Not a bug Embedded images in conversation allow for easy IP address theft

[mm55mm]

The option to embed images in conversations leaves a HUGE opportunity for malicious users to obtain sensitive personal data of arbitrary forum members such as IP address, device type, OS, ISP, location.

Embedded images in private conversations should be disabled by default, but what I find even more surprising is the lack of a setting in the admin panel to turn off image embedding in conversations.

Could you please instruct us how to prevent image embedding in conversations ASAP? Thanks!

 

[Mike]

If you're concerned about this, you should be enabling the image proxy.

The same concept applies with an image being embedded in a thread or even a link being clicked. The IP, user agent, etc are simply not private information when connecting to a server. You can't truly prevent access to that.

 

[mm55mm]

Thank you for the prompt response.

The same concept applies with an image being embedded in a thread or even a link being clicked

I am very much aware of the concept, it's nothing special really. However, I still think having embedded images in conversations is a privacy issue. Please compare the different cases:

• Image embedded in a thread. You can only obtain a list of all the IP addresses of visitors who opened a thread (including guests). You cannot possibly determine which IP address belongs to a certain user.
• A link being clicked. Of course you can obtain user data by making them click on an external link, but this does not compare to simply opening a conversation.
• Image embedded in a conversation. Anyone can easily obtain other members' sensitive data by simply starting a conversation with them.

Just recently on our forums certain users have started posting other members' private data. We found out they used the technique of embedding a tiny image inside conversations. This had devastating effect on our community. The malicious users were not even highly skilled. They simply embedded an image from one of the many website stats services and had the private data served on a silver platter.

Coming from phpBB, there was an option to allow/disallow images embedded in private messages:

ALLOW USE OF IMG BBCODE TAG: Select YES if you want your users to be able to post inline images in their private messages.

Is there no easy way to do this in XenForo?

Is it possible to enable image proxy only for images embedded in conversations?

 

[Liam W]

IP addresses aren't private information.

 

[Mike]

There is no way to disable images in conversations or just enable the proxy in conversations. I can't say I've seen requests for either before.

If you're going to enable the proxy, it seems to make sense to do it everywhere. If this is something you're concerned about, I would certainly enable the proxy. You can create the issue in pretty much any context, though it may be slightly less direct than using a conversation or requiring a bit more work.