Attachment System Improvements in 1.1 - Privacy concerns

Kier said:
We don't use the term 'private' anywhere.
Click to expand...
Xenforo can't hide behind a sneaky word change.
The implication is that the Conversation is not being snooped upon.
Xenforo seems to be enabling admins to snoop on their members.
And it seems like it is getting worse.

As it stands now, it is quite unfair to the unsuspecting member.

I wonder whom reads (or can read) the "Conversations" here at xenforo.com ?
 
Digital Doctor said:
Xenforo can't hide behind a sneaky word change.
The implication is that the Conversation is not being snooped upon.
Xenforo seems to be enabling admins to snoop on their members.
And it seems like it is getting worse.

As it stands now, it is quite unfair to the unsuspecting member.

I wonder whom reads (or can read) the "Conversations" here at xenforo.com ?
Click to expand...

My motto is don't post anything on the web you don't want others to know. Just a thought...
 
The fact there is no indication for a moderator or admin (as far as I know) as to who uploaded what where in what conversation is a saving grace, but I honestly just think it's a useless feature that only someone paranoid of what their users actually upload "in private" would find useful to look at. It's a way of managing files, I get it, but;

monitoring uploads
The xenforo limitations on file types and sizes and my own server security means I shouldn't need to worry about malicious files, large files and the like in user messages. I keep tabs on the bottom line via other methods, bottom line being dev/vzfs 145GB available

as a moderation tool
The fact you can hotlink in images or whatever in a personal/private whatever it's called conversations and I can't see that, means I don't need this feature. Why should I be looking at one but not the other? If used "in the wrong hands", it's just a easier way of spying then messing with the database I suppose.

And I'm not being paranoid here with its use in the above examples, some dude a page ago said he'd do it. I didnt even know there was a .ussr

I know with my members I will tell them that anything they upload in conversations will be classed as just another attachment that can be viewed easily from the admin area.... it's nothing new as I have database access to begin with, but, because my members (all my 'private messages are private' thinking types, from vbulletin actually) are going to ask, well if you have that access what else do you have? I can then tell them that's all the access I have but I'll point to the first page in this thread so they can understand what these new fangled "conversations" are in laymans terms :rolleyes:

I'm wondering if people will announce this on their forums, it's nothing new for a forum admin to know everything, what with having the database, but when you start talking about peoples conversations and admin interfaces, it raises a few eyebrows. Even more so when 90% of my members are vbulletin 'private message' users for the last 8 years.
 
Russ said:
My motto is don't post anything on the web you don't want others to know. Just a thought...
Click to expand...
I understand you are a very knowledgeable person on the internet.
I am not advocating for myself.
I am referring the MAJORITY of users whom could accidentally divulge personal information.

As much as you think it is a good idea to Snoop on people as an admin .. it isn't.
I am surprised xenforo thinks members should be treated with such a lack of respect.
 
Digital Doctor said:
I understand you are a very knowledgeable person on the internet.
I am not advocating for myself.
I am referring the MAJORITY of users whom could accidentally divulge personal information.

As much as you think it is a good idea to Snoop on people as an admin .. it isn't.
I am surprised xenforo thinks members should be treated with such a lack of respect.
Click to expand...

I just don't see how having an image gallery that only the admin has access to to monitor the images easily is really a breach of confidence. I can see it being a problem on maybe a dating website, or an adult related website but... the bulk of us I think it's a nifty little tool to be able to see if PC's are being abused.
 
Russ said:
I just don't see how having an image gallery that only the admin has access to to monitor the images easily is really a breach of confidence.
Click to expand...

I'm posting the image to another user ... not the admin.
If the admin has access to everything.
They should be listed as the first member of EVERY conversation.
list.admins.as.conversation.participants.webp

We are talking about basic respect.
If Facebook did this .... There would be Hell to pay.
 
Digital Doctor said:
I'm posting the image to another user ... not the admin.
If the admin has access to everything.
They should be listed as the first member of EVERY conversation.
View attachment 19410

We are talking about basic respect.
If Facebook did this .... There would be Hell to pay.
Click to expand...

Kier didn't code a spy on your conversations feature, he coded an attachment gallery for admin eyes only that happens to extend to the personal conversations.
 
Digital Doctor said:
I'm posting the image to another user ... not the admin.
If the admin has access to everything.
They should be listed as the first member of EVERY conversation.
Click to expand...
I would disagree. First of all, they shouldn't be listed there unless they were actually in the conversation and getting alerts for it. Secondly, if that were the case, they'd have to listed as a watched participant for every single thing on the forum. My opinion is that if you really have something that is so private that you have to be paranoid that the site's admins are going to stumble upon it, then it belongs elsewhere (email, phone call, whatever). Furthermore, if you're of the belief that the staff on a given site is likely to "snoop" through your conversations, maybe you shouldn't be on their site at all. I don't mean to be offensive or confrontational...I just think you may be overreacting to this attachment feature, which is not intended to be a "snoop on everyone's conversations" tool, a bit.
 
Trombones13 said:
...My opinion is that if you really have something that is so private that you have to be paranoid that the site's admins are going to stumble upon it, then it belongs elsewhere (email, phone call, whatever). Furthermore, if you're of the belief that the staff on a given site is likely to "snoop" through your conversations, maybe you shouldn't be on their site at all. I don't mean to be offensive or confrontational...I just think you may be overreacting to this attachment feature, which is not intended to be a "snoop on everyone's conversations" tool, a bit.
Click to expand...
The question is not about the intentions behind this feature, but the access to personal data. BTW, you can't guarantee members that admins are 100% snoop-free. Which makes your argument void.
 
I'm sorry but... can't we as admins if we want to "snoop" go into the MySQL and dig up a conversation somehow? I don't know if it's possible but I'm pretty sure it is. The idea that this feature gives us more confidential information than we already had just seems absurd.
 
kyrgyz said:
BTW, you can't guarantee members that admins are 100% snoop-free. Which makes your argument void.
Click to expand...
I'm likely confused, but I don't see where I said or even insinuated that. I just said that if you suspect they're going to look at something you don't want them to and don't trust them to only look at conversations when there's a security/spam issue, maybe you should consider finding a different site with an admin you can trust.

Edit: @Russ: Yes, that is possible, and I meant to mention it in my first post...and that's obviously not a feature exclusive to XenForo either.
 
Russ said:
I'm sorry but... can't we as admins if we want to "snoop" go into the MySQL and dig up a conversation somehow? I don't know if it's possible but I'm pretty sure it is. The idea that this feature gives us more confidential information than we already had just seems absurd.
Click to expand...
There is a number of ways for tech savvy people to maliciously have access to personal information, but a reputable software developer should not offer a tool for that.
 
Off course its easy to snoop into the sql and all information is available to you. But I do not know about you, but I am way too busy with my site as is and have no urge to keep up with the many thousands of PMs that go through my system.
jwieger: thanks for the reference to the EU data protection directive. Its pretty clear:

the confidentiality and security of processing: any person acting under the authority of the controller or of the processor, including the processor himself, who has access to personal data must not process them except on instructions from the controller. In addition, the controller must implement appropriate measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access;
Click to expand...
What gave me the idea about the difference between post, email and PM is that most countries have a criminal law against opening physical post, which later was amended to include email. Such criminal law does not relate to PMs.

The EU data protection directive conflicts with various court rulings that state that site owners are responsible for everything that goes on on their servers. Just a few days ago Usenet had to pay 65000 per day unless they immediately moderate/filter all their 20 million messages per month. I know forums who have been raided by police because of illegal activity in PM. Some sites never recovered from such. If a site is at risk of dangerous illegal activity developing within the PM system (for example because of the site topic), then it needs to take measures to counteract this. PM privacy is important, but it ends with terrorism, child abuse, weapons or drug trade, suicide and similar stuff.

But thats not related to the attachment system. I think it would be useful to have a setting that protects PM/conversation attachments from being presented to 3rd parties. Especially if the attachment browser is ever going to develop into a gallery.
 
Trombones13 said:
I'm likely confused, but I don't see where I said or even insinuated that.
Click to expand...
I was referring to the "not intended to be a "snoop on everyone's conversations".

Trombones13 said:
I just said that if you suspect they're going to look at something you don't want them to and don't trust them to only look at conversations when there's a security/spam issue, maybe you should consider finding a different site with an admin you can trust.
Click to expand...
We might one day read in other board discussions: "XenForo lets admins spy on their users".
 
kyrgyz said:
I was referring to the "not intended to be a "snoop on everyone's conversations".

We might one day read in other board discussions: "XenForo lets admins spy on their users".
Click to expand...

Only retarded people post that, because they should realize it's already plain text in the database.
phpmyadmin is a gui tool to get a quick overview of this data.
a plugin for xenforo can also do this directly within the product.

This is the same for xenforo, ipb, phpbb, vbulletin, etc. btw.
 
Some people like to make a mountin out of a molehill, you have a responsibility to make sure your site isn't used to break the law, xenforo are just providing a tool to do that, that saves you having to FTP into your site to look at the attachment folder to see what's there. Any sensible webmaster should be checking this out as I'm sure the last thing you'd want to happen is for your site to be took down due to illegal stuff being posted.
 
You must log in or register to reply here.
Top Bottom