25
Is impersonation a possible problem in the fediverse?
(programming.dev)
A loosely moderated place to ask open-ended questions
If your post meets the following criteria, it's welcome here!
Looking for support?
Looking for a community?
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
That's why instance is part of the username. It's no different than email addresses.
Confusing similar domain names are a common thing with email. Micr0soft.com vs Microsoft.com. Same idea could be done with instances.
Setting a display name hides the instance bit. You have to check the URL or profile to see which instance they're on, which people definitely won't do every time. Especially if an impersonator just joins inside a thread mid-conversation, it won't be obvious at all that it's suddenly a different person writing.
Just like emails, when people write something like
”Amazon Gift Cards” <yolo@yolo.com>
in theFrom
field.His concern is probably that in comments etc. only username is displayed. You have to go to person's profile to discover their instance.
Instance is shown if it's different to the one you're on. I can see your instance is vlemmy.net
Not if they set a display name. Many of the mobile apps are also bad about it even without a display name.
that's true, but currently people can set their display name to anything, for example, i could set my display name to @sideone@lemmy.world
we could all set that as our display name.
Ah, ok