Home > Security > Comments – How To

Comments – How To

September 11th, 2010

****** UPDATE: Easier to follow directions here: Account Info *******

So, I promised (threatened) to do a lot of dumb ^m^m… experimental things with running this blog.

One of the experiments is this. To comment here, you need to make an account. To do that, you simply try to log in and comment. When you get confronted with the log-in screen, you will see a link to Register. Click that, type in a a user name you want to use and whatever email address you are prepared to share with me. When done, an email will go to that address with a hideously hard to remember password and a reminder of your chosen user name. Come back, try to comment and when confronted with the log-in option, enter your chosen user name and the hideously hard to remember password and log in. When you log in, you’ll be able to create a profile and change your password. The suggestion to change the password will show up on the top of the profile page you land on.

Now, this is messy and it’s a pain in the @#$. The upside is, you only have to do it once and you will, thenceforth be able to comment. The downsides, that I can see now at least are:

  • That creating an account could be scripted, it could be a way my site is used for spamming people. If that happens, tell me. The spam will be one unwanted email with log-in credentials. No way. barring security glitches with WordPress, to control the content sent by the account creation script and no way, again glitches with WordPress to send more than one.
  • It’s a pain in the $%^.  Yeah, I know, another site you have to have an account on. I’m sorry. You don’t have to make an account. You don’t have to post comments. If you want to, this is how I am trying it for now.
  • You have to trust me a little. You are trusting me with the following info: Some email address that somebody can read. Doesn’t have to be your ‘real’ one but it does need to be one you can read at least one message to. The IP address, browser, referring page and platform you’ve used to access this site are logged by the server. That IP address can be reverse lookuped (I know, that’s not a word) and it can be geo-located and all of that info can be correlated to the email address you used. This is true for essentially ANY web site you access and make an account on. In most cases, you have to trust some enormous corporation whose business depends on making some use of that info to make money. In my case, you have to trust me. Or not. Rest assured, unless I am forced to by court order or have to for some legal reason, I’m not going to mess with you.

Regards posting comments. Unless you spam, break some law I know about, threaten me or others, disclose personal information about yourself, me or others, or say something a reasonable person could deem offensive for the sake of being offensive, I’m gonna leave up comments. If you make a cogent case that blog entry was utter horsepuckey, your comment will stay up. I may rebut. I may just comment myself or post myself saying I disagree with you or I found your comment offensive or I may just leave it as is. Again, you’re just going to have to trust me that I want to do the right thing and will try.

(Yes I need a privacy policy. Yes that will come.)

Post to Twitter Post to Facebook

Categories: Security Tags:
  1. Jon Commenting
    September 11th, 2010 at 00:07 | #1

    So, this is Jon posting a comment to his own posting. This is here so you can see what the site will expose in your profile to others.

Comments are closed.