Bitcoin Forum
February 20, 2018, 04:14:38 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
   Home   Help Search Donate Login Register  
Pages: [1]
Author Topic: "PM privacy is not guaranteed. Encrypt sensitive messages. "  (Read 2043 times)
Andrew Bitcoiner
Sr. Member
Offline Offline

Activity: 397
Merit: 250

Send correspondance to GPG key A372E7C6

View Profile WWW
September 10, 2012, 01:28:30 AM

Can the mods elaborate on this policy and in what contexts admins may read private messages?

Bitcoin News Site
Bitcoin Blackjack
Bitcoin, Darknet, IT consulting
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Hero Member
Offline Offline

Posts: 1519100078

View Profile Personal Message (Offline)

Reply with quote  #2

Report to moderator
Stephen Gornick
Offline Offline

Activity: 2408
Merit: 1000


View Profile
September 10, 2012, 04:52:50 AM

Can the mods elaborate on this policy and in what contexts admins may read private messages?

This was touched on here:

Deleted posts are almost never removed from the database. A PM is removed from the database if the sender and all recipients delete it.

Full database backups are created daily, and all global moderators and admins can download the (encrypted) backups and implement their own rotation policies.

they can download the backup to have it at multiple locations, but it's useless for them because they don't have the decryption key


Only me, Gavin, Satoshi, and Sirius can decrypt it.

Global moderators can download the encrypted database backups. Admins and past admins (Gavin, Satoshi, Sirius, me, and now justmoon) can decrypt them -- they therefore have complete access to the database and can read PMs, etc. Justmoon and I can also query the live database.

Ah, so you're already reading the pms.  Good to know.  Who else are you snooping through?

I only scanned through them to make sure that the SQL query (to archive them) worked as I intended. The PGP message blocks stood out.

I only read others' PMs without their permission during scam investigations, and I've only read a user's entire inbox a few times.

That thread, starting from this quote tells more on the topic:

You are going to make PMs public or give it to the police?

I will give them to the police if the police ask for them. Otherwise, I may post them publicly to help people find Pirate and obtain justice.

Pirates are hostis humani generis. Wink I'm not going to preserve the privacy of someone who stole 500,000 BTC.


Since that time was an addition:

Stefan Thomas (justmoon) is now a forum administrator. He can therefore access the database directly and see IP addresses, etc.

And apparently one subtraction:

How many admins do we have on bitcointalk now?

Two. Gavin recently decided to stop being an admin.

The cautionary statement added to the bottom when you send a PM was requested here:

Legality aside, decency would suggest you should put a notice on the "private message" page stating that the messages are not private and may be read by moderators.

They're "personal messages", not "private messages". Wink

I think it's obvious that the administrators of a site will check PMs when necessary, but I added a note to the page.

[Edited: Added some additional references]

Offline Offline

Activity: 1413
Merit: 1002

View Profile
September 10, 2012, 05:10:17 AM

SMF stores PMs in a string on a database. There are ways to retrieve this information and there has to be for you to even read them. While Theymos and others are correct in saying that any admin can read a PM, there's more to it than that: so can whoever is hosting the machine providing the forums, technically.

I don't think this is reason to not use the PM system, but I wouldn't use it for anything you really truly wanted to remain strictly between you and the person you've PM'd.

OrganofCorti's Neighbourhood Pool Watch - The most informative website on blockchain health
Pages: [1]
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!