I’m not a security expert, but this warning at the Citicards site was quite a shock:
Customers using comment or blog tracking services on their computers run the risk that information submitted here could be displayed on those websites. Please disable your comment and blog tracking service before using Citi Cards Message Center.
Is this a real danger? What do you think?
Update (11/19): Several commenters here and on TechCrunch confirm what I thought myself: the warning likely refers to “tracking” products that offer a browser plug-in. In this case I was using FireFox with the BlogRovr plugin turned on. I know coComment offers a plugin, and whoever else does … well, Citibank considers it a security risk. Hm… food for thought.
Update #2: Wow, apparently this has been a well-documented problem for at least half a year, so Citi’s solution is to finally put up a warning message.
Implementing DISQUS
Quick note: I’m in the process of implementing DISQUS now. (Thanks for the help, Daniel!) Thousands of comments are being imported, but they don’t show under the relevant posts yet. Also, DISQUS labeled a few hundred comments as spam – I need to manually comb through those.
So if you commented here before and don’t see your comment now – apologies, hope to sort this out soon.
Update (1/29): Pre-DISQUS comments are in the system but they don’t show for some reason. Bear with me for a while – either we’ll have a fix or I’m removing DISQUS soon.
Update #2: Removed DISQUS, due to ongoing SPAM trouble. I may write more on this one day…