|
|
Log in / Subscribe / Register

Two GCC stories

Two GCC stories

Posted Jul 1, 2010 12:28 UTC (Thu) by epa (subscriber, #39769)
In reply to: Two GCC stories by gmaxwell
Parent article: Two GCC stories

Quite. The key point is that you can make as many pseudonyms as you want, but you have only one real name. If there were some way of checking that this 'Nightstrike' is also called by the same name in other contexts, such as his or her day job, and of guaranteeing that the same person cannot invent new ones, then it wouldn't matter what the name is.

From a computer-security point of view, as Nightstrike points out, it makes no sense to ask for a real name without doing any verification on it. But from a social point of view, encouraging the use of real names rather than anonymous or psedonymous handles can create a better atmosphere for collaboration. The online encylopaedia Citizendium, for example, has a policy that everyone contribute under their real name. It is held that this will tend to get better contributions and more mature discussions.

to post comments

Two GCC stories

Posted Jul 1, 2010 15:16 UTC (Thu) by k8to (guest, #15413) [Link] (2 responses)

A little point. People can make up new real names.

Screen names vs real names

Posted Jul 3, 2010 3:12 UTC (Sat) by giraffedata (guest, #1954) [Link] (1 responses)

A little point. People can make up new real names.

It's actually a pretty big point. There is little distinction between what we're calling a "real name" and "NightStrike." There are countries where a person has a single well-defined legal name (not to mention number), but plenty where a person doesn't. The U.S. is one of the latter. Also, some countries have a dictionary from which you must choose a name, but most, including the U.S., don't.

A person can not only make up a new name, but go by multiple ones at the same time and use a name as silly as he pleases. Legal procedures come into play if you want to force someone else to call you that, and you're not allowed to use a name with intent to defraud, but the essential point is that a name is not an identity and vice versa.

It makes sense for FSF to want to have the name or names that a person uses with his bank account, residence, and criminal convictions, in addition to enough additional identifying information to disambiguate that name. But it doesn't make sense just to ask for a "real name."

Screen names vs real names

Posted Jul 3, 2010 4:00 UTC (Sat) by gmaxwell (guest, #30048) [Link]

I don't really mean to single out you, — but a number of the comments here reflect what I perceive to be a kind of "computer engineer's autism" ... a notion that things are binary, that a preventative measure either works in an absolute, quasi-mathematical sense, or its worthless.

But the world doesn't fit into nice little binary boxes like that. It's quite possible for someone to join a project with fully honest intentions and only to later decide to do something dishonourable, perhaps inspired by some dispute or the like. Of course, they're less likely to do so if they'd given their real name at the start, taking the risk of real repercussions. So even if you do _nothing_ more than to ask for a real name and perform no validation that does provide a value. It's not an absolute proof: nothing is... Just an additional piece of confidence that costs most people very little.

... and does the FSF really want important contributors who need to hide their connection? For their sake and the FSF's it would probably better if someone who needs to hide their affiliation didn't contribute in that way. Anonymity is a powerful and important tool, but it is often a danger: Under the believed guise of anonymity we'll engage in activities we would otherwise deem to risky. Should that anonymity be shattered we regret our decisions to depend on it.

Of course, people do manufacture multiple online identities. I've seen quite a few instances of people building up multiple admin accounts on the English Wikipedia— each representing at least a hundred hours of work, if not several hundred, building social connections, community trust, and making useful contributions to the encyclopaedia. Are they more likely to just make up another 'real name' than build a virtual reputation? I don't know— asking for a real name doesn't do much against someone who came in with an intent to defraud. Like the locks on most doors and containers, asking for a name helps keep honest people honest. I think it's obvious that if you ask for both a real name and a virtual reputation you get a superior protection compared to doing either alone.

It might be the case that the FSF should be doing more detailed identity-validation... I don't know what they do today, as I know too many FSF people fairly personally, and I don't have a good feel for what level would be sufficient for their needs. But I do think we need to reject these binary notions of security. The world's problems have infinite shades of grey, and our tools needs to be as numerous and varied if we are to address these issues. Regardless of how lossy the existing process is that lossyness is an argument for strengthening it, not for abandoning the protection it currently provides, however small.

Two GCC stories

Posted Jul 1, 2010 15:43 UTC (Thu) by nix (subscriber, #2304) [Link]

I'm not really sure the nearly-moribund Citizendium is the best possible example to bring up in this context :)


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds