My plugin that does some things better than WordPress and replaces Gravitar with an equivalent that does not track seems to be working 😀
For a week or so I have been running a local install of WordPress on my workstation, but I only tested the PHP code with it – not the inclusion of alternative avatars. That was done first here.
The plugin is NOT YET READY FOR PUBLIC CONSUMPTION but you can get it from github. As of today (April 25, 2018) you have to use the devel branch to play with the avatars, the master branch still uses secure.gravitar.com for the the avatars and that tracks.
As you can see in the Privacy Badger screenshot, there is still the Google tracker, but now avatars are being fetched from devel.trippyid.com which I created specifically to NOT have any trackers. The Google Tracker will be resolved separately.
In addition to changing the avatar source URL, the hash generated from the user’s e-mail address is salted using a salt unique to the WordPress install, so user’s can’t be tracked via the hash of their e-mail address either.
The plugin changes how WordPress CSRF tokens are generated, it does it better, but it also means that as soon as you activate the plugin you (and anyone else logged in) will be f0rced to log in again because the old CSRF tokens will no longer be valid.
The plugin allows you to switch from the default WordPress password hashing algorithm to Argon2id. I do not do it by default because as each user logs in, their hash is updated to a Argon2id hash. What that means though is that if you de-activate the plugin, anyone who had their password hash updated will no longer be able to log in at all and will be f0rced to do a password reset. So that feature is not enabled by default.
This is not yet complete and is the primary reason the plugin has not been officially released.
The PHP code in the plugin is probably fine, it’s the “Groovytar” code that is not yet finished. But it’s finished enough I can start playing with it on a live WordPress site, such as this one.
After activating the WordPress plugin, what your Avatar panel in the Settings panel will change what it looks like.
WordPress is now instructing your browser to grab the avatar from TrippyID instead of from Gravatar.
Presently there are only three options available, but that will change, there will be avatars for every WordPress defined option, and probably some for others too – as the non-tracking avatars are not just for WordPress. Any social media site can make use of them.
Below are descriptions of the three currently defined avatars.
This is very similar to the Gravatar “Mystery Person” Avatar and is intended as a replacement for WordPress blogs that are configured to use the “Mystery Person” Gravitar. The biggest difference is that it is served as an SVG file allowing it to scale to any size.
That avatar is not an identicon, meaning it is the same for everyone.
This is an identicon intended as a suitable substitute for the Gravatar “Identicon” Avatar. It creates a confetti image of various shapes and colors based upon the salted hash of the user’s e-mail address (or really whatever hash it is fed, it does not care where the hash came from).
This image always generates the same way so the same hash will always produce the same image, but the image is different for different hashes. That is what makes it an identicon – an identicon is an avatar that is tied to the same identity online without revealing what the identity of the person is.
The Pictograph identicon is not finished. Also, the image shown reveals a bug in ImageMagick SVG to PNG conversion. WordPress does not allow upload of SVG images (they claim for security reasons but that’s bullshit, it is not hard to detect the possible security issues – which aren’t even an issue when an img tag is used, they are only an issue when an object tag is used) so I had to convert to PNG and ImageMagick messed up on on of the glyphs. Oh well.
Anyway when finished, there will be 32 different pictographs that are possible in the generated identicon and 128 possible different color combinations, all of which will meet WCAG AAA contrast specification for medium-sized text. Most of the color combos will only meet WCAG AA for small text, but a pictograph is not small text.
When this pictograph is given a size parameter indicating the intended display size is less than 192×192 CSS pixels, instead of a 4×4 grid of pictographs it will serve a 3×3 grid of pictographs. For a given hash, the 3×3 grid is a subset of the 4×4 grid.
The PictoGraph Identicon is the default in the Groovytar source code and is used when a different identicon is not specified, but it is not a suitable replacement for any of the Gravatar generated identicons.
The problem is many WordPress themes, including the default themes, show avatars at a really small size and even sometimes use CSS to circle crop them, cutting off significant portions of the image.
WordPress users running my privacy plugin who are using a theme that displays avatars as squares and at a decent size (at least 96 CSS pixels) will be able to choose this variant by selecting the “Gravatar Logo” option in WordPress.
Since I will not be creating an intentional substitute for the Gravatar Logo, selecting it will result in the PictoGraph identicon being used as it is the default.
There will many more different Identicons created, well beyond the scope of just serving as WordPress Gravitar alternatives.
With the exception of the PictoGraph Identicon, however, Gravitar alternatives are my top priority.
Even though the PictoGraph Identicon is not intended be a substitute for a Gravitar Identicon, right now it is my top priority because of the vision I have for it outside the context of WordPress. But suitable Gravitar replacement that at least do not look like total shit when displayed small with a circle crop are my priority after the PictoGraph Identicon as I need them before I can release the WordPress plugin.
I would like to thank Let’s Encrypt.
Right now, I am pretty fucking broke. As in so broke it adds constant stress daily and is undoubtedly lowering my lifespan significantly just from the stress – not to mention the fact that I have medical issues for which I can not even afford to see a doctor.
Let’s Encrypt makes it possible for me to use TLS without the added financial burden of certificate authority fees, which really add up when you have several domains you don’t monetize because advertisers track your users and you do not consider that to be acceptable.