-covered SDHC card from her pink camera in her pink bag. Unsurprisingly they were also wearing a pink faux fir blazer, pink pants, pink sneakers, and a retro P!NK tour shirt. Also, a pink pen for signing the contract and drive seals.

So started the Study in Magenta. At first, the data recovery effort was like any other, a custom USB cord with the write pins snipped and making sure the write block was enabled on the SDHC card. I decided up front that the SDHC card was going to be the last because of the gunked-up nail polish on it which would need to be cleaned off before it was read. The SD thumb drive I estimated would take the shortest time. So it was time to give that good ol' rust drive a workout.

Plugging the drive into the forensics workstation was uneventful as it didn't power up. The disk didn't spin and a quick test from the voltmeter confirmed power was making it to the plug but after that, on the circuit board, the readings were erratic and inconsistent. Simply, the board was bad and I wasn't going to make any progress until I had a functioning spinning drive. So to make her drive work, I bought another of the same brand, model, and specs, and placed her spindle case into the new drive.

Surprisingly, the first time, it worked and the drive was live. I immediately started imaging the drive and went to work on the SDHC card.

The SDHC card was a slightly different beast, after cleaning off the card I was able to see the problem, it had part of a fold in the middle and a small crack in the outside of the card frame. This time however I wouldn't be able to swap in a new board, I had to come up with some other way. So again, I bought a replacement card, and this time I took it apart to understand how it worked and where the damage was. The SDHC card was made up of two IC chips in the back and a wiring harness up front. Luckily, the wiring harness was what was damaged and both of the chips appeared fine, so I started the process of repairing the wiring harness.

This is as much fun as it sounds, trace two sides of a wire and bridge them with a combination of foil and solder. Half a day later I have a readable SDHC card but it now doesn't fit in any slot because it's put together Frankenstein style. So I grab the new SDHC card and make a series of bridges from its connectors to the old connectors and plug it in.

Voila! So my imaging process begins the magenta drives survive and I arrange a meeting to drop off the retrieved files.

In walks a woman that loves magenta. I hand her the drives all professionally wrapped in electrostatic bags, an invoice for the replacement hardware, and hold onto a third drive containing the results and plug it into my portable workstation, and motion for her to start looking at the retrieved files. Her expression was fantastic, happy to get her memories back.

A slight sly look on her face and a question:

“So the names can't you get the names back?” “No, unfortunately, that part of the drive wasn't recoverable” “So can you organize these for me?” “We never look at the data recovered, principle and rule sorry.” “Probably for the best.”


from Mike Dee


from The Blue Bear Inc Blog

We are Blue Bear Inc

Hello everyone!

We quickly wanted to introduce ourselves as we start this blog. We are a cybersecurity consulting firm based in Tallinn, Estonia, although we are a fully remote company.

Since 2020, we've been providing defensive cybersecurity training, audits and leading security project implementations We can help you define your threat landscape, identify gaps in your current cyber strategy, help you reach your next objectives or really help with any sort of hands on inputs you might need.

One of our goals is to remove the wealth gap that we see in cybersecurity. Too often, small and medium sized companies and companies in emerging markets do not have the resources to hire expensive cybersecurity experts or consulting firms, or pay for security products. That leaves them very vulnerable.

That's why Blue Bear Inc's pricing model is so flexible. We offer a “Pay What You Can” model, with a minimum based on the size of your company, the size of your engineering team, where your company is located and what industry you are in.

We want to help as many people as we can and not let a price tag stop you from having access to cybersecurity resources and expertise.

Interested? Let us know what you need help with at contact @ bluebearinc . ee.

Edits: Typos :) Thanks Tim for spotting them!


from Kee Hinckley

(this is a test post to see how this does with some long form markdown)

This post was originally written during the “nymwars” on Google+, before Google recognized (through protest, and just plain looking at the facts before them) that using “real names” does not lead to civility. I've done some reformatting and updated a few references, but otherwise this is as it appeared in July, 2011However everything here applies to existing and future social networks, most obviously including Facebook.

At the time I wrote this, it wasn't clear that anonymity offline was going to erode so quickly. All of the reasons I specify here for requiring online anonymity apply even more strongly for anonymity in real life. We have a troubled future ahead of us.

Google has said that they plan to “address” the issue of pseudonymity in the near future. I hope that these thoughts and experiences may help inform that decision.

Protections for anonymous speech are vital to democratic discourse. Allowing dissenters to shield their identities frees them to express critical, minority views… Anonymity is a shield from the tyranny of the majority… It thus exemplifies the purpose behind the Bill of Rights, and of the First Amendment in particular: to protect unpopular individuals from retaliation…at the hand of an intolerant society. —1995 Supreme Court ruling in McIntyre v. Ohio Elections Commission

This whole persona/pseudonym argument may seem like a tempest in a teapot, but the fact is, the forum for public discourse is no longer the town hall, or newspaper, or fliers on the street. It is here on the Internet, and it is happening in communities like this, hosted by private sector companies. Freedom of speech is not guaranteed in these places. As Lawrence Lessig once said, “the code is the law.” The code that Google applies, the rules they set up now in the software, are going to influence our right to speak out now and in the future. It is imperative that we impress upon Google the importance of providing users with the same rights (and responsibilities) as exist in the society that nurtured Google and brought about its success.

I'm going to try to summarize the discussion as I've seen it over the past few weeks. Since this is a long post (tl;dr), here's a description of what's coming so if you want, you can skip to the section that you're interested in.

First I'm going to address some red herrings; arguments that actually have no bearing on pseudonyms. I will explain why I think we should be having this discussion about a company's product. I'll explain, through painful personal disclosure, the experience of close friends, and other examples, why someone might want to use a pseudonym. Then I will address the arguments I have heard against pseudonyms (and some of them are quite valid), and what some alternatives might be.

I apologize for the length of this post, I know it could be trimmed.

The Red Herrings

Anonymous speech on the Internet is a mess

This is absolutely true. Go to any site where people can create accounts just by entering a fake email address, and where there are no valuable relationships between users to maintain, and you'll find a mosh pit of spam and just plain garbage. Fortunately, nobody is asking for anonymous speech on Google+; we're asking for the ability to use pseudonyms—persistent names that aren't tied to our real life address, home and personal information. All the usual validation processes (SMS messages, voice activation on the phone, etc.) would apply to them. When people give examples of how pseudonyms create hostile environments, they are almost always referring to comment systems, not social networks like Facebook, Twitter, LiveJournal, or Google+. I'll address that difference below.

Shava Nerad expressed this very well in a comment on G+:

People confuse two concepts: anonymity (no one knows who you are at all, no persistence over time, the most prolific author of all time is Anonymous) and pseudonymity (no one knows who you are, but there's a persistent identity over time like a pen name, think: Mark Twain, George Sand, Lewis Carroll, Thomas Pynchon, John Wayne, or Stalin). No one doubts who John Wayne was, but then again, no one reading Thomas Pynchon's books seriously doubts they are by the same author (well, maybe, but really...) even though no one but perhaps his editor has seen him (or her?). —Shava Nerad

If people use pseudonyms, I won't be able to track down a stalker

If you have a legal complaint, then Google will reply to a subpoena with all the information they have, which at least includes IP addresses and any linked accounts, and perhaps the number of the phone used during verification. The process of tracking a real ”John Smith” to an originating computer is not going to be any different from tracking down “Demosthenes” to that same computer. Since Google isn't verifying every address, they have no more information about “John Smith” than they do about “Demosthenes”.

I want a service where I know that everyone I talk to is using their real name

Then you need a paid service where every person is required to provide a credit card and/or government ID. So far as I know, no such service exists, nor does anyone have any plans to create one (well, actually I think the Chinese are creating one, but I wouldn't exactly hold that out as an example to follow). Google is only suspending accounts that have odd characters in their name, or which are reported by other users. They have given no indication that they wish to ask for a photo ID from every single one of their users, nor would such a process be viable in an international community. A similar argument is that we need to stop the “whack-a-mole” game, where someone who is tossed off the system immediately pops back on with a new account. That's great, and hopefully Google's authentication systems will help, as well as other algorithms, but banning pseudonyms won't do a thing for it.

This policy is necessary to stop spam.

See the previous item. With no ID requirement, spammers simply require an phone and a name that looks real. I'm sure Google will be using phone data, content filters, social graph analysis, and user complaints to help track down spammers, but allowing or disallowing pseudonyms has zero impact on the problem. Bad behavior is bad behavior, it doesn't matter if you do it with a real name or a fake one.

Why Are We Having This Discussion?

Google is a private sector company, obviously they can create a social network with just about any rules they want. However, Google has stressed the importance of privacy, they have stressed that their company motto is “Don't be evil”, and they have clearly created a product which has the potential to dominate online public discourse. The product is in beta, and they want feedback on it. I'm providing this feedback because I feel that Google+ has the potential to become the defacto “law” for online discourse, and I think that it is critical that the “law” reflect how democratic societies have always worked. Larry Page, during his earnings call, said, “Our goal with Google+ is to make sharing on the web like sharing in real life” ( As it currently stands, Google+ has policies which prevent it from reaching that goal.

Who Needs a Pseudonym?

I'm going to start with the personal. I'm going to say some things here that I really don't enjoy saying in public under my real name, but I'm going to say them because in the grand scheme of things, they are relatively minor. I have very good friends who would not be able to say some of these things. They might lose friends, neighbors, even custody of their children. I'm lucky, I'm established enough in my career, and confident enough of my family, that I can say some of the reasons why I have a pseudonym account as well as one under my real name. If by doing so, I help create protections for people who have much more serious reasons to protect their privacy, then the slight embarrassment to me is more than worth it. I apologize in advance, however, to my children, whom I really didn't want to hear about this. I'm sorry.


When the attempted revolution broke out in Iran, I had in-laws there, I had information about what was happening that I wanted to share online with people who were interested in the situation. I wanted to educate them about what was happening. But I couldn't do that under my real name, because the Iranian government was actively searching Twitter for posts about Iran, and they could easily have connected me to my wife and her relatives.


My marriage was on the rocks. I was sleeping on the couch, drinking too much, and not focused on my consulting business. I initially talked about some of this online on Twitter, and started to meet people with similar problems who had advice and support, but then my children got Twitter accounts. Creating a separate account allowed me to talk about those issues without identifying and embarrassing my family; not to mention my consulting clients. Those conversations, under my pseudonym, were absolutely critical for my finding a new network of friends, hiring a personal assistant, finding housing, moving out of my home, getting new jobs, and in general, getting my feet back on the ground. I made real friends, many of whom I have met offline, and now know by their real names, under that account. It was critical for getting my life back together.


I have two teen girls. Sometimes (especially since my wife and I separated, and the kids are off at boarding school) I just want to talk to people about the issues that come up when you have teenagers. Publicly posting (with no names, of course, that's the point of a pseudonym) about issues online has generated a flood of support and similar stories. I regularly share the ups and downs of my parenting life with other people, and they with me. Do I know their names? No. Do I need to? No. Would I have found that support if I'd only posted to my closed circles? No.


My father has Alzheimer's. It's getting pretty bad, he's starting to get paranoid, my mother has to bathe him and help him go to the bathroom. She and my aunt care for him, and it's pretty tough, and when I go there to help, it's pretty hard on me. Fortunately I can talk about this publicly, about all the things that happen and all the stress it causes me. And when I do, I get support and discover that there are other people out there amongst my public correspondents who are also having these problems, and we offer each other suggestions and support. I don't do this under my real name because I really don't want to be putting private information about my father, my mother, my aunt and myself out on the Internet. So I do it under my pseudonym. And not surprisingly, most of the people who respond to me are doing so under their pseudonyms. Is Alzheimer's a topic we aren't supposed to talk about publicly on Google+? There are many many topics like this which are not in the slightest bit controversial, but which people would prefer to talk about without their boss, neighbors, or strangers connecting to their real name.

Now let me talk about a couple friends. (I've tweaked the specifics for obvious reasons.)

Too Well Known

He's a minor celebrity in his home state. His face is well-known on television. He's involved in the BDSM community online; he's a submissive. And sure, he talks to folks on the sites meant for that, but this isn't some hobby, this is his way of life, and you don't go to a fetish site to talk about raising your kids, how to deal with unemployment, or what people are doing about health care. He wants to be able to talk about those things openly online, with his friends from the community, and he can't do it under his real name, or even with his real face, and he can't even do it at the local get-together's in person, because he's too well known. It has to be online. It has to be pseudonymously.

Dating the Wrong Guy

Her boss is a total misanthrope, he hates blacks. He rails about them day in and day out. What he doesn't know is that she's living with her black boyfriend. She's been looking for a new job for months, but this is all she can find. Where can she go where she can talk publicly online with her friends and her boyfriend about politics, the latest tech toys, and her interests?

The following list of beautiful examples comes from Shava Nerad. She describes perfectly the need of everyday people, just like us, to have a little privacy in a public forum.

The Lawyer

This is setting a precedent for the small town lawyer who wants to be able to keep their ability to blog about local politics, even though it might alienate their clients in their law practice. 

The Teacher

It's about teachers who want to be able to go shred on the weekend, even if they teach middle school a couple towns over. 

The Abuse Survivor

It's about a middle aged guy who wants to blog about surviving sexual family abuse as a kid, even though his abusers are still very much alive, living in the same town. 

The Texas DA

It's about the DA in Texas who wants to use his pseudonym to discuss his anime collection and research gay resorts in the Bahamas. 

Arab Spring

It's about the woman who wants to blog about how her husband and several of her cousins are activists in the Arab Spring movements in Syria, and how she and her mother and sister are getting by at home while they are away. 

Narcotics Anonymous

It's about the guy who is trying to attend NA meetings online because he's too well known in his community on sight to be seen walking into a Narcotics Anonymous meeting, and wants an identity to be able to meet with his sponsor and friends in recovery online.

The Union Organizer

It's about the woman in the company town in upstate NY who is trying to organize a union without her kids getting hurt on the playground. 

Here Cory Albrecht provides a set of real-life examples of people talking about just the kinds of things I expect people to talk about on Google+, and how it ended their careers and/or lives.

The Rape Survivor

The rape survivor who wants to be able to talk about her experiences without letting people know who she really is to protect her privacy.

The Closeted Teen

The closeted gay teenage boy who wants to participate in the online gay community where he can find support and friendship without the homophobic bullies at his high school finding out and driving him to suicide.

The Atheist Teacher

The employee who just happens to be an atheist but would get fired from their job if their boss found out.

The Wrong Political Party

Or fired for being Democrat when your boss is Republican or vice versa .

Finally, more from my personal friendships and other folks online.


He's gay…he's bi…she used to be a guy…he used to be a girl…he's still in the closet and doesn't know anybody like him. They aren't looking for a forum to talk about their sexuality, there are plenty of those. They're looking for a forum where they can talk about all the stuff the rest of us take for granted; politics, technology, society, world news… They just want to do it as themselves, not as someone pretending to be someone they aren't.

The Abused Spouse

He comes home every night and searches online to see if she's posted anything, anything at all, under her name. She has no job, she has the kids to protect, he's threatened to hunt her down and kill her if she leaves. (If you want a better understanding of this issue, please read this

The Stalked Science Blogger

In Science Blogger, Bug Girl's (now Gwen Pearson at own words (

I’m not going to choose to out myself just because some giant world-ruling corporation demands it. I have been Bug Girl online since at least 1997; as a blogger since 2005. I initially adopted a pseudonym because I had been the target of some white supremacist groups in the 90s, as well as experiencing stalking.

I also only feel free to talk about my disability (I have epilepsy) and my status as a rape survivor under this pseudonym. I don’t want my students, my employer, or my mom to find out these secrets about me from Google.

“Facebook's Real Name policy is sexist, discriminatory, and stupid. Google's policy is worse, because Google had the advantage of having seen how bad Facebook's policy was, but they went ahead and implemented it anyway. —Bug Girl

The Everyday Activist

And finally there's the simple desire to not conflate your primary online activity with something secondary that might detract from it. Lauren Weinstein talks about it in his excellent article “Google+, Privacy, and Balancing Identity” (

Already in the almost three weeks that I've been using Google+, I've had the experience several times of refraining from commenting on threads where I could have imparted potentially useful information, because I did not feel comfortable drawing attention to myself publicly relative to the topics under discussion. Perhaps 99% of the time I have no problem with being fully identified in my public postings. But that remaining 1% is still a significant concern nonetheless. This sort of self-censorship regarding legitimate matters, where no fraud or other bad intent is involved, should be a red flag regarding the possibly stultifying effect that “true identity” can bring to some situations. —Lauren Weinstein

What Are the Arguments Against Pseudonyms?

I apologize in advance for quoting Robert Scoble so much. I was going to take examples from a number of different sources, but Robert made many of the same arguments in one convenient set of comments, and I'd rather use remarks from a public figure than someone who just happened to speak up in a comment.

These are in no particular order.

People don't really need to hide

I hope the earlier set of examples has put this argument to rest, but in the end, this is no business of anybody except the person who wishes to have some privacy. This isn't about hiding. It's about privacy and control of the key that gives every stranger access to my doorstep; my name.

You only need a pseudonym if you're bad

Mark Zuckerberg is famous for having said, “Having two identities for yourself is an example of a lack of integrity.”. (Okay, that's not the only reason he's famous.) So speaks a man who has never had to work for someone else and never had children. He also said “The days of you having a different image for your work friends or co-workers and for the other people you know are probably coming to an end pretty quickly.”(

It's pretty clear that Facebook is doing its best to make this true, it's not so clear that people want it to be true. But some people take this even further. For instance, James Stallings II said in a comment on Google+,

Also I think that if you are using a nym to hide behind, you are doing exactly that, hiding. If things are so bad for you that you have to hide, you should be spending less time on the Internet, and more time reflecting on why it is you need to hide in the first place. Are you keeping bad company? making promises you cant keep? have a problem saying no? These are not problems that are strictly the province of women; any more than women are the only ones threatened with physical violence or confronted with sexual harrassment due to how they look. —James Stallings II

Unfortunately, that's not an uncommon attitude, it even has a name, “blame the victim.” Some people believe that all your problems were brought on by yourself. I honestly don't know how someone can jump from their own personal success and security to claims that their parentage, birthplace, biology and personal experiences have relevance to a gay teen in the American South, a kinkster in the Midwest, or a Burmese refuge fleeing from government persecution, or even the alcoholic next door, but some people do.

A forum with pseudonyms lacks respectful discourse

There is an element of truth to this. Someone may in fact chose a pseudonym in order to troll and create havoc. Removing pseudonyms will probably reduce this. There are however, a couple of problems with the argument.

  1. People troll under their “real” names too. So with or without pseudonyms, the service must provide mechanisms for dealing with abusers. Google+ does provide some of these already, you can block (really “mute”) someone to not see their comments and prevent them from commenting on your posts. You can moderate your posts. These tools seem quiet sufficient to deal with the slight increase in jerks that will come with allowing pseudonyms. Over time, Google will need to provide additional tools; whether or not they allow pseudonyms.
  2. Google is not providing a mechanism to prevent fake accounts. They are providing a mechanism to report fake accounts and validate them after the fact. So if someone signs on as John Williams, and starts flame fights in the comments, it's going to be a while before it occurs to anyone that it might be a fake account. You'll still need the moderation tools.
  3. People who have persistent pseudonyms are noticeably different from the trollers. They have lots of friends, you can Google them, they have many online posts. Even on Twitter, in the land of 140 character tweets, it's pretty easy to glance at the follower list and tweet stream of someone and tell whether they are a spammer, a jerk, or an actual social person. It has nothing to do with name, and everything to do with behavior and content.
  4. A person with a persistent pseudonym lives and dies on one thing; reputation. If they lose their reputation, they lose their voice. They won't get followers because of their job, or because they are famous, or because they worked on interesting projects. All they have is what they say. So in fact, they are more inclined to carry on a respectful conversation. Especially in a forum where being blocked is a mouse click away.

One common argument is to point at other services as an example of the failure of pseudonymity, but the comparisons are almost always apples and oranges. Examples include Techcrunch's comment forum prior to switching to Facebook, YouTube, Myspace, and any newspaper comment forum. These sites have zero to little verification for signup, it was trivial to put in a fake email address and start an account. They also provide no benefits to creating a social network of friends. Nor do they provide easy ways to block people. On the other hand, there are social networks, like Flickr, LiveJournal, Twitter, and others, which have a huge mix of pseudonymous and “real” names, and have civil discourse and a very active community. If they can have a vibrant user community with both “real” and pseudonymous accounts, why can't Google+?

I have a pseudonym I use on the Internet. It has a blog, a paid Flickr account, a YouTube account, over 1000 Twitter followers, over 40,000 tweets (that's about 1000 pages of writing). It has its own domain name, and three years worth of 50,000 Google references associated with it (twice as many as I have under this name). Why does that account, with it's obvious pseudonym, have less accountability than some guy named “John Smith” who lists nolocation, links to no other info, and shows no connections to any other people on the Internet? My persona lives and dies on reputation alone. “John Smith” gets a free ride because he can produce a driver's license to Google and continue being an anonymous asshole to everyone else. Does that really make sense? And if you grant my persona's right to exist here, then are we saying that Google+ is a network only for people who already established their connections somewhere else; the “old boys' club” of social networks? We don't ask people for their passport before we talk to them. As Sai . asks, “Have you ever slept with someone without first asking to see their ID?” If we'll do that, why do would we require one to talk online?

Go somewhere else

My first response to this is simple. I go where my friends go, isn't that the point of a social network? People don't enjoy trying to fool Facebook or Google into thinking their pseudonym is real, but if that's where your friends and colleagues are, then you don't really have a choice. But also, I think this argument is tied to the mistaken belief that people who have privacy concerns can live half a life, going online with a pseudonym only for the one issue, and then pretending to be something they aren't the rest of the time. Who you are affects your opinion. Being gay or female is quite likely to impact your opinion about pseudonyms, does the fact that you need to be private about that, mean you aren't allowed to discuss the issue? Being gay, or transgendered, or kinky, or a communist, or a woman does not mean that you should go and discuss everything in a ghetto meant just for your kind. That's an incredibly elitist position to take. And yet, that's exactly what Robert Scoble has said, which left me more than a little shocked.

And there are plenty of forums and other places on the Internet that are great for discussing all those political and racist and other ideas. I'm not seeing anyone harmed if Google wants to go down a better discourse path by forcing real names and real identities. As far as being a woman and discussing rape or domestic violence, maybe Google+ isn't the place to discuss those things. Maybe someplace like Quora, where you CAN be anonymous, is a safer and better place to talk about those things. — Robert Scoble

(Quora allows selective anonymity, which a) assumes I'm only need to hide my identity some of the time, and b) has no persistent identity. It's also a question and answer site, not a general purpose social network.) Some people feel that Google+ can be a great place to discuss technology and business, but they don't want anything here that makes them feel uncomfortable, like “political and racist and other ideas”. Perhaps I'm wrong, but I don't think Google intended to create another LinkedIn.

In response to the “go elsewhere” argument Jillian C. York wrote a telling description of the Arab Spring protestors dilemma:

What bothers me about your argument that they can “just go elsewhere” is that, in the case of Facebook, they really couldn't go elsewhere and be effective. Facebook was, and still is, where the network is, and if you want to be effective as an activist, you must target the existing network. And I imagine that, within a short time, Google+ will play that same role. — Jillian C. York

To sum up. People who value their privacy are not one-dimensional. They have lives, work, family and friends, and they like to talk about them some place where they don't have to give up their privacy. And if they have issues that they feel need to be brought to public attention, they can't do that in a single-purpose ghetto, they need to do it the same popular public forums as everyone else.

Use a real sounding name

This is the “Don't Ask, Don't Tell” model of pseudonymity. Don't make it clear that it's not your real name, and everything will be fine. Or in other words, “Lie.” Some people actually think this is okay, what they object to is not pseudonyms, but names that don't look what (they consider) real names to look like. 

Jillian C. York gives a great example of how this fails for activists, but it applies to anyone who might possibly annoy anybody about anything…whether it's politics, sexuality, or talking too much about dogs.

Look at Egypt: We know how important Facebook was to organizing, for those activists who chose to use it (this is not, everyone, an argument that the uprising couldn't have happened without Facebook, so let's not play that game). And yet, Wael Ghonim's page (you know, “We Are All Khaled Said, hundreds of thousands of fans) was removed from the site last fall because he'd been using a pseudonym on the site. The pseudonym looked like a real name, but because he had some enemies, they reported it, of course, having it taken down. And since he couldn't prove his identity with ID as Facebook requested, bam! Gone.

This is one use case that I've seen dozens of times now. Activists, in authoritarian countries, getting booted from a site because their activism got them reported, and their name happened to be fake. Meanwhile, thousands of others get away with it because they don't have enemies. — Jillian C. York

In real life, you use your real name

There is a difference between “using” your real name, and (like the ill-fated bank robber in England) having it tattooed on your forehead. In fact, in real life you get to choose when to use your name, and how much of it to use. Your stylist probably only knows your first name. Your co-workers might actually know you by your last name, although they could probably find your full name. And the girl behind the cash register at the 7-11? All she knows is that you like grape slurpees. In real life we do not give our real name to everyone we meet, let alone everyone who looks at us. The only person we have to give our real name to is law enforcement, and nobody is suggesting changing that here. Furthermore, there are social situations in real life where real names are not used at all. There are social clubs and societies where pseudonyms are standard procedure, and nobody uses their full name at an AA or similar meeting. When you write a letter to an advice column, you don't use your full name. When the founders of our country were writing what became The Federalist Papers, they certainly didn't use their real names. Philanthropists donating money often don't use their real names, and in fact the rich and famous often use pseudonyms to avoid attention; they can afford to be pseudonymous in real life, we only get that protection online.

There's another big difference. For most people (I'm an exception, my name is globally unique) telling someone your name in real life doesn't instantly link them to everything you've ever written. Sure, they can probably Google it, and they might find the right you, but it's still an effort. On a site like Google+, it's one click away. So Google's real name policy is nothing like real life; it is much, much less private.

Pseudonyms aren't real people

Some people seem honestly upset that they should have to use their real name to interact with someone who is using a pseudonym. Perhaps it's because I've been interacting with people online for so long (my first online girlfriend was in 1978), but I just don't see it. There is absolutely nothing more real about “Kee Hinckley” than “MYOTHERIDHERE”. Both can be Googled. Both will tell you (mostly non-overlapping) things about my life. Both will let you see the conversations I've had. Both names have been used to buy Pro Flickr accounts. Both names belong to various associations on and off line. Both names have blogs. I use both names in social situations offline. A subpoena will trace both names back to my laptop computer where I sit typing this. The fact is, short of searching financial or government records, there is nothing to make “Kee Hinckley” any more real than my pseudonym. And as I discuss what I think of the latest iPhone rumors online, I completely fail to see why anyone should be interested in what my birth certificate or financial records say. People who don't like pseudonyms seem to not like them because they feel they are a lie of some sort. And if my pseudonym were “John Smith” then they'd be right, but it's not. I chose a name which was globally unique, because I wanted a clear, persistent, and obviously not-on-a-birth-certificate name. I'm not lying to you, I'm choosing not to tell you my birth name. You don't tell me your social security number when we meet, but that's not a lie. I'm just not going to give you the lookup key which can lead you to the name of my children, and the address of my house. Because when you come down to it, that's what a “real” name is online now—it's a key to everything about you that you'd really rather people didn't know.

This is why Zuckerberg is so wrong. We aren't moving away from dual identities. We're moving towards them. The global database of personal information is forcing us to adopt pseudonyms in order to maintain our privacy.

If you're really commonly known as that, why not just prove it?

This would be the “rich and famous” clause. 50 Cent and Lady Gaga get to have pseudonyms (do her close friends call her “Lady”, or “Gaga”?), but you and I don't. Google says you can use a name if you're “commonly” known as that. Which means we get to watch the ludicrous sight of a Google employeeposting on their LiveJournal begging friends to give affidavits saying that they have always called him “Ping”. And what exactly does “commonly known” mean? I'm commonly known as “Kee” by some of my friends, but several thousand people on Twitter, not to mention everyone who reads my blog or photo posts, knows me by a different name. If this had happened 30 years ago, many of my friends knew me as “nazgul”, both online and off; that's how I signed all my online correspondence. A Google search on my pseudonym turns up 50,000 results. On this name, it turns up 25,000. Does that mean “Kee” isn't my commonly known name? “The Bloggess” is well known online by that name, is that her common name? At what point does someone become famous enough to qualify for this policy? How do I find out if I do? Millions of people in this country go by names that aren't on their driver's license. Often it's a variation of their real name, but often it isn't. How do they prove that? Who determines when a nickname is real, and when it is fake? The VP in charge of Google+ doesn't use his real name on the service, I should think that should have made the issue fairly obvious. Does Google really want to spend that much time and money per user?

And then there's the cultural problem. In India and Thailand (and I'm sure other places), people go by nicknames, not birth names. In Burma people regularly change their names to reflect changes in their life. Those names aren't on any birth certificate, and there is no way for them to prove they are accurate. We've already seen Google asking such people for proof of their name. Google states, “Use your full first and last name in a single language. If you use your full name, you'll help people find you online and connect with the right person.” but that is patently false. I find myself repeatedly having to ask people if I know them by some other name, because they were forced to abandon their persistent online identity when they joined Google+.

Even outside of the issue of pseudonyms and multiple accounts, Google has created a very Western-centric model of what it means to have a name. Clearly they need to correct that, and I'm sure they will, but to me it is indicative of the fact that the people who designed this policy really had no experience with what it means to have and use a name, let alone what it means to be someone with a reason to fear having their name exposed. Google needs to seriously consult some sociologists and anthropologists if they want to play this game.

It's dangerous

A number of the examples I've given, as to why someone might want a pseudonym, involve personal danger. All of them at least involve potential embarrassment. This argument says that there's no way to be private on the Internet, and therefore you shouldn't share anything that you don't want anyone to know. They claim this is “security by obscurity”. Robert Scoble makes this argument in a comment, 

If you are Chinese and you want to avoid government action you should advise people to keep their opinions off of the Internet. Period. — Robert Scoble

You know, everyone wants to avoid government persecution, but some people think it's worth taking the risk. Telling them to go hide and suffer in silence is not helpful. And what people are calling “security by obscurity” is simple common sense, we tell every kid not to give out their name and address to strangers, why does that become bad advice when we are adults?

It's true, pseudonyms are not 100% safe, and Google could do a lot to help educate people on how to use them safely, but as an anonymous person wrote to Violet Blue.

Using a pseudonym is little enough in the way of protection, but at least it prevents all but the most determined retaliation. I wondered how many people would have been prevented by fear from takings stands on issues. How many would have been subject to retaliation ranging from loss of jobs to death had they been exposed by real name? I am sure there are some who would put themselves at risk regardless, and they have my admiration. But what about the risk to family members and friends who could also become targets? —Anonymous

His crime? He once told a class how he was knocked unconscious, raped, and then ignored by police who said “they could not worry about every fag who had a tiff with his boyfriend.” As a result of that public disclosure, another student in his class then stalked him for ten years, driving him to attempt suicide. Do you think that man is going withdraw from public life on the Internet because of a stalker, or will he instead attempt to use a pseudonym, no matter how little security it provides?

A quick glance at Facebook should make it clear that you can say “don't use the Internet if you want to be private” all you want, but people will continue to share those things, even under their own names. The fact of the matter is, those that are using pseudonyms have, for the most part, actually realized the danger and taken some initial steps to address it. I'll be the first to admit that they most likely haven't taken enough; I've worked in the Internet security field for a number of years and I'm very aware of the issues involved. However, the argument that we should therefore not allow it, is ridiculous. In the first place, there is no way to not to allow it. Google has no intention of checking everyone's ID at the door. Secondly, people will use pseudonyms because it's the only way they can communicate with even a small amount of security. Arguing that we should ban pseudonyms because people won't use them safely is like arguing that you should ban sex education because otherwise kids will have sex; they are going to do it anyway, let's at least explain how to do it safely. Except in this case you're talking about protecting adults from themselves, not protecting kids. The right solution is not limiting choices, it's providing education.

The other issue with this argument is that it's black and white; it assumes that all risk is the same. The level of security I need to flirt with my friends without my kids seeing it is very different than the level I need to smuggle information out of Libya. But by banning one, you ban them all. 

Privacy is like insurance and security; the more you have, the more it costs you in time, money, and inconvenience. There is no such thing as a secure computer, only a computer that is as secure as you are willing to make it. The same is true of privacy.

Pseudonymity fails when you meet someone offline

It's nice to see Robert admitting that you can actually meet someone who has a pseudonym, but this argument is bogus.

the first time I met Thomas Hawk he told me his real name (Andrew Peterson) and then the secret was out (someone else already spilled the beans before I did). So, can anyone really be anonymous online AND have real-life relationships with others they meet online? Of course not. — Robert Scoble

The fact that Thomas Hawk trusted Robert with his real name, and Robert outed him does not mean that you can't meet someone and not use your real name. I do it all the time, as do many other people I know. As with anything about privacy, you have to decide who you trust and how much. This doesn't change when you meet them. There was nothing keeping Thomas Hawk from saying, “Hi, my name is Thomas,” or even, “Hi, I'm not going to tell you my name.”

If you have something important to say, report it to the media, they know what they're doing

This is a corollary of “it's too dangerous”. Robert Scoble said:

There are plenty of ways for anonymous whistle-blowers to get heard (I protect my sources, for instance) (that just after he admitted he was the second person to out a blogger's pseudonym) and plenty of ways for people to have their injustices heard…For instance, I carried about three terabytes of hard drives on my trip there and they never were looked at. I could have brought out a TON of info from people inside and posted that without ever threatening the source. — Robert Scoble

I commend Robert for offering to serve as a conduit for every person complaining about injustice in China although I'm not sure how they will contact him anonymously. But let's be serious, this is the height of egotism and elitism. There is far more injustice in this world than there are people to report it, and suggesting the oppressed should keep silent and “safe” unless they happen to know a reporter has got to be the most ridiculous piece of paternalism that I've heard in this entire discussion.

The oppressed don't have Internet access anyway

Yes, seriously, I have heard this argument from multiple sources. The claim is that oppressed people with Internet access are a myth. Robert Scoble:

heck, in most of the places where human rights are under attack Google is being blocked anyway and in most of those places IP addresses are being tracked, not names, whether fake or real, so your claim just doesn't ring true anyway — Robert Scoble

[Ed. 2019. Ironically, as I edit this I'm connected to a private VPN and using wifi in cafe in Myanmar (Burma), a country where online anonymity when talking about human rights can be a life or death issue.]

I'm not sure how one reconciles this with Green Revolution and the Arab Spring. Robert also makes the same comment about some illegal immigrants he saw protesting on the street. He doesn't think they have access to the Internet either, so therefore we don't have to worry about allowing them on Google+. (Hint, “local library”). I know literally hundreds of people who are unfairly discriminated against, and would love to prove him wrong by responding to his comments on Google+…unfortunately they don't dare do so under their real names.

Pseudonyms make it worse for women

It's interesting that the anonymity advocates never talk about the crap that allowing anonymity brings, particularly the anti-women comments. — Robert Scoble

Oddly, the majority of people I see arguing for pseudonyms are women, and the majority of people I see making comments like this are men. Actually, we are talking about the “crap” that anonymity can bring, however we are also considering the tradeoff. This was expressed quite eloquently by Gretchen S. who said that she'd much rather have to block a few pseudonymous online harassers than give up her pseudonym and have one show up at the door of her house with a gun. That's not a hypothetical problem for women, I have a good friend who experienced the dangers of using her real name. She made the mistake of using her first name online, and it was a little too unique. Someone tracked her down, drove three hours to her home town, knocked on her door, and attempted to persuade her to have sex with him. She was lucky, she convinced him that she had a boyfriend sleeping inside, and he went away. People often argue that the courts can protect women from harassment—that's not much help after you've been raped.

Real names will stop harassment

If everyone is forced to use their real names and real identities. You think people will still harass people if they are hit with a lawsuit? Or if their bosses get sent their emails? — Robert Scoble

Yes, I do. In fact, I have proof that real identity doesn't stop harassment. Ask the next woman or ethnic minority you meet whether they get harassed in “real life”. Yes? Apparently knowing who people are, isn't sufficient to stop them from abusing you. And law suit? Really? Even if the harassment is illegal, even if the police in your part of the country think it's worth investigating, who is going to fund the time it takes to go to court, let alone the warrants and subpoenas necessary to get the proof? Should my girlfriend file a lawsuit against the guy who pinched her on the subway? How about the one who sent her a c*ck shot in email? (Word obscured in case Google is still censoring posts.) It would be a wonderful world if everyone had a “Report me for bad driving” number under their name, but sadly, most people won't care, and more than a few will argue that all they were doing was “flirting”, “having fun”, “playing”, and “where's your sense of humor?”. Court cases are out of the question.

What's wrong with first name, last initial?

Every once in a while I'll sign up for a service, and with no warning they'll broadcast my name as “Kee H” because some idiot thought that was an “anonymous” combination that didn't even require asking me. It's not. Even if your name is “John S”, the addition of a location or profession, or the name of one or two friends, is going to be enough to find you. I am in fact alarmed by the number of people who are not using pseudonyms because of Google's policy, and are instead using their real name with an initial for their account. Your social graph is like a fingerprint, and while by itself, only a computer might be able to correlate Facebook, Twitter and Google+ social graphs to find you, with the addition of your first name, it's just a matter of some repetitive Google searching. This policy by Google is endangering users, especially women. The same people who claim pseudonyms are dangerous, should seriously ask themselves about the danger of this common alternative. See also “Female-Name Chat Users Get 25 Times More Malicious Messages”

Being anonymous defeats the purpose of social networking

That argument is based on the assumption that all networking eventually translates into meeting people offline. First of all, that's not true. I have hundreds of people I've talked to that I've never met in person, and that's fine. And I've done tens of thousands of dollars worth of business online with people I've never met as well. It also assumes that you can't do business or interact using your pseudonym, and yet people use DBAs in business and social situations all the time. Finally, it assumes that you never tell people your real name. I tell people my real name when I meet them in person all the time. I don't care about them knowing the connection offline, I just don't want it to show up in search engines.

It's just a dress code

This is the analogy that Google has publicly used. It's a dress-up thing. Robert Scoble echos it when he says,

I'm having fun here because you and I are using real names. — Robert Scoble

It's just like dressing up to go to a nice restaurant! However, there is a huge difference between being required to wear a jacket, and being required to give everyone who views my profile a unique identifier which instantly links them to my house, my home, my children and (with a little digging) my financial information. The comparison is completely inappropriate, and it is an insult to every person who has ever been stalked, harassed, or abused in the offline world, let alone those who simply want to selectively impart information about ourselves, just like we do in real life. Your name is not a suit jacket. It is the key that places your resume next to your position on gay marriage, your technical papers next to your statements about legalizing marijuana, and your career history next to your medical problems. Wearing your suit jacket doesn't keep you from getting hired, using your real name can. If we must insist on the restaurant analogy, this policy is more like requiring people to show up in nothing but their underwear.

I've seen this argument made several times. First of all, even if it were true in the United States, it isn't going to mean a thing in most of the world where harassment, especially against a woman, is considered the fault of the victim. This is an international network. But for a better answer, read what Sandra Curtis has to say. 

From working in the mental health field for 45 years, I have personally known over 10 women who are now DEAD.... because their husbands, ex-husbands, boyfriends, ex-boyfriends, fathers, brothers, spouses' ex-wifes'/girlfriends, generally deranged persons who decided they were attracted to them, etc etc etc..went after them and killed them DESPITE restraining orders. These stalkers did not care if they were put in jail, or killed themselves as a result.
A restraining order is one of the most meaningless pieces of paper I have ever seen in my life!
I have testified in court – BEGGED the judge; “the guy said he is going to kill her, and that he doesn't care what they do to him. If he can't have her, nobody will.”
Judge says to the guy, “Stay away from her, court dismissed.”. Next day, found the wife stuffed in septic tank.
I don't know how that judge, for one, lived with himself.
Then the guy gets released from state hospital 10 years later, because he was, of course, insane then (yeah, sure..) and now is sane (yeah, sure again..).
Guess who he comes after when he is released, folks ?????????
Please. I have moved 3 times, finally changed my name. I tell you again. You haven't been there? Your advice is usually meaningless. We are not dummies. We have done it all to try to stay safe. — Sandra Curtis

[Ed. 2019. And for the non-US-centric view, consider: An Indonesian woman recorded lewd calls from her boss. Now she’s going to jail while he walks free. ]

Google's advertisers won't like pseudonyms

Shava Nerad addresses this issue eloquently here: In short, marketing is about focus, and the things I discuss under my pseudonym tend to have a different focus than those I discuss under my real name. This differences allows the advertiser to target me even better. This is no different than how an advertiser treats the same person differently when they order from home, than when they order from their office address.

What Are the Alternatives to Pseudonyms?

Use Google Circles

  1. Circles are only useful if you already have a network of friends interested in an issue.
  2. Circles provide no protection for your correspondents, who don't know who you put in the circle, and may not want anyone else to know their real name. Even if Google allowed you to attach a pseudonym to a circle, that doesn't help the people who want to use their pseudonym to reply.
  3. Circles provide no protection for talking about things with people whom you don't trust with your personal information.
  4. Circles aren't public conversations. There are many many issues that work best with public discourse, Google Circles provides no help for this.

I actually feel that Circles are going to be a source of embarrassment to a large number of people. They are the “Reply All” of Google+. You don't know who is in a circle when you get a message, which means you don't know who you are responding to. You don't even know how many people are in the circle. So when you get a message from your best friend that says, “Good morning!” and you reply with “Hi! So, did you take him home from the bar last night?” someone is not going to be happy when you discover that the “Good morning!” was directed to everyone at work. Even if you check the list of the random 21 people, that may not be enough to tell you if this is “Joe's Friends” or “Everyone in Joe's circles”. The opportunities for mistakes (and duplicity) are rife.

In short, Circles, especially large ones, not only don't provide real privacy for correspondents, they may result in exposing information you'd prefer kept private.

[Ed. 2019, and nobody else could figure it out either, so Google gave up on them.]

Multiple nickname fields

Google has recommend this, and said it will be supported for search (possibly when you type a +?). This is certainly nice for the people who regularly go by different names in the same circles, especially for nicknames. It obviously does nothing for people who have separate social circles under different names, or people who wish to decide who has access to their identiy.

Sign up under real name, but have Google show only the pseudonym

This has potential. In fact, if it had been suggested three weeks ago, I might have said yes. However I find I now have a large group of friends who no longer trust Google with this information. The damage this fiasco has done to Google's image on privacy cannot be underestimated. Barring that, this could work for many people, but it raises a couple questions.

  1. What's the “real” name providing? All the arguments against pseudonyms have to do with people not being accountable to other people on forums. If only Google knows my “real” name, this doesn't solve that problem.
  2. Is the real name going to be verified at signup, or any other time? If so, this really does nothing for the activist or anyone who feels particularly concerned about privacy. Many people have argued that Google shouldn't provide pseudonyms because it's just not safe. I've explained why that, while true, isn't going to stop people. But this only makes it less safe. If someone snoops on my connection, puts a keylogger on my computer, or obtains my password, they will be able to see my real name in my profile. A policy like this makes things more dangerous to the people who can least afford it.
  3. In the end, if the hidden “real” name is required to be verified, then there are still many people, especially the most scared and vulnerable, who won't use the service.

Require that pseudonymous accounts are flagged as such

This of course assumes you have a way to tell. But obviously those of us with deliberate pseudonyms would have very little choice but to comply. The people with unusual names would be forced to verify their names and Google would have to white list them from the complaints. (I really don't envy Google their support costs as a result of this policy.) My concern about this is that it creates a second class of users. If Google doesn't provide a way to automatically block pseudonymic accounts, I'm sure someone will write a Chrome extension to do it. So a whole class of users, whose only sin is wishing to protect their privacy, will be joining in public conversation and wondering why nobody responds to them; go to the back of the bus. In real life, or on the net, people should be judged by their words and their actions. This solution robs us of that opportunity.

There is a way of flagging accounts which I do think is fine. That's allowing people to have verified accounts. Ones that attest that this person is in fact who they claim to be. Twitter does it, and it makes sense to do so here. Of course there's absolutely no reason I shouldn't be able to verify that I am in fact the person with a speudonym who has blogs and Flickr accounts and twitter accounts on the net; that's a useful feature.


Pseudonymous. Using a pseudonym has been one of the great benefits of the Internet, because it has enabled people to express themselves freely—they may be in physical danger, looking for help, or have a condition they don’t want people to know about. People in these circumstances may need a consistent identity, but one that is not linked to their offline self. —Google

That quote is from Google's own policy blog. The question isn't whether Google gets it. The question is why on earth they thought that wasn't a useful feature of a social network.

Here lies the huge irony in this discussion. Persistent pseudonyms aren't ways to hide who you are. They provide a way to be who you are. You can finally talk about what you really believe; your real politics, your real problems, your real sexuality, your real family, your real self. Much of the support for “real names” comes from people who don't want to hear about controversy, but controversy is only a small part of the need for pseudonyms. For most of us, it's simply the desire to be able to talk openly about the things that matter to every one of us who uses the Internet. The desire to be judged—not by our birth, not by our sex, and not by who we work for—but by what we say.

Pseudonyms are not new to the computer age. Authors use them all the time. Our founding fathers used them. Anonymous and pseudonymous speech have been part of democratic society since its beginning. What is new is that more and more strangers, whom we have never seen and never spoken to, know our names. What is new is that a name, with just a few minor pieces of information (birthdate, friends names, employer, industry, town…) can in a few seconds provide thousands of personal details about who you are and where you live.

I have over 100 people in my circles on Google+ under my other account, many of them came over to Google+ from Twitter because I and a few others extolled its virtues. They all strongly believe in the criticality of being allowed to keep their identity intact and consistent across multiple services. They all strongly believe in being able to decide what they share and what they don't, and want to keep their personal life separate from the names known to their bosses, neighbors and family. Why aren't they having this discussion? Because they are either signed on to Google+ with real sounding accounts, or they are using their real names and don't dare speak out. Back on Twitter, easily half of my followers are using pseudonyms, and most of them are waiting to see how this all turns out. They'd love to have a better forum to discuss technology, politics, kids, family, sexuality and all the things everyone talks about on the Internet, but they don't want to risk being exposed by Google's policies and naiveté. That's why I'm speaking out. Because I can afford to, and they can't. 

I leave you with this question. What if I had posted this under my pseudonym? Why should that have made a difference? I would have written the same words, but ironically, I could have added some more personal and perhaps persuasive arguments which I dare not make under this account. Because I was forced to post this under my real name, I had to weaken my arguments; I had to share less of myself. Have you ever met “Kee Hinckley”? Have you met me under my other name? Does it matter? There is nothing real on the Internet; all you know about me is my words. You can look me up on Google, and still all you will know is my words. One real person wrote this post. It could have been submitted under either name. But one of them is not allowed to. Does that really make sense?

Behind every pseudonym is a real person. Deny the pseudonym and you deny the person.

A few small set of references in addition to the links in the article:

Sai .'s excellent post on the subject.

Who is harmed by a real names policy

Firm digs up dirt on potential employees

All the recent posts by Violet Blue

And thank you to all the numerous people who engaged me on both sides of this discussion and helped me edit and create this post. Regardless of our views, what we have in common is a passion about the future of Google+, and discourse on the internet.


from Fennix

Hello everybody. My nick is Fennix, I'm an app breaker by day and night. I might make this a daily thing I might make this every few days I am not sure yet.

For today's rant I want to talk about libraries, their developers, and when not applying the Unix philosophy goes terribly wrong.

I'm going to talk about Log4J but I'm also going to talk about things like XXE and in general design choices that lead to headaches.

When you're designing a library that is intended to be used to tackle some important but common function, it's incredibly important that you keep the library as task focused as possible especially the core library and its defaults. If you need to extend functionality, use a pluggable architecture and make those plugins opt-in. The amount of headache that Log4J (the “log4shell” vulnerability really) caused the world is outsized to what everyone expected the library to do.

It's important to understand that users' expectations of what the library is doing are important. Log4J is not alone in this though. The log4shell vulnerability is very reminiscent to me of XXE. It's a feature that was enabled as a default to do some additional parsing that most of its users didn't want or need and that they didn't necessarily have visibility to.

Along those lines, if you're not familiar with XXE, AKA XML External Entity parsing attacks, the basics of the attack are this: – Attacker submits XML to server – Server parses XML – Server does a bunch of stupid shit like opening remote connections and sending files – Attacker laughs, possibly even a good cackle

When XML as a document standard was being ratified importance was placed on this idea of being able to validate the document against an arbitrary schema in order to make it flexible. It was important that schema specifications not just be able to be loaded from local files but could be loaded from central locations using a variety of different protocols. Examples of these are Gopher, FTP, or later HTTP. XML is very old.

Secondly, in XML there is this concept of entities — a shorthand within the document so that you can refer to some special character or a predefined standard blurb. You have likely seen these; the © that you would use to insert a copyright symbol in an older HTML doc is an entity (HTML having its roots in XML). When you combine these two things what it meant is that you could have remotely loadable entities that would get parsed and loaded on the machine that was processing the document.

Now because you might have some rather large entity, perhaps some boilerplate legalese that needs to be attached to each document, you might want to load that out of a local text file. You might make &legalese; into an entity that reads its data from /usr/lib/standard_disclaimer.txt.

This idea of document processor went from simple to unfocused, and because of these features you can probably see how with XXE you could often steal contents of files, reveal remote server locations, SSRF, cause a denial of service, etc., purely because this specification became overly complicated.

It was then made worse by the fact that as the web was evolving, nobody had a better answer than XML for a long time to do online document exchange. Since it was already a standard in business, it meant that it had the inertia and so there was no reason to change this. Ultimately you end up with major websites being vulnerable to all manner of XXE attacks purely because some support for some long forgotten feature was thrown in there. Even today this happens.

Enter the developer using it: It's not clear that this needs to be turned off, I just wanted to parse an XML document! They don't make any mention of this sort of thing anywhere in the documentation, so why would I think it's by nature unsafe?!

This is horse shit. We should expect better from our library authors. We should expect better from commonly used components. Importantly all the billion dollar corporations that make much of their billions leveraging this kind of software need to pony up, fund some pentests for these things, fund developer education, dedicate some resources to it.