One of the problems with having kids and Internet access in the same house is dealing with the problem of someone duping your kids into believing they are someone they aren't. And it's not just predators that you have to worry about; kids are devious, they know they can pretend to be someone else (and often do) on the Internet and thereby mess with their friends' heads.

One of the reasons it's so easy to socially engineer someone else into believing you are whoever you want to on the Internet is that there's no real way to verify identity. Now I can't think of a way to do that given today's technology, but I do think that we could put a stop to some of the intential abuses of anonymity in IM clients. Experience says it is too easy for someone to claim to be "John from Ohio" when he's actually "Ed from Oregon" and it would be nice if kids - who are too often willing to believe anyone on the Internet - had some kind of simple mechanism that would give them a clue as to who is being honest and who isn't.

A simple way to resolve this particular issue, I would think, would be to add a function to IM clients that determines location based on IP. Yup, geocoding. Yes, there are anonymizers that blow geocoding's usefuless out the window, but for the most part simple geocoding would provide a good idea of when you might be being had and anonymizing is more difficult with IM than it is with web browsing. Originating IP addresses don't, for the most part, lie unless you're really good. And I'm guessing that most people who are trying to use IM as a social engineering platform aren't that good. So it would almost certainly put a stop to teenagers trying to impersonate other people from around the globe in order to "mess with their friends" when the geocoding information clearly shows they are in the same city as their "friend", and it'd probably catch "Ed from Oregon" pretending to be "John from Ohio". At least as far as location goes - names, that's another story.

Yes, I realize that travel makes this less useful in general but I'm not all that concerned, as an adult, where another adult may be. We're primarily focused in this case on providing a mechanism that can help us, as parents, identify potential social engineering attempts that target our children. And not only identify them but prove it to our children, who are too often certain that they aren't being had when, in fact, they are. Besides, anyone old enough to travel a lot shouldn't be chatting with my 15 year old daughter; that's exactly one of the cases we're trying to catch.

Because of the way IM works, IM servers could add this info to the info the collect about users when they login and send it with the other general info to buddies or it could be something added directly to the clients.

Maybe this already exists and I'm just not up enough on IM clients, servers, and extensions to know about it. If it does exist - that's awesome, where can I get it? If not, well, someone get on that, okay?

Imbibing: Coffee