Impersonation attacks happening on Bluesky with its domain integration stuff https://tedium.co/2024/12/17/bluesky-impersonation-risks/
This is one of the reasons @spritely has gone all-in on Petname Systems as our approach https://spritely.institute/news/two-petnames-papers-are-released.html
@cwebber Petnames are The Way. Ran across SimpleX which appears to only use petnames, though you do put a display name in your profile.
@cwebber #Wikipedia discovered the risks of impersonation a couple decades ago. That's why using real names is generally discouraged, *especially* for celebrities. For the longest time, non-pseudonymous accounts were instantly blocked in many language editions, until a process was established for those who wanted more official-looking usernames. (It's only worth it when necessary to declare COIs.) https://en.wikipedia.org/wiki/Wikipedia:Username_policy#Real_names
Funnily, here's a 2004 proposal by @evan:
https://meta.wikimedia.org/wiki/Real_names
@richbruchal @cwebber @spritely it can happen anywhere. even in the simplest namespace, can you tell anything about the true identity of richbruchal vs realrichbruchal vs therealrichbruchal? you can link identities but without one of them having some reputation, it's not gonna help you out much
@trwnh @richbruchal @spritely Yup it can definitely happen on the fediverse within its current interfaces. Fediverse clients could be updated to a petname approach too though
@ULTROS_PROFESSIONAL @spritely I kinda miss "we are all gargron" day
@cwebber @spritely that piece was an absolutely infuriating read; thank you for it
it's angering to us because this problem was so incredibly easy to anticipate. if anything, the author is too generous to Bluesky, crediting the company for not intending this outcome. even a tiny bit of threat modeling should have turned up this likelihood.