Re: Keysigning in times of COVID-19
On 8/7/20, Sam Hartman <hartmans@debian.org> wrote:
>
> TL;DR: I think without some link back to real world identity, we open
> ourselves up to attacks where people build trust only to betray us.
Hi, Everyone.. I've tried to follow some of this conversation but keep
getting distracted. I haven't known where to chime in with Real World
experience, either.
My interest in this is that I *have* been impersonated online. It
matters because I'm trying to work my way through a package that was
abandoned, apparently because so many things have been being upgraded
and refined within Debian the last few years..
So, in my case, what had happened was....
Perps, a very local group that operates across the United States,
created a Twitter account [0] using.. my full name.. my avatar.. my
personal images including that large header image.. AND my complete
textual bio such as it was at that moment in time.
Twitter took that fake account down so fast when I contacted them that
I didn't get a printscreen as some kind of proof. The original
homepage for it is still out there gathering cyber dust.
So, you know... Full blown, malicious impersonation is very real for
some of us out here. Only reason I ever found out was because Google
Alerts brought my own name back to my inbox one day.
As another instance showing Debian does need to keep things in check,
I just tripped over something from last year. It appears to
potentially still be a possible active case so I'm not going to share
that much of the details right now.
The guy's no longer around.... but someone posted something cryptic on
his social networking.. after he was gone. It's possible he used
something like Hootsuite or something to leave a timed post set for
the Future. Only time will tell on that..
He was a techie.. possibly building himself a notable reputation
around the Internet. He followed very few people.. but he picked at
least one *I* know from online interactions..
Am still in the process of trying to figure out who's who and doing
what with the remnants of his presence left on the Internet.
Meanwhile, I swear I've been back to Debian's Developers at least
once.. or maybe more. I don't know if I'm reading something wrong...
or if it's my system glitching at just the wrong time.. or what.
The disconnect that repeatedly landed me at a Debian email address was
happening somewhere between his old profile, his followers, and who he
followed. I wasn't copying an email address when the Debian one kept
appearing (at least 4 or 5 times). I haven't proven to myself quite
how that happened, yet, but I do have one clue that needs followed up
(in my brain, grin).
Date of last activity for some bits of that other case goes back to
just before that Twitter account was created in my full likeness. Only
difference in my own case was the perps gave their physical location
as West Virginia instead of Georgia.
Oh, and my account was NOT hacked. It was instead replicated visually
then placed under a completely new account name... that had my very
real name attached.
I'm signing off here for now. Too much going in too many directions. I
will most certainly be trying to find the right way to bring it up
with full details if that other case really, in fact, seems to have
some kind of 100% reproducible identity weirdness leading to Debian's
front door....
Hugging you all for all the hard work you do. I wouldn't be able to do
any of what I do without this kind of project being available...
Cindy.... :)
[0] Suspended Twitter account placeholder for studebarke (I'm "Studebaker")
https://twitter.com/studebarke
--
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA
* runs with birdseed *
Reply to: