Hey thanks for taking the time to check it out! And yeah, that's where many would fall for it along with looking somewhat harmless early on.
You are viewing a single comment's thread from:
Hey thanks for taking the time to check it out! And yeah, that's where many would fall for it along with looking somewhat harmless early on.
Whoever did this went to a lot of trouble to disguise their intentions, OR it's a genuine thing that was very poorly conceived... because if they can send us 0.001 Hive without being logged in, they can also send people 3 Hive without being logged in... all they need is your username, and that's public information. Besides, why send a wallet memo, rather than just make a public post about who and what they are? Pretty sketchy...
The reason I even mention "genuine" is that the names given as originators of the survey ARE verifiable faculty members at the University of Hong Kong.
Sad that we live in a world where we have to be so uber-suspicious of everything...
=^..^=
It's actually perfectly reasonable to have someone sign a message to authenticate who they are. It would be a means to prevent impersonation and to a degree sybil attacks.
The only keychain command I received was to sign a message, ie. to log in. However it is entirely possible that the back end code sends different commands to different users (depending on value of account, for example). The important thing for users to do is to learn the skill to evaluate the transaction that they are signing. In principle, even trusted sites like peakd.com and hive.blog could cheat users by doing a 'switcheroo' with transaction details in a keychain command.
I would also suggest that the use of memo messages is probably part of the study design to avoid sampling bias. Making a post about it would encourage major sampling bias.
That is certainly a valid point.
At the same time, relying only on responses from a wallet memo creates its own sampling bias in that you're only going to get responses from people who are not suspicious of wallet memos... which almost suggests that there's really no "winning" in trying to conduct such a survey, if it actually IS legit.
=^..^=