4

Take a look at bbuser. The user has not entered a name in his profile. I don't know where the name bbuser comes from, but I assume it is somehow part of his OpenID. He appears as bbuser in questions, answers and elsewhere on stackoverflow.com though.

Is is not possible to find the user by searching for bbuser.
It would be cool if this would work and here is why:

I told two people about stackoverflow.com recently and both were very interested. After a while I asked them if they had subscribed and they told me their ID.

I could not find any them with user search. It happened to be that both of them had not bothered to enter a username in their profile. I guess that this is quite common for new users.

In my opinion it would be useful if we could search for users by the parts of their OpenID that is used to identify them at stackoverflow.com.

Interestingly a google search for "bbuser stackoverflow" returns the users profile as result.

Improve this question
2
  • 2
    Ask them for their user number instead.
    – Brad Gilbert
    Commented Jun 28, 2009 at 16:51
  • I should have ask them to enter a user name;-) Seriously, in my opinion it is confusing if this partial OpenID is used to identify the user at several places and you can't search for it.
    – Ludwig Weinzierl
    Commented Jun 28, 2009 at 19:44

2 Answers 2

Reset to default
7

OpenID is kind of a semi-private bit of information, though.

This is sort of like asking to search for someone by their login name -- all you need is the password to complete the puzzle.

We do use parts of the openid to identify the user (not the whole thing, but parts) when the user gives us nothing else to go on.

Improve this answer
3
  • To search for that "parts" would be perfectly OK. I changed that in the question. That information is on the profile page (in the title tag) and indexed by google anyway.
    – Ludwig Weinzierl
    Commented Jun 28, 2009 at 9:43
  • I agree with the fearless leader, it should remain private. In fact, I'm surprised the bbuser info carried through at all. I did a little testing and it doesn't seem to do that with all OpenID providers. If you know which one is doing it then you know the domain and that adds up to an email address to spam. I wonder if this should be corrected so we aren't leaking information.
    – Oorang
    Commented Jun 29, 2009 at 7:52
  • I don't know enough about OpenID to comment on the security thing. What I'd love to see however is that I can take any user name under any answer, enter it in the user search and it returns some useful information. Useful information could be something along the lines: "Sorry, this user hasn't filled in enough data in his/her profile".
    – Ludwig Weinzierl
    Commented Jun 30, 2009 at 20:58
2

Absolutely this should remain private. While one has no hard expectation of privacy on the internet a degree of casual anonymity lets you answer questions without people stalking you through your ID. Answers may not be universally popular.

The Economist publishes anonymous articles for the same reason. In order to get experts to write on potentially controversial material they have to offer an anonymous forum.

In my case my Stackoverflow account is all of my web presence apart from a few posts to archived mailing lists. From this perspective I would rather not facilitate casual stalking by third parties. I do not necessarily want random recruitment agents or prospective employers seeing my stackoverflow account unless I specifically decide I want them to. Not being able to control that could have financial consequences.

Getting real (non deniable) identity information about a SO poster should require a court order or gross/illegal violation of somebody's terms of service (read: compromising an OpenID provider). I also suspect that casually revealing identifying information would violate privacy laws in quite a few jurisdictions.

Improve this answer
2
  • As Jeff noted what is used is only a part of the OpenID. My point is that if I can find this profile easily in google, why not with the user search at stackoverflow.
    – Ludwig Weinzierl
    Commented Jun 30, 2009 at 20:53
  • I'm more interested in casual stalkers such as recruitment agents or potential employers not being able to link a stackoverflow account to my real-life identity unless I want them to. The system needs to prevent untrusted third parties from getting personally identifying information.
    – ConcernedOfTunbridgeWells
    Commented Jul 1, 2009 at 11:37

Not the answer you're looking for? Browse other questions tagged .