Web Excursions 2022-01-02
Pseudonymity is just another layer of privacy.
If you won’t tell me your age we call it ‘privacy,’
but if you won’t tell me your name, then that could be called ‘pseudonymity,’
but it’s just another data point you want to keep yourself private.
Interest in online pseudonymity is accelerating, not just among artists and authors,
but everyday people who more and more exist as “public figures”
in an increasingly hostile, heavily scrutinized social media age.
Pseudonymity can enable the creation of spaces in which people are not bound by demands for consistency across different domains of their life,
but only by the more limited demand for consistency within the forum itself.
Durability within the context of the forum enables others to challenge, question, and criticize the claims made in the course of debate.
Not long ago, across the late 90s and early 2000’s, this advice was ubiquitous: do not share your real name on the internet.
Prior to this period, when the internet was largely used by researchers, academics, and institutions, individuals did use their real names as they collaborated with colleagues and peers.
But this convention shifted as more people came online.
Some have suggested that the earlier days of the internet were more fluid due to most online spaces lacking the rich multimedia we see today;
it was easy to “construct an identity through text.”
many who recall the earlier pseudonymous days of the internet describe them fondly.
Online, you could tear down the constraints of the small town you grew up in or your social status in the highschool you attended.
For people on the periphery of society, young people particularly, exploring the internet pseudonymously meant participation in community, access to support, and exposure to stories and information that helped curb isolation and loneliness.
Online you could recreate yourself anew, or be the true self you couldn’t at home or in your community, hanging out on message boards with fellow strangers on a similar quest.
The emergence of the Named Internet changed this.
The introduction of modern-day social networks was a Great Unmasking.
Linkedin and Facebook prompted us for our full names instead of usernames;
online spaces asked us to upload profile pictures instead of constructing avatars.
These changes were ushered online en masse alongside language about “community” and “authenticity” with the implicit and explicit suggestion that true connection required “real” (or government-issued) identity;
Mark Zuckerberg once suggested “having two identities for yourself is an example of a lack of integrity.”
The creators behind these social networks overall wanted a correction to the pseudonymous wilderness of Internet Past—
to build an Internet Future where you really were who you said you were:
“When people use the names they are known by, their actions and words carry more weight because they are more accountable for what they say,”
states Facebook’s 2015 announcement on modifying their real name policy.
But the connection between the use of real names in online spaces and civility is dubious, while there’s some evidence that “stable pseudonyms” lead to better discussions and more civil environments.
A connection between your online and real world identities has utility: attention accrued, opportunities extended, and money made.
But the reverse is true too.
A connection between your online and real world identities has consequences: open ostracization, jobs jeopardized, and status ceded.
It’s hard to imagine this doesn’t have chilling effects on speech, creativity, and the exploration of identity.
It’s perhaps these factors—
a nostalgia for the feeling of early internet pseudonymity, a concern with self-expression in front of an attack-ready audience, and a desire to move across the internet less encumbered—
that’s getting people to explore online pseudonymity anew.
Pseudonymity is a spectrum, and it’s not uncommon to see people obscure some data points from their identity despite being “known”;
NFTs serve as stand-ins for profile pictures and users swap their full name for initials or ENS domains.
But some are embracing the more hidden end of pseudonymity.
The pseudonyms are the most honest accounts. Influencers are the most dishonest.
The promise of pseudonymity is alluring;
it’s a chance to shed an irl identity that may be outdated or overcautious for an opportunity to explore unencumbered.
Despite the ability for famous pseudonymous profiles to garner popularity and reputation, they are separate from the person behind the account,
a form of self-expression that is accelerating as more people experiment with alts and navigate the web unknown.
What might pseudonymity at scale look like? Balaji Srinivasan, an angel investor and entrepreneur, has outlined how a “pseudonymous economy” might function.
He suggests that technology has evolved to support widespread pseudonymity allowing for multiple pseudonyms for one person, for instance “an earning name, writing name, and a legal name”
that allows people to essentially diversify their identity portfolio, avoiding complete reputational harm in the event of a coordinated social attack.
While this might seem daunting and unfamiliar, many of us already move between multiple “identities” in the real world—parent, spouse, child, friend, employee;
in this light, a diversified presentation of self online is natural.
How might collectively obscuring identity impact our attitudes towards work on a larger scale over a longer time period?
Discarding our IRL identity baggage has the potential to make us more free online,
but could make us less engaged, and less fulfilled as a result.
It’s also unclear the hierarchies and tensions that might form with a critical mass of people who are pseudonymous and others who are not.
I have a confession to make: I leave most parties early because I’d rather read a book.
Usually, I make up an excuse. Something like “Oh, I have early plans in the morning.”
Intellectual loneliness is a challenge that many people feel, but nobody talks about.
It’s built on a paradox where you feel alive when you’re learning on the Internet
but soul-crushed when you try to talk about those same ideas with friends and family.
[when] mindless conversations about the news that regurgitate the same tired storylines.
Writing on the Internet is the best way to solve intellectual loneliness because sharing ideas in public turns you into a magnet for like-minded people.
HACKER NEWS
[The article got bad receptions and the commenters criticized the author for being snobbish.]
iamleppert:
It’s far more likely that the OP is lacking in social skills.
People are not two dimensional, and people who are who you find at most parties.
Conversations in a social setting have a certain protocol to them.
They start out with small talk, that’s how you learn someone’s mannerisms, personality, flow, etc.
without having to actually concentrate on the details of what you’re talking about.
You read their subtle cues to learn how to interact with them.
Having good social skills is just as important as being well read, maybe even more so.
TheOtherHobbes:
Many of the smartest and most high IQ people are perfectly capable of relating to normal people
without making it obvious how bored they are.
Small-talk and chit chat aren't hard.
Nor are smiling and nodding, appearing interested, asking following questions, and making the occasional joke or funny observation.
None of this is rocket science.
ausbah:
from this thread and the far-too-many-hours I've spent on Reddit -
obviously these feeling are not uncommon,
but the tone in which this stuff is presented always reeks of unearned superiority
like I think its great that people like OP have enjoyment and passion for "intellectual pursuits", but most other people don't.
you have an interest, and like most other interests, people aren't going to share your interest because they have their own, different interests.
so don't be surprised when you try to pivot the conversation, people don't want to talk about
if one want to get rid of this "loneliness" you either need to
find a community of like-minded others (see the internet) or
introduce conversation topics in a more mutually interesting manner instead of wishing for others to meet you where you are
Why I’m Using HTTP Basic Auth in 2022
Some online resources mention that HTTP Basic Authentication is deprecated, but that’s a misunderstanding.
Only passing username and password as part of the URL is deprecated.
It’s still perfectly valid to pass the credentials in the HTTP header and that’s what I’ll be doing.
This method works in every modern browser.
modern browsers still support credentials in the URL, even though the practice is deprecated.
To prevent certain fishing attacks, they hide those credentials from the user in various ways, but it tends to work anyway.
Because Basic Authentication sends the username and password with each HTTP request,
it’s insecure unless the credentials are served over an encrypted HTTPS connection.
COMMENTS
oconnore:
It would be much better to use a zero knowledge proof
(typically called a PAKE — password authenticated key agreement)
to demonstrate that the user knows their password without sending that password over the channel.
Sending the password over HTTPS doesn’t expose the password to passive observers, but it does unnecessarily expose the password to the server.
mholt:
Caddy comes with basic auth support because it's still useful for a lot of use cases.
IMO the biggest weakness of basicauth (when deployed over TLS) is the fact that most server configurations store the passwords in plaintext, usually in a config file.
This is like storing passwords in plaintext in a database.
Caddy does not allow this. You have to use a secure hash on the password before adding it to your config
MicrosoftExchange 2019 Anti-Malware - Bad Update? (self.sysadmin)
The “long” type allows for values up to 2,147,483,647. It appears that Microsoft uses the first two numbers of the update version to denote the year of the update.
So when the year was 2021, the first two numbers was “21”, and everything was fine. Now that it’s 2022 (GMT), the update version, converted to a “long” would be 2,201,01,001 - - which is above the maximum value of the “long” data type.
@Microsoft: If you change it to an ‘unsigned long’, then the max value is 4,294,967,295 and we’ll be able to sleep easy until the year 2043!
EMAIL STUCK IN TRANSPORT QUEUES - MICROSOFT TECH COMMUNITY
The problem relates to a date check failure with the change of the new year and it not a failure of the AV engine itself. This is not an issue with malware scanning or the malware engine, and it is not a security-related issue.
The version checking performed against the signature file is causing the malware engine to crash, resulting in messages being stuck in transport queues.
you can bypass or disable malware scanning on your Exchange servers and clear your transport queues. You should use one of these workarounds only if you have an existing malware scanner for email other than the engine in Exchange Server.
HACKER NEWS
belter:
Around 10 to 15 years ago...Seen a similar serialization and date processing bug with a Java based Enterprise Integration Platform used by some of the largest companies in the world.
Several European Central Banks were unable to process transactions.
Since then, it has been a standard within the Testing group of that vendor to always have a running platform setup with a date 6 months ahead
game_the0ry: A couple of years ago, I did work for a major airline where the test suites that would test date processing would fail on every leap year (Feb 29). So they decided not to run tests or deploy on Feb 29th.
db48x:
Phone numbers are not numbers. Zip codes are not numbers. Model numbers are not numbers. Characters are not numbers.
Seriously, if you can’t add, subtract, multiply, and divide them, then they aren‘t numbers and you shouldn’t use a numeric data type for them.
This is CS 101 knowledge. How badly does MS run their engineering?