Worth noting is that "Researchgruppen" or "The research group" is an extremist left-wing group that exposes normal folks and have ties to people that threaten and use violence against people with different opinion than theirs. Also worth noting is that the Sweden Democrats is not at all far-right, it is more like a conservative social party. More left than right for example. It is also today one of the biggest parties in Sweden and will most likely grow to be the biggest soon.
Researchgruppen are part of the politically correct elite in Sweden, supported by basically mainstream media which is most likely the worst in the world when it comes to being objective which this articles just proves.
For people interested, the major news paper bought this information from "Researchgruppen" in order to seek, follow and harass everyday citizens and put their faces on the front pages telling the country they are racists. Sure maybe some were technically writing racists comments online, but the gestapo-moves from the news organizations in Sweden is just one of the many harassments you'll recieve if you have any critique what so ever against the large immigration numbers. They have used several illegal actions (credit checks for example) in order to find information on the people they were harassing. The people who got their faces put at the front pages did not get any chance to defend themselves or even tell their story.
> "The research group" is an extremist left-wing group
> Sweden Democrats is not at all far-right, it is more like a conservative social party
Hmm, where's the bias here, I wonder...
The Swedish Democrats are basically a cleaned-up racist-nationalist party. They had to explicitly ban members from wearing nazi uniforms. Did a green party ever have that problem? Everyone else knows that they're just playing at dog-whistle politics. "concerned about immigration" obviously means "keep out brown people, get rid of as many as possible who are already here".
> mainstream media which is most likely the worst in the world when it comes to being objective
This is just hilarious. You've clearly never read the washington post or watched just about any american news tv.
> Sure maybe some were technically writing racists comments online,
Well it's true. Several in the group have connection to violent organisations. While Sweden Democrats is a democratic party. Sure they might have had some issues before, but now they are a conservative social party wether you like it or not.
> This is just hilarious. You've clearly never read the washington post or watched just about any american news tv.
I have but I still think Swedish news are more biased many times. Sure there are extremes in the US like Fox News, but we are pretty much competing with them. In our case I know there is studies on the subject. But of course I am biased since I get exposed more to Swedish news.
> While being sitting politicans...
And many were not? And why does it even matter? They should be able to post anonymous comments like anyone else.
As a fellow swede I just don't agree with anything you have to say. Outing politicians who are ranting online is fair game as far as I'm concerned. The Sweden Democrats attract racists and their roots are racist, there's just no way to deny that - they mostly follow the same neo-fascist agenda of similar parties throughout Europe.
>Outing politicians who are ranting online is fair game as far as I'm concerned.
I don't see how that has anything to do with that Expressen did to ordinary non-political citizens.
>Expressen har kartlagt chefer, företagare och en docent som hatar anonymt på Avpixlat.
> - Det som ni håller på med är helt avskyvärt. Ni försöker bara hindra folk från att rösta på Sverigedemokraterna, säger Jim Olsson, 67, docent i fysikalisk kemi.
Translation:
>Expressen has researched and tracked managers, entrepreneurs and a docent who hates online at Avpixlat [immigrant focused news site, according to big media a hate-site, my annotation]
>- What you are doing is despicable. You are trying to stop people from voting on the Sweden Democrats, says Jim Olsson, 67, docent in physical chemistry.
Disclaimer: I dont vote nor sympathize with the Sweden Democrats, i just find this gestapo/social-shaming behavior despicable by one of Swedens largest news-papers.
I'm not arguing against anonymity, i am arguing that there is a ethical difference between releasing information about that there's a difference between what a politician says publicly and what the politician really thinks, and the same situation with a private citizen.
A politician wants to change the laws and circumstances for our lives, and he/she gets a mandate to do that by convincing the voters that they have aligned interests.
In this case though it was mostly normal citizens who weren't politicians and they used illegal methods in order to gain personal information about them.
Now that you're editing your comment while I'm writing this, it's a bit hard to comment. I agree with you to 100% that we should have anonymity online, and that the media supporting data breaches of personal data is a bad thing.
BUT I think what you write/wrote about "pk media", "mainstream media" and "immigration" is totally irrelevant to this post and HN in general. I have to say, for the non-Swedes here, that your view are _definitely not_ the common view that Swedes have. While the media is biased sometimes I would actually say that it's the people who are against immigration and have ran out of arguments to justify their case, who use this "argument" to deny facts. Sorry to be harsh but please find some real arguments why the media is not objective.
Sorry, I was adding more information since I thought it was interested for outsiders to objectively learn about what is happening in Sweden.
I haven't said anything about immigration, but that we have a mainstream media that have specific political bias is proven [1] and that people don't trust media is also well known [2].
It IS the common view Swedes have, or at least one of the more common. The reason why media is not objective is simple: there is no one there with different opinions that get air to vent the counter arguments. That is why there is such a huge traffic going to "alternative media" which is almost as popular as the state sponsored SVT. [3]
For everyone who doesn't speak swedish, in the third citation you can also read that the "alternative media" is far from the popularity of the most popular media outlets.
> Fria Tiders total under veckan var 91936 reaktioner på 55 artiklar. Aftonbladets motsvarande siffra var 936570 på 1316 artiklar.
Fria Tiders total was 100k "shares" on social media whereas the biggest news outlet Aftonbladet has 1M "shares". And there is another one called Expressen which has another 1M shares.
This is a bad article and what it claims is just wrong:
> the data they received also came with metadata that included the email addresses tied to anonymous Disqus accounts
What they received were Gravatar URLs which include the MD5 hash of the senders email address. Obviously you can scrape the web and find more avatars with a matching email address hash and start mapping them to the same author. You can also try brute forcing the hash to find the original address, but all that is not a Disqus security breach.
It's scraping public websites, maybe one could call it social engineering, but after all it's a targeted attack and no flaw in Disqus.
There is of course something wrong with making email hashes public through avatar URLs, but that's all Gravatar's fault.
Many people probably want to see Gravatar support on the websites they use, and it's also very easy to implement by developers. It's pretty much a monopoly and they're the only ones to fix it.
Gravatar should stop their support for unsalted MD5 hashes. It's just too insecure when most people don't understand the implications of sharing a MD5 hash of a user's email.
The only way something like Gravatar works is by having something that's directly computable from the source email address (or whatever the identifying field is). Whether it's a MD5, SHA256, or whatever is irrelevant.
Similarly having it be a salted (instead of the currently unsalted) hash wouldn't help anything. The salt would need to be public for separate web sites to reference the same avatar for the same email address.
Short of authenticated requests to Gravatar (which again kills the point of how it all works), one alternative would be to make the computation function more expensive, either by performing multiple rounds of the hash function or switching to a "slow" hash function (ex: bcrypt or scrypt). The latter would require a fixed salt and wouldn't really work for the use case as it'd slow down any webpage that links to multiple gravatars to a crawl.
The real issue here is that the email address space is fairly predictable. If you want HASH($EMAIL) to be unpredictable then instead of first.last@example.com switch to ~ [a-z0-9]{16}\@example\.com.
They need to provide avatar, given hash, i.e. implement a public getavatar(emailhash) function.
They don't need to provide hash given account, i.e. getemailhash(comment).
If someone uses a unique avatar they can be identified by bruteforcing emails, generating md5s, then querying gravatar, but I assume most users don't change from the default. You also couldn't prove it, because you may have missed a different email which has the same avatar.
> He explained that Disqus offers API services that include "MD5 hashes" of email addresses that allow users to access third-party services such as Gravatar, which in turn permits users to display a consistent avatar across platforms.
Does this mean that other services using Gravatar are also leaking in this way?
Specifically, the vulnerability discussed was Disqus's use of Gravatar. The "MD5 hash" provided by their API was strictly used to construct a Gravatar URL.
Researchgruppen are part of the politically correct elite in Sweden, supported by basically mainstream media which is most likely the worst in the world when it comes to being objective which this articles just proves.
For people interested, the major news paper bought this information from "Researchgruppen" in order to seek, follow and harass everyday citizens and put their faces on the front pages telling the country they are racists. Sure maybe some were technically writing racists comments online, but the gestapo-moves from the news organizations in Sweden is just one of the many harassments you'll recieve if you have any critique what so ever against the large immigration numbers. They have used several illegal actions (credit checks for example) in order to find information on the people they were harassing. The people who got their faces put at the front pages did not get any chance to defend themselves or even tell their story.
This is also old news in Sweden.