theymos (OP)
Administrator
Legendary
Offline
Activity: 5348
Merit: 13316
|
|
April 17, 2015, 05:36:49 AM |
|
I recently received a subpoena related to a case against BFL (Case No. 14-CV-2159-KHV-JPO). I had to release all database info on a few employees/ex-employees of BFL (including their PMs), plus a complete copy of every thread in which anyone mentioned BFL or in which a BFL employee participated. (It was a huge hassle to put all of this info together.) The subpoena originally demanded all PMs that even mentioned BFL, which is ridiculous, but I managed to get this part eliminated.
If a PM of yours was released due to this, then I already sent you a PM about it.
I don't think that I'm going to send PMs about deleted posts that were released. 3196 users had deleted posts released, and I don't really want to send that many PMs when almost no one would care. I feel like people should have basically no expectation of privacy for something that they posted publicly anyway.
I also released all "report to moderator" reports involving or mentioning BFL. I don't think that these are very sensitive, so I'm not going to send out PMs about these.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
ABitNut
|
|
April 17, 2015, 06:23:47 AM |
|
That does sound like a lot of hassle indeed. I hope it's worth it. Also you probably did the right thing by PM-ing those who had there PMs exposed. It's a good time to remind people that PM stands for personal message, not private message... Note: PM privacy is not guaranteed. Encrypt sensitive messages. Do/did you get any compensation for the effort you had to put into this?
|
|
|
|
dserrano5
Legendary
Offline
Activity: 1974
Merit: 1029
|
|
April 17, 2015, 06:32:48 AM |
|
plus a complete copy of every thread in which anyone mentioned BFL
LOL. This is pretty much the whole forum, right?
|
|
|
|
hilariousandco
Global Moderator
Legendary
Offline
Activity: 3962
Merit: 2696
Join the world-leading crypto sportsbook NOW!
|
|
April 17, 2015, 06:38:58 AM |
|
I wonder how many of those posts/messages were from Bruno? That does sound like a lot of hassle indeed. I hope it's worth it. Also you probably did the right thing by PM-ing those who had there PMs exposed. It's a good time to remind people that PM stands for personal message, not private message... Note: PM privacy is not guaranteed. Encrypt sensitive messages. Do/did you get any compensation for the effort you had to put into this? Well he probably should have been compensated for his time and effort but I bet he wasn't. Seems like a mammoth task to collect all that info. plus a complete copy of every thread in which anyone mentioned BFL
LOL. This is pretty much the whole forum, right? They should just do that themselves if they really wanted it.
|
|
|
|
Quickseller
Copper Member
Legendary
Offline
Activity: 2982
Merit: 2371
|
|
April 17, 2015, 06:48:59 AM |
|
I would be interested to know how many BFL related posts were ever deleted. I am sure it is a lot if 3k+ users had their deleted posts released. I can only imagine the poor staff attorney who has to go through all the posts on the various threads, especially the ones with the ridiculous pictures (that I have read about), many of which I am sure are NSFW.
There were probably BFL threads in almost every section.
I would guess that this probably has something to do with why one of the BFL threads was recently apparently locked.
|
|
|
|
Leeroy Jenkins
Sr. Member
Offline
Activity: 420
Merit: 250
Mmmh mhmhh mmmm.
|
|
April 17, 2015, 06:50:51 AM |
|
Awesome. Use PGP if you want privacy.
|
|
|
|
-ck
Legendary
Offline
Activity: 4256
Merit: 1644
Ruu \o/
|
|
April 17, 2015, 07:03:57 AM |
|
I would guess that this probably has something to do with why one of the BFL threads was recently apparently locked.
No that was sheer coincidence as I locked it without knowing theymos was facing this.
|
Developer/maintainer for cgminer, ckpool/ckproxy, and the -ck kernel 2% Fee Solo mining at solo.ckpool.org -ck
|
|
|
Bicknellski
|
|
April 17, 2015, 07:27:07 AM |
|
Hello. I'm writing to let you know that due to a subpoena that I received related to a case against BFL, I was forced to release some of your PMs.
In particular, I released all PMs that you sent to or received from the following people, possibly even if you deleted the PM:
Inaba BFL-Engineer BFL_Josh SLok BFL_Sonny BFL AM Dave bcp19 nibbknot
Who was nibbknot then? Interesting.
|
|
|
|
Quickseller
Copper Member
Legendary
Offline
Activity: 2982
Merit: 2371
|
|
April 17, 2015, 07:31:31 AM |
|
nibbknot is someone who at least claimed to be Bruno Kucinskas - I can't imagine that Bruno actually worked for BFL though lol.
|
|
|
|
Fernandez
Legendary
Offline
Activity: 1008
Merit: 1000
|
|
April 17, 2015, 07:52:02 AM |
|
plus a complete copy of every thread in which anyone mentioned BFL
LOL. This is pretty much the whole forum, right? I expect so, and I pity the poor investigators who have to go through endless pages of trolling and crying and what not. Maybe after this case Theymos can hire them as mods
|
|
|
|
dogie
Legendary
Offline
Activity: 1666
Merit: 1185
dogiecoin.com
|
|
April 17, 2015, 09:34:08 AM |
|
Which side requested it, do you know?
|
|
|
|
redsn0w
Legendary
Offline
Activity: 1778
Merit: 1043
#Free market
|
|
April 17, 2015, 10:17:03 AM |
|
@theymos, are you obliged to give them these 'data' or not? Awesome. Use PGP if you want privacy. You are right, I can't imagine someone read a pgp encrypted message and he doesn't know what the hell is write in that message (because he doesn't have the key for decrypt it ).
|
|
|
|
BadBear
v2.0
Legendary
Offline
Activity: 1652
Merit: 1128
|
|
April 17, 2015, 11:33:28 AM |
|
@theymos, are you obliged to give them these 'data' or not? Awesome. Use PGP if you want privacy. You are right, I can't imagine someone read a pgp encrypted message and he doesn't know what the hell is write in that message (because he doesn't have the key for decrypt it ). Subpoena is a court order, so yes he has to respond (either consent or fight it in court) or he can be jailed. And yes you should always use PGP or something else for sensitive communications. I hope they enjoy reading my pm's to Inaba warning him to stop trolling and derailing threads, and him whining about someone else starting it.
|
|
|
|
Blazr
|
|
April 17, 2015, 11:48:49 AM Last edit: April 17, 2015, 12:04:13 PM by Blazr |
|
Kind of scary how they asked for all PM's mentioning BFL. I recall a while ago theymos discussed the idea of adding javascript PM encryption as a way to protect the forum from unreasonable searches and seizures. It isn't the best way to do it, as of course theymos could modify the javascript at anytime (he could even potentially be compelled to do so by law), but modifying the javascript is detectable, and messages that were sent and viewed with the unmodified javascript are still safe. It adds an extra layer of security, which should be sufficient for most PM's. It would also be very useful should BitcoinTalk's database ever get compromised... again. Anyone who has something really secret to tell should use something like PGP instead of this however.
I think we should consider adding this to the new forum software.
|
|
|
|
Bicknellski
|
|
April 17, 2015, 11:49:56 AM |
|
@theymos, are you obliged to give them these 'data' or not? Awesome. Use PGP if you want privacy. You are right, I can't imagine someone read a pgp encrypted message and he doesn't know what the hell is write in that message (because he doesn't have the key for decrypt it ). Subpoena is a court order, so yes he has to respond (either consent or fight it in court) or he can be jailed. And yes you should always use PGP or something else for sensitive communications. I hope they enjoy reading my pm's to Inaba warning him to stop trolling and derailing threads, and him whining about someone else starting it. 1. Bad form badbear shouldn't talk about Inaba behind his back. 2. The issue for the forum is going to be persistent given the loads of scams present. This won't be the last time you are going to get a subpoena. Might want to start collating all the other major scams you can. Good luck.
|
|
|
|
redsn0w
Legendary
Offline
Activity: 1778
Merit: 1043
#Free market
|
|
April 17, 2015, 12:10:14 PM |
|
@theymos, are you obliged to give them these 'data' or not? Awesome. Use PGP if you want privacy. You are right, I can't imagine someone read a pgp encrypted message and he doesn't know what the hell is write in that message (because he doesn't have the key for decrypt it ). Subpoena is a court order, so yes he has to respond (either consent or fight it in court) or he can be jailed. And yes you should always use PGP or something else for sensitive communications. I hope they enjoy reading my pm's to Inaba warning him to stop trolling and derailing threads, and him whining about someone else starting it. The law is the law, maybe I should send all the sensitive messages but firstly encrypt them with my pgp private key. (I suppose) this forum is under the eyes of a lot of government (first the USA ). Thanks for the reply BadBear.
|
|
|
|
QuestionAuthority
Legendary
Offline
Activity: 2156
Merit: 1393
You lead and I'll watch you walk away.
|
|
April 17, 2015, 01:07:35 PM |
|
@theymos, are you obliged to give them these 'data' or not? Awesome. Use PGP if you want privacy. You are right, I can't imagine someone read a pgp encrypted message and he doesn't know what the hell is write in that message (because he doesn't have the key for decrypt it ). Subpoena is a court order, so yes he has to respond (either consent or fight it in court) or he can be jailed. And yes you should always use PGP or something else for sensitive communications. I hope they enjoy reading my pm's to Inaba warning him to stop trolling and derailing threads, and him whining about someone else starting it. When the investigators read the BFL threads they'll probably think everyone here is nuts. They might want to lock up everyone involved as a public safety measure. lol
|
|
|
|
theymos (OP)
Administrator
Legendary
Offline
Activity: 5348
Merit: 13316
|
|
April 17, 2015, 01:49:42 PM |
|
Kind of scary how they asked for all PM's mentioning BFL. I recall a while ago theymos discussed the idea of adding javascript PM encryption as a way to protect the forum from unreasonable searches and seizures. It isn't the best way to do it, as of course theymos could modify the javascript at anytime (he could even potentially be compelled to do so by law), but modifying the javascript is detectable, and messages that were sent and viewed with the unmodified javascript are still safe. It adds an extra layer of security, which should be sufficient for most PM's. It would also be very useful should BitcoinTalk's database ever get compromised... again. Anyone who has something really secret to tell should use something like PGP instead of this however.
I think we should consider adding this to the new forum software.
The other big problem with that is how to handle private keys. If the private key is generated from your password, for example, then forgetting your password would mean losing all of your PMs. Most people aren't prepared for this. This is pretty much the whole forum, right? It was 2.3% of topics. (This still amounted to ~5 GB of text.)
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
Blazr
|
|
April 17, 2015, 01:53:54 PM |
|
The other big problem with that is how to handle private keys. If the private key is generated from your password, for example, then forgetting your password would mean losing all of your PMs. Most people aren't prepared for this.
That is part of the point IMO. If someone "forgets" their password, they cannot be forced to provide it. Perhaps it should be an opt-in feature and it should be clear to the user that forgetting your password makes your PM's unrecoverable, which is both a feature and an issue. If that is not desirable, one option would be to use a Bitcoin address to recover access. This could be done by encrypting the PM master key with a Bitcoin addresses public key, some clients like Electrum have a built-in feature that allows you to encrypt/decrypt messages (though I'm unsure how safe this really is, it's rarely a good idea to reuse a key for both signing and encryption), perhaps something similar could be done in JS.
|
|
|
|
redsn0w
Legendary
Offline
Activity: 1778
Merit: 1043
#Free market
|
|
April 17, 2015, 01:54:34 PM |
|
@theymos, are you obliged to give them these 'data' or not? Awesome. Use PGP if you want privacy. You are right, I can't imagine someone read a pgp encrypted message and he doesn't know what the hell is write in that message (because he doesn't have the key for decrypt it ). Subpoena is a court order, so yes he has to respond (either consent or fight it in court) or he can be jailed. And yes you should always use PGP or something else for sensitive communications. I hope they enjoy reading my pm's to Inaba warning him to stop trolling and derailing threads, and him whining about someone else starting it. When the investigators read the BFL threads they'll probably think everyone here is nuts. They might want to lock up everyone involved as a public safety measure. lol Most probable yes . Kind of scary how they asked for all PM's mentioning BFL. I recall a while ago theymos discussed the idea of adding javascript PM encryption as a way to protect the forum from unreasonable searches and seizures. It isn't the best way to do it, as of course theymos could modify the javascript at anytime (he could even potentially be compelled to do so by law), but modifying the javascript is detectable, and messages that were sent and viewed with the unmodified javascript are still safe. It adds an extra layer of security, which should be sufficient for most PM's. It would also be very useful should BitcoinTalk's database ever get compromised... again. Anyone who has something really secret to tell should use something like PGP instead of this however.
I think we should consider adding this to the new forum software.
The other big problem with that is how to handle private keys. If the private key is generated from your password, for example, then forgetting your password would mean losing all of your PMs. Most people aren't prepared for this. This is pretty much the whole forum, right? It was 2.3% of topics. (This still amounted to ~5 GB of text.) ~5 gb of data, only for BFL . Can you upload the subpoeana here in the forum (as the other one, the silkroad subpoena?) thanks.
|
|
|
|
|