spiders Posted February 1, 2007 If someone was aiming to examine someone else's pms how easy would that be to do? Share this post Link to post Share on other sites
KlUe Posted February 1, 2007 If someone was aiming to examine someone else's pms how easy would that be to do? No users can access other users PMs unless they have your password. I'm not familiar with this software, but the one I used on my site didn't let me view any PM data. I'd be quite sure even Torsten can't view them, so just make sure your password is well protected Share this post Link to post Share on other sites
obtuse Posted February 1, 2007 Hi Bluemeanie, In a fairly sophisticated forum system like this i would have thought very difficult indeed. Unless a password can be guessed, of course. Cheers, Obtuse Share this post Link to post Share on other sites
Ace Posted February 1, 2007 I've wondered this myself - I figure they'd have to be fairly secure... right? right!? Not that that would be much of a problem lol Just more out of interest Share this post Link to post Share on other sites
AndyAmine. Posted February 1, 2007 (edited) I guess it depends on the person who wants to read it While I have no indepth knowledge of this forum software Im sure it wouldnt be very easy for your average non-technicaly minded layman but for someone with a bit of fire in thier belly and or the appropriate technical informtion/application/know-how I imagine it could be done. Obviously if its law enforcement they would have no trouble at all As has been mentioned above, a security service can only be as strong as the key/password that you provide it with. Two common examples of password cracking software are brute force and info-collation/password-guessing apps and are easy to find, with brute force the app jst keeps at it until it finds a word that works and the other kind lets you add information about the person and then it will come up with guesses. I dont think the brute force would work well on this software because it would time out after a few attempts but if a the person can get, for example, personal information like pets, children, birthday, maiden name, parents names/maiden names, your log in names from other sites, lost password questions etc.. there is a very good chance the application or person can guess it. Best thing is to add lots of random stuff in there totaly unrelated to your life, like numbers, uppercase and lowercase, made up words etc.,. The person could also send you a trojan that installs a keylogger or similar which then phones home with all your typed information, so this is also something to be aware of. Hope this helps in someway. Edited February 1, 2007 by AndyAmine. Share this post Link to post Share on other sites
XipeTotec Posted February 1, 2007 Hi Bluemeanie,In a fairly sophisticated forum system like this i would have thought very difficult indeed. Unless a password can be guessed, of course. Cheers, Obtuse you mean, I should stop using my user name as my password? and I should stop talking about my love of goats in my PM's? Share this post Link to post Share on other sites
spiders Posted February 1, 2007 you mean, I should stop using my user name as my password? and I should stop talking about my love of goats in my PM's? exactly - i like to keep my fetishes under wraps Share this post Link to post Share on other sites
Torsten Posted February 1, 2007 PMs are only safe once deleted on both sides!! Do not assume PMs to be safe. In fact, do not assume any web traffic to be safe! Share this post Link to post Share on other sites
sobriquet Posted February 1, 2007 PMs are only safe once deleted on both sides!! Do not assume PMs to be safe. In fact, do not assume any web traffic to be safe! A very Orwellian reply. I'm assuming what was asked was, can administrators or moderators or both read PMs if they wanted to. I'm not saying they would, but does the software have an option to allow it? I'm guessing that it does. Share this post Link to post Share on other sites
KlUe Posted February 1, 2007 A very Orwellian reply.I'm assuming what was asked was, can administrators or moderators or both read PMs if they wanted to. I'm not saying they would, but does the software have an option to allow it? I'm guessing that it does. It may.. but i doubt it, and even if it did, it probably can't as blue is a mod and he is asking the question Share this post Link to post Share on other sites
ballzac Posted February 1, 2007 I've wondered this in the past. I personally don't give a rats arse who reads my PMs as long as I'm not gonna get into trouble for it. For that reason, it would probably be wise not to incriminate oneself in PMs. If you break the law, and you absolutely must tell someone about it, it's probably better to do it in person. If you feel the need to incriminate yourself via PM, you should probably request, in the PM, that the recipient deletes it after reading. If, however, you are simply concerned that other forum members will find out that you have a fetish for licking the testicles of gibbons, then maybe you shouldn't have sent me that PM in the first place. Share this post Link to post Share on other sites
Torsten Posted February 1, 2007 anyone with access to the database could theoretically read the texts of the pms I think. I am not sure, but I doubt they would be stored encrypted. people with access to the database includes myself, any techie that deals with this server, any law enforcement with a warrant, and any hacker with enough skill to hack my domain. repeat the mantra: >DELETE DELETE DELETE DELETE DELETE DELETE DELETE DELETE DELETE DELETE the chances of a security breach or ongoing surveillance is minimal. The latter because we are not based in australia and the former because the server is well maintained. I think the greatest risk is from people being lazy and not deleting old PMs, trash and sent folders. Share this post Link to post Share on other sites
ballzac Posted February 1, 2007 Probably should also point out that although legally a warrant would be required by authorities, they could still do a dodgy and spy anyway. The info couldn't be used as evidence, but it might be used as a tip-off. Share this post Link to post Share on other sites
Green Osiris Posted February 1, 2007 I'd be quite sure even Torsten can't view them, so just make sure your password is well protected Umm, that's not at all correct. Torsten can, (and has), read PMs from one member to another member. PMs are only safe once deleted on both sides!! Do not assume PMs to be safe. In fact, do not assume any web traffic to be safe! Take it from him, do not consider ANY traffic to be intimate. No need to respond with BUT BUT BUT IT'S A (theortically) NECESSARY INTERVENTION TO STOP World-War-Three, I actually think that the administrator & financier of a forum SHOULD be able to look at whatever he/she damn well wants. There's no law concerning privacy (outside of 'corporate internet' entities) - that's what makes the internet such a cool, E-generation device. So 'theoretically' or otherwise, the simple answer to the thread subject is "NOT VERY" Share this post Link to post Share on other sites
marsha Posted February 1, 2007 Umm, that's not at all correct. Torsten can, (and has), read PMs from one member to another member. Take it from him, do not consider ANY traffic to be intimate. No need to respond with BUT BUT BUT IT'S A (theortically) NECESSARY INTERVENTION TO STOP World-War-Three, I actually think that the administrator & financier of a forum SHOULD be able to look at whatever he/she damn well wants. There's no law concerning privacy (outside of 'corporate internet' entities) - that's what makes the internet such a cool, E-generation device. So 'theoretically' or otherwise, the simple answer to the thread subject is "NOT VERY" i agree! torsten is creepy he reads all our pms i actually beleive he actually set up this forum for his own sick entertainment. he reads them so he can keep up with and KEEP ON TOP OF this ever evolving soap opera known as the corroboree, he also has more than one username all the shit stirrers u see like green osiris etc... they are him people wake up he controls the forum he is sick and making crazy annoying charecters to stir us up for his own fun.... Torsten u should be ashamed of yourself!! we are real people man not just toys for you to taunt and provoke for kicks Share this post Link to post Share on other sites
sobriquet Posted February 1, 2007 Umm, that's not at all correct. Torsten can, (and has), read PMs from one member to another member. Take it from him, do not consider ANY traffic to be intimate. No need to respond with BUT BUT BUT IT'S A (theortically) NECESSARY INTERVENTION TO STOP World-War-Three, I actually think that the administrator & financier of a forum SHOULD be able to look at whatever he/she damn well wants. There's no law concerning privacy (outside of 'corporate internet' entities) - that's what makes the internet such a cool, E-generation device. So 'theoretically' or otherwise, the simple answer to the thread subject is "NOT VERY" Yes I think Invision Power Board has at least an installable mod that I have heard of, that allows direct access to PM's by administrators. That was back in 2004 and Invision may have their own module nowadays to allow PM access by admins; I don't know about that part. Whether that mod is installed, or other means activated on this forum is still not crystal clear, but one would have to assume that it is in principle possible since Torsten stated the forum database is unencrypted and potentially accessible. It does bring in ethical and privacy issues. I think it should be made absolutely clear that PM's are not PRIVATE MESSAGES, but rather PERSON 2 PERSON MESSAGES that can be monitored, snooped, or hacked. I can't recall the legalese text when I joined up but it may have stated this in there somewhere. I also agree that the administrator or benefactor running a site or forum intrinsically has the right to look at personal messages. How else would they remain happy and entertained after putting up with so much dross and garbage on the rest of the forum? There has to be some benefits of ownership that you simply can't deny an admin Share this post Link to post Share on other sites
Torsten Posted February 1, 2007 Umm, that's not at all correct. Torsten can, (and has), read PMs from one member to another member. wtf are you talking about? I take privacy very serious and find such an accusations utterly disgusting Share this post Link to post Share on other sites
marsha Posted February 1, 2007 (edited) oh surprise surprise i know username is you torsten im onto you buddy nice try! why are u doing this all these people u are aguing with are YOU, you are sick mate and need help..... i think u should take this oppurtunity to come clean and tell us who all your "coroboree alter egos are? come on mate we love u fess up and be free Edited February 1, 2007 by YoWiE Share this post Link to post Share on other sites
Torsten Posted February 1, 2007 Torsten stated the forum database is unencrypted and potentially accessible. HUH?, where did I state that? I can't make such statements as I don't know. I am shitscared of the database as I broke one once and never managed to get it to work again. if that happened to The Corroboree I would be seriously fucked, so I keep out of there. In fact, if I have a database problem I usually get IPB to fix it for me When I log into the database it may be decrypting the text for me. I don't know. I don't know how it all works. rememember, I only do the computer thing cos I have to, not because I want to. I know from the IPB blurb that passwords are encrypted in this version [and some previous ones], but I don't know anything about any other database field. It does bring in ethical and privacy issues. I think it should be made absolutely clear that PM's are not PRIVATE MESSAGES, but rather PERSON 2 PERSON MESSAGES that can be monitored, snooped, or hacked. Anyone who still thinks that anything on the web is private needs their head examined. I also agree that the administrator or benefactor running a site or forum intrinsically has the right to look at personal messages. How else would they remain happy and entertained after putting up with so much dross and garbage on the rest of the forum? There has to be some benefits of ownership that you simply can't deny an admin LOL. yeah, I have nothing better to do in my hours and hours of free time As far as legal issues goes, it's best I am completely oblivious. Share this post Link to post Share on other sites
Torsten Posted February 1, 2007 oh surprise surprise i know username is you torsten im onto you buddy nice try! why are u doing this all these people u are aguing with are YOU, you are sick mate and need help..... i think u should take this oppurtunity to come clean and tell us who all your "coroboree alter egos are? come on mate we love u fess up and be free hey, how about I just ban all my alter egos and that way no one will ever know Share this post Link to post Share on other sites
Green Osiris Posted February 1, 2007 wtf are you talking about? I take privacy very serious and find such an accusations utterly disgusting So you'de be fine with me posting a dialogue with screen-shots in which the communication from admin was obviosly misunderstood by me? Of course, that's if I can get to 'my' PM's before anyone else......... Cheers, Little T Share this post Link to post Share on other sites
Green Osiris Posted February 1, 2007 Oh what the heck ! I'll be utterly disgusting....... An intervention for good, I grant the admin that - to defuse any intention of a response to the sender before I'd even read the offending PM myself... I was too drawn to the "READ THIS FIRST" subject. Share this post Link to post Share on other sites
Green Osiris Posted February 1, 2007 repeat the mantra: >DELETE <> DELETE <> DELETE <> DELETE <> DELETE <> DELETE <> DELETE <> DELETE <> DELETE <> DELETE < Hey Mods, did you see this deeply coded message from the Queen Bee ? I can't decipher the shrill trills. Bit I think that's a sign to act out the power that was bestowed upon you. READY MEN....LANCE ! Share this post Link to post Share on other sites
sobriquet Posted February 1, 2007 WAR IS PEACE FREEDOM IS SLAVERY IGNORANCE IS STRENGTH Very Orwellian indeed. Did you send the offending messages into the memory hole? You may be sent to Room 101 soon enough. Share this post Link to post Share on other sites