Bitcoin Forum
August 21, 2018, 08:59:52 AM *
News: Latest stable version of Bitcoin Core: 0.16.2  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: How Secure is BitcoinTalk?  (Read 321 times)
Aveatrex
Sr. Member
****
Online Online

Activity: 420
Merit: 257



View Profile
January 27, 2018, 11:31:17 PM
Merited by malevolent (1)
 #1

Hello guys,
Recently a question crossed my mind about bitcointalk.
As we know Bitcoin is pseudo-anonymous , so basically users post their bitcoin address here ; let's take per example "Aveatrex" posted his bitcoin address to receive a payment,unless someone knows  "Aveatrex" real identity in real life the payment will be anonymous.
But, if someone knows "Aveatrex" IP, he would know "Aveatrex" identity , so here's my question: How secure BitcoinTalk? I mean it is possible for someone to get my IP from here? And what happens if a government forces BitcoinTalk to leak users IP address?
This is really important for me as I live in a country where Bitcoin/Cryptocurrency is banned/illegal.


PS:This is a serious discussion don't spam your signature.

1534841992
Hero Member
*
Offline Offline

Posts: 1534841992

View Profile Personal Message (Offline)

Ignore
1534841992
Reply with quote  #2

1534841992
Report to moderator
BOUNTY PORTALS
BLOG
WHERE BOUNTY MANAGEMENT
MEETS AUTOMATION
SIGNATURE CAMPAIGNS
TWITTER
FACEBOOK
MEDIA CAMPAIGNS
AND MORE!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1534841992
Hero Member
*
Offline Offline

Posts: 1534841992

View Profile Personal Message (Offline)

Ignore
1534841992
Reply with quote  #2

1534841992
Report to moderator
Welsh
Staff
Legendary
*
Offline Offline

Activity: 1330
Merit: 1336



View Profile
January 27, 2018, 11:38:37 PM
 #2

Only administrators can see your IP address. If theymos receives a request from the government or whoever then he'll likely have to give up public information depending on the details of the case. Though, how likely would it be that the government would request theymos to release information. Especially if you are just browsing and taking part in discussion.

theymos has in the past gave up public information: https://bitcointalk.org/index.php?topic=881488.0
Let's just say that case was quite substantial.

I am willing to cooperate with police on real scams. Whenever someone asks me to release a scammer's IP, I tell them to have police email me from an official police address. I have received police requests a handful of times. Mostly the cases were real scams and I gave the police the requested info. In some cases I've rejected their requests. For example, I refused to give information to some foreign version of the SEC because securities laws are unjust. Of course, you should not trust that I will act in your best interest. If you want to be anonymous, then you must use Tor (or whatever).


Here's some information too, outdated but information nonetheless: https://bitcointalk.org/index.php?topic=38253.0

hase0278
Hero Member
*****
Offline Offline

Activity: 840
Merit: 532



View Profile
January 27, 2018, 11:51:17 PM
 #3

Don't worry about it because bitcointalk is secure. As far as I know  anyone can get IP address of any user here in bitcointalk if they know a thing or two about hacking but according to this thread : https://bitcointalk.org/index.php?topic=676827.0, no one can ascertain your identity by merely getting your IP address. If the government forces they to release information, then he will but it won't happen if you are not involved in something illegal.

        ▄▄███████████▄▄
     ▄██▀▀           ▀▀██▄
   ▄█▀   ▄▄█████████▄▄   ▀█▄
  █▀  ▄███████▌ █▌ █████▄  ▀█
 █▀  ██  ██         ▀█████  ▀█
▐█  ██▀▀█████   ▄▄▄   █████  █▌
█▌ ▐██▄▄████▌  ████   █████▌ ▐█
█  ███  ████        ▄███████  █
█▌ ▐█▀▀████▌   ▄▄▄  ▀██████▌ ▐█
▐█  █▄▄████   ████   ▐█████  █▌
 █▄  ████           ▄█████  ▄█
  █▄  ▀████  ███  ██████▀  ▄█
   ▀█▄   ▀▀█████████▀▀   ▄█▀
     ▀██▄▄           ▄▄██▀
        ▀▀███████████▀▀
bitcore.
...The Future Is Now...
▄▄▄▄▄▄▄▄    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄     ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄

        ██
██████
        ██
        ██████
        ██
██████
        ██
        ██████
        ██
██████
                 ▄▄██
 ▄██████████████████████▄
█▀         ▄▄██▀▀   ██  ▀█
█▄     ▄▄██▀▀        ██  █
█▀█████████████████████████▄
█                          ▀█
█                           █
█              ▄████▄       █
█             ██▀  ▀██      █
█            ▐█▌    ▐████████
█             ██▄  ▄██      █
█              ▀████▀       █
█                           █
█▄                         ▄█
 ▀█████████████████████████▀
.
iOs
Android

        ██
        ██████
        ██
██████
        ██
        ██████
        ██
██████
        ██
        ██████


     ▄▄█████████▄▄
   ▄███▀▀     ▀▀███▄
  ███             ███
 ███               ███
▐██   ▐█▄   ▄███▄   ██▌
██▌    ███▄██████▀  ▐██
██▌    ▐████████    ▐██
▐██     ▐██████     ██▌
 ███   ▀█████▀     ███
  ███             ███
   ▀███▄▄     ▄▄███▀
     ▀▀█████████▀▀


     ▄▄█████████▄▄
   ▄███▀▀     ▀▀███▄
  ███             ███
 ███       ▄███    ███
▐██       █████     ██▌
██▌       ███       ▐██
██▌     ███████     ▐██
▐██       ███       ██▌
 ███      ███      ███
  ███             ███
   ▀███▄▄     ▄▄███▀
     ▀▀█████████▀▀


     ▄▄█████████▄▄
   ▄███▀▀     ▀▀███▄
  ███             ███
 ███         ▄▄█▌  ███
▐██      ▄▄█████    ██▌
██▌   ▄████████     ▐██
██▌  ▐████████      ▐██
▐██    ▀▀████       ██▌
 ███     ▀██       ███
  ███             ███
   ▀███▄▄     ▄▄███▀
     ▀▀█████████▀▀
Website
ANN
Block Explorer
Aveatrex
Sr. Member
****
Online Online

Activity: 420
Merit: 257



View Profile
January 27, 2018, 11:51:24 PM
 #4

Only administrators can see your IP address. If theymos receives a request from the government or whoever then he'll likely have to give up public information depending on the details of the case. Though, how likely would it be that the government would request theymos to release information. Especially if you are just browsing and taking part in discussion.

theymos has in the past gave up public information: https://bitcointalk.org/index.php?topic=881488.0
Let's just say that case was quite substantial.

I am willing to cooperate with police on real scams. Whenever someone asks me to release a scammer's IP, I tell them to have police email me from an official police address. I have received police requests a handful of times. Mostly the cases were real scams and I gave the police the requested info. In some cases I've rejected their requests. For example, I refused to give information to some foreign version of the SEC because securities laws are unjust. Of course, you should not trust that I will act in your best interest. If you want to be anonymous, then you must use Tor (or whatever).

Well that is problematic.
As I said above,I live in a country where Bitcoin/Cryptocurrency is banned/illegal.Suppose my country's government asks admin to give them my IP address etc.. I guess he would release them?Obviously I'm not a scammer but I give value to my privacy because of my country
Are you sure that only admins have access to my IP?I remember that BitcoinTalk was hacked before.What will happen if BitcoinTalk gets hacked and informations get leaked?Sorry for being paranoid.That how it feels when living in a country where cryptos is banned.

Welsh
Staff
Legendary
*
Offline Offline

Activity: 1330
Merit: 1336



View Profile
January 27, 2018, 11:57:05 PM
 #5

If the forum gets hacked again, then who knows what will happen with the data which was compromised. It'll likely get sold and eventually surface in the public eyes for free.

How likely is it that the government will request your information? Unless, you are caught breaking the law and up on trial it's unlikely that they would send a request. The above link was major news around the crypto world. It's probably the biggest subpoena that theymos has received to date. If theymos does receive a request to release data on you then it's down to his discretion.

Aveatrex
Sr. Member
****
Online Online

Activity: 420
Merit: 257



View Profile
January 28, 2018, 12:17:34 AM
 #6

If the forum gets hacked again, then who knows what will happen with the data which was compromised. It'll likely get sold and eventually surface in the public eyes for free.

How likely is it that the government will request your information? Unless, you are caught breaking the law and up on trial it's unlikely that they would send a request. The above link was major news around the crypto world. It's probably the biggest subpoena that theymos has received to date. If theymos does receive a request to release data on you then it's down to his discretion.
Well I don't know how likely that the government will request my informatios but you never know,we can't predit the future.
Although there is someways to hide IP address and stuff like theymos said:

I am willing to cooperate with police on real scams. Whenever someone asks me to release a scammer's IP, I tell them to have police email me from an official police address. I have received police requests a handful of times. Mostly the cases were real scams and I gave the police the requested info. In some cases I've rejected their requests. For example, I refused to give information to some foreign version of the SEC because securities laws are unjust. Of course, you should not trust that I will act in your best interest. If you want to be anonymous, then you must use Tor (or whatever).

But as far as I know Bitcointalk is blocking connections from tor and asks to pay some fee to be able to use the tor proxy IP.I guess that is to avoid multi-accounts from scammers and spammers but it's problematic.

pawel7777
Legendary
*
Offline Offline

Activity: 1652
Merit: 1060



View Profile WWW
January 28, 2018, 12:23:58 AM
 #7

Hello guys,
Recently a question crossed my mind about bitcointalk.
As we know Bitcoin is pseudo-anonymous , so basically users post their bitcoin address here ; let's take per example "Aveatrex" posted his bitcoin address to receive a payment,unless someone knows  "Aveatrex" real identity in real life the payment will be anonymous.
But, if someone knows "Aveatrex" IP, he would know "Aveatrex" identity

The word is "pseudonymous" not "pseudo-anonymous". Common mistake.

so here's my question: How secure BitcoinTalk? I mean it is possible for someone to get my IP from here? And what happens if a government forces BitcoinTalk to leak users IP address?
This is really important for me as I live in a country where Bitcoin/Cryptocurrency is banned/illegal.


PS:This is a serious discussion don't spam your signature.


Government don't have to "force" Bitcointalk to leak user's IP. They just send subpoenas to Admin (Theymos) asking for all the details of the account(s) they're interested in. I believe that's applicable only for ongoing investigations, where the charges have been pressed, not a routine checks, but not sure on that.

In your case, in practice, your local authorities would have to know that you are resident of the country and if they wanted to go after you, they would have to request their US counterparts to get your details from Theymos. That is very unlikely to happen unless you're a big fish.

What I would be more concerned about, is your local law enforcement authorities asking your local Internet Service Providers for the details of all the frequent visitors of BTC/crypto related websites.

Invest in VPN.
LeGaulois
Copper Member
Hero Member
*****
Offline Offline

Activity: 798
Merit: 810

Bitcoin Ninja Unregulated Banker with 0 Lambo


View Profile
January 28, 2018, 12:30:00 AM
Merited by Juggy777 (1), Aveatrex (1)
 #8

Only administrators can see his IP address unless the data is compromised yes. However, there are some "tricks" if someone wants your IP, but if you are targeted and someone really wants your IP, you just need to not make yourself a target...

If you are really concerned with your IP, buy a  VPS, make your own VPN. You need maybe 30 minutes and can find some cheap deal on LowEndBox for $15 per year

Aveatrex
Sr. Member
****
Online Online

Activity: 420
Merit: 257



View Profile
January 28, 2018, 12:33:56 AM
 #9



Government don't have to "force" Bitcointalk to leak user's IP. They just send subpoenas to Admin (Theymos) asking for all the details of the account(s) they're interested in. I believe that's applicable only for ongoing investigations, where the charges have been pressed, not a routine checks, but not sure on that.

In your case, in practice, your local authorities would have to know that you are resident of the country and if they wanted to go after you, they would have to request their US counterparts to get your details from Theymos. That is very unlikely to happen unless you're a big fish.

What I would be more concerned about, is your local law enforcement authorities asking your local Internet Service Providers for the details of all the frequent visitors of BTC/crypto related websites.

Invest in VPN.
Damn,I haven't thought of governments asking ISPs to check people activities.

The problem with VPNs is that they are also companies and nothing guarantee that they also won't leak my IP address etc...I think tor is the best to go since there is a concrete proof that with tor you are untraceable (dark/deep web) but yet,BitcoinTalk is having issues with accepting tor dunno if they changed that though.

Anyway thanks for the replies guys.Let me know if you have more infos.I'll try to figure it out on my part.
Only administrators can see his IP address unless the data is compromised yes. However, there are some "tricks" if someone wants your IP, but if you are targeted and someone really wants your IP, you just need to not make yourself a target...

If you are really concerned with your IP, buy a  VPS, make your own VPN. You need maybe 30 minutes and can find some cheap deal on LowEndBox for $15 per year
I don't trust VPNs that much to be honest but thanks for the suggestion VPN better than nothing

Cobalt9317
Copper Member
Sr. Member
****
Offline Offline

Activity: 434
Merit: 278

Offering Escrow 0.5 % fee


View Profile WWW
January 28, 2018, 01:00:47 AM
 #10

Even if cryptocurrency isn't banned in my country I still use vpn I just don't know if VPN is allowed in this forum, but as Theymos said use TOR I guess VPN is not much that an issue.

And also I use dualbooth on windows os and linux os that way I have a different I.P address everytime I use the other, for an instance I use Linux when I'm on this forum and use the other one when outside.

America AFAIK regulates a constitution that cryptocurrency is not allowed in the country because a lot of scamming has happened with the help of those, or rather I say with those always involve, alternatively some haven't been convicted because of untraceable evidence that they have.
ranochigo
Legendary
*
Offline Offline

Activity: 1526
Merit: 1081


View Profile WWW
January 28, 2018, 01:51:15 AM
 #11

Not very. There were several (2+) incidents of hacking around here and some of those compromised password hashes and IP addresses. It is not impossible to gain access to servers, no matter how secure it appears to be. There's only so many precautions you can take when your server is supposed to serve the whole world.

If you value your privacy, view every website as if they are insecure.

Aveatrex
Sr. Member
****
Online Online

Activity: 420
Merit: 257



View Profile
May 15, 2018, 06:36:00 PM
 #12

Only administrators can see his IP address unless the data is compromised yes. However, there are some "tricks" if someone wants your IP, but if you are targeted and someone really wants your IP, you just need to not make yourself a target...

If you are really concerned with your IP, buy a  VPS, make your own VPN. You need maybe 30 minutes and can find some cheap deal on LowEndBox for $15 per year

I just wanted to bring this topic back as I have some few other questions.

---------------------------------------------------------------------------------------------------------------------
The problem is,even using a VPN right now,it won't be of any help since the forum has probably recorded my residential IP before (When I registered for example)
I really think that theymos  has to be more transparent about how user's sensitive informations are dealt with.

Edit:Especially that when registering with a public proxy from tor or a VPN,you have to pay a fee for it.

Welsh
Staff
Legendary
*
Offline Offline

Activity: 1330
Merit: 1336



View Profile
May 15, 2018, 07:04:12 PM
 #13

I'm trying to find a particular post which explained when a IP is logged. I do believe it was when registering, sending a PM or posting on the forum. I believe there's a log kept for every single one of these, but may be deleted over time. (probably not the initial registered recorded IP)

When the server was compromised back in 2015, the hacker had access to users registered IP, and last used IP. Therefore, I think it's safe to assume that the registration IP is always kept in the database. However, peoples IPs change so it isn't that big of a deal.

Although, I doubt that any country would forbid one for signing up to a discussion forum about Bitcoin. Barring your activities on the site it isn't likely going to go against you if all you've done is participated in discussion.

I really think that theymos  has to be more transparent about how user's sensitive informations are dealt with.
It's not like he's waving it around it public though, and only releases information on a person if he believes they are guilty, and the authorities have provided enough reason to do so. (like any server owner)

Plus, at the moment there hasn't been a database leak since you registered so your IP is currently not public as only admins can see it.
Edit:Especially that when registering with a public proxy from tor or a VPN,you have to pay a fee for it.


The unit of evil system is transparent:
Q: Why is my IP banned? What are those units of evil?
A: Your IP might be banned because it was used by a user that got perma banned. Don't worry - IP bans decay over time if there's not too many of them during a small period. If you register using a banned IP, are using TOR, VPNs or well known proxies, you will have to pay a small fee. This is to prevent spammers while allowing legitimate members to post without many restrictions.


That's included in mpreps stickied Unofficial list of (official) Bitcointalk.org rules, guidelines, FAQ theymos has also spoken about it before:
When you register, the IP that you used when you submitted the registration form is used to calculate your evilness. The more frequently this IP or its neighbors were banned, the more evil is associated with your account. The amount of evil associated with an IP decays slowly over time, but the amount of evil associated with an account does not. You must pay or be manually whitelisted to enable posting on one of these "banned" accounts.

Here are some stats:

Evil% new users
053
0-135
1-104.4
10-200.80
20-502.2
50-1001.3
100+2.9

Currently each unit of evil requires a payment of 4023 satoshi. You only need to pay something if you have 1 or more, though.

Jet Cash
Legendary
*
Online Online

Activity: 980
Merit: 1131


VOM member


View Profile WWW
May 15, 2018, 07:21:32 PM
 #14

If I put an image in a post in this thread, then I can get a list of the IPs of the people who have viewed the thread. Cross refer a few threads, and I can probably isolate your individual IP.

Aveatrex
Sr. Member
****
Online Online

Activity: 420
Merit: 257



View Profile
May 15, 2018, 07:24:43 PM
 #15

I'm trying to find a particular post which explained when a IP is logged. I do believe it was when registering, sending a PM or posting on the forum. I believe there's a log kept for every single one of these, but may be deleted over time. (probably not the initial registered recorded IP)

When the server was compromised back in 2015, the hacker had access to users registered IP, and last used IP. Therefore, I think it's safe to assume that the registration IP is always kept in the database. However, peoples IPs change so it isn't that big of a deal.

Although, I doubt that any country would forbid one for signing up to a discussion forum about Bitcoin. Barring your activities on the site it isn't likely going to go against you if all you've done is participated in discussion.

I really think that theymos  has to be more transparent about how user's sensitive informations are dealt with.
It's not like he's waving it around it public though, and only releases information on a person if he believes they are guilty, and the authorities have provided enough reason to do so. (like any server owner)

Plus, at the moment there hasn't been a database leak since you registered so your IP is currently not public as only admins can see it.
Edit:Especially that when registering with a public proxy from tor or a VPN,you have to pay a fee for it.


The unit of evil system is transparent:
Q: Why is my IP banned? What are those units of evil?
A: Your IP might be banned because it was used by a user that got perma banned. Don't worry - IP bans decay over time if there's not too many of them during a small period. If you register using a banned IP, are using TOR, VPNs or well known proxies, you will have to pay a small fee. This is to prevent spammers while allowing legitimate members to post without many restrictions.


That's included in mpreps stickied Unofficial list of (official) Bitcointalk.org rules, guidelines, FAQ theymos has also spoken about it before:
When you register, the IP that you used when you submitted the registration form is used to calculate your evilness. The more frequently this IP or its neighbors were banned, the more evil is associated with your account. The amount of evil associated with an IP decays slowly over time, but the amount of evil associated with an account does not. You must pay or be manually whitelisted to enable posting on one of these "banned" accounts.

Here are some stats:

Evil% new users
053
0-135
1-104.4
10-200.80
20-502.2
50-1001.3
100+2.9

Currently each unit of evil requires a payment of 4023 satoshi. You only need to pay something if you have 1 or more, though.
Only dynamic IP changes not the static one.And the dynamic one can forward to the static one so it's not a big deal.
Meh,since now more and more countries are banning Bitcoin/Cryptocurrency , theymos should atleast give some informations on how bitcointalk deals with these kind of requests if they are ever made by the authorities.

If I put an image in a post in this thread, then I can get a list of the IPs of the people who have viewed the thread. Cross refer a few threads, and I can probably isolate your individual IP.
See? That's what I'm talking about. This kind of glitch shoundn't be there.

Welsh
Staff
Legendary
*
Offline Offline

Activity: 1330
Merit: 1336



View Profile
May 15, 2018, 07:29:47 PM
 #16

Only dynamic IP changes not the static one.And the dynamic one can forward to the static one so it's not a big deal.
Meh,since now more and more countries are banning Bitcoin/Cryptocurrency , theymos should atleast give some informations on how bitcointalk deals with these kind of requests if they are ever made by the authorities.
People also change ISPs and thus their IP changes. I was referring it not being a problem too much for the ones that were leaked if someone has changed providers not particularly you.



 
See? That's what I'm talking about. This kind of glitch shoundn't be there.

If I put an image in a post in this thread, then I can get a list of the IPs of the people who have viewed the thread. Cross refer a few threads, and I can probably isolate your individual IP.

This has happened before, and isn't allowed. See: https://bitcointalk.org/index.php?topic=341146.0
Rauol Duke who was a member of the staff at the time removed it, and we can only assume that this isn't tolerated and these sort of things are checked.

See the discussion for ways to avoid this through extensions. E.g Request Policy You are also susceptible to this sort of breach of privacy anywhere you visit. For example, if someone posted a link of a image on Reddit/r/Bitcoin and, you viewed it.  It would require the person to actually own the website, and have the image hosted on their server. Therefore, they are pretty easy to identify, and as long as you have some sort of protection like requestpolicy (discontinued) you are fine. For example, uMatrix is pretty good especially when used in conjunction with uBlock. Although, it can make some ugly viewing at default settings you can whitelist/blacklist what you want.

Coin-Keeper
Hero Member
*****
Offline Offline

Activity: 570
Merit: 502



View Profile
May 15, 2018, 07:37:20 PM
 #17

I would strongly suggest the OP learn to conceal his true identity for all sites dealing with Crypto.  If you live in a place where you go to jail for using Crypto trust no website.  Theymos runs a decent place but the authorities can force owners/Admins to comply.  It has happened before here.  Going back a few years some PM's were required to be given and the users smart enough to have GPG'd their messages were fine, while others communicating in plain text had a harder time.  My point is not that Theymos is lacking in OPSec, but that YOU should maintain your own security.  If Theymos gave "THEM" absolutely everything his has on me they would have NOTHING.  Get it?  If I were going to make a site specific suggestion, I don't like the current sign in because the passwords are exposed (security wise).  In a perfect world we would have U2F and then I could change my now exposed password and associated email account to this username.

BTC: 1PYSBbuKM3kW19xe9TXJQfq64rPhd8XorF
Staked and Verified: https://bitcointalk.org/index.php?topic=996318.msg17102755#msg17102755
Aveatrex
Sr. Member
****
Online Online

Activity: 420
Merit: 257



View Profile
May 15, 2018, 07:47:45 PM
 #18

I would strongly suggest the OP learn to conceal his true identity for all sites dealing with Crypto.  If you live in a place where you go to jail for using Crypto trust no website.  Theymos runs a decent place but the authorities can force owners/Admins to comply.  It has happened before here.  Going back a few years some PM's were required to be given and the users smart enough to have GPG'd their messages were fine, while others communicating in plain text had a harder time.  My point is not that Theymos is lacking in OPSec, but that YOU should maintain your own security.  If Theymos gave "THEM" absolutely everything his has on me they would have NOTHING.  Get it?  If I were going to make a site specific suggestion, I don't like the current sign in because the passwords are exposed (security wise).  In a perfect world we would have U2F and then I could change my now exposed password and associated email account to this username.
Yeah,that's what I learned from this,thanks.But as I said if IPs are recorded from the beginning it's too late now to conceal my identity.
Meh, what a feeling to live in a third party world..
Thanks everyone.

theymos
Administrator
Legendary
*
Offline Offline

Activity: 3122
Merit: 3387


View Profile
May 16, 2018, 12:03:03 AM
 #19

Your mental model should always be that the forum logs everything, especially since it is behind Cloudflare, which is almost certainly an NSA-backed operation. But here is some more detail. Currently there are four classes of IP logs:
 - Every time your session refreshes (about every 10 minutes while you are browsing the site), your current IP is momentarily logged. This is only kept until a new such entry replaces it, except that whenever the daily database backup happens, the current value will be captured and then possibly kept for a long time.
 - A tuple (time, userID, ip) is logged whenever you view a forum ad in order to produce ad stats. These are kept for only a few weeks, and are not backed up.
 - Every HTTP request creates an access log, but while these contain IPs, they do not contain user IDs, and so on the whole they probably cannot be provably associated with users. These are usually deleted after a few months, and are not backed up.
 - Certain actions trigger a long-term IP log. This includes posts (but not PMs), security-log entries, certain errors, and registration. Long-term logs are currently kept indefinitely.

I don't like that IPs are sometimes kept indefinitely. To prevent abuse, it would probably be sufficient to keep them for ~6 months. But keeping these logs long-term is extremely useful for account recoveries. I've been thinking about this issue, and I think that in the future I might let users opt out of long-term IP logging if they have a public key registered in a (currently-not-existing) public-key-registration system. Though, again, even then you should model this site and all sites as keeping complete logs.

Unless I am somehow required to do so by law (though I can't see how in this case), I will not assist police who are seeking to enforce any Bitcoin ban.

If I put an image in a post in this thread, then I can get a list of the IPs of the people who have viewed the thread. Cross refer a few threads, and I can probably isolate your individual IP.

Try it and see how many IPs you get...

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
digaran
Hero Member
*****
Offline Offline

Activity: 896
Merit: 611

#Banaccountsales


View Profile
May 16, 2018, 03:38:39 AM
 #20

I will not assist police who are seeking to enforce any Bitcoin ban.

This is what I like about you. a true rebel.

HOWEYCOINS   ▮      Excitement and         ⭐  ● TWITTER  ● FACEBOOK   ⭐       
  ▮    guaranteed returns                 ●TELEGRAM                         
  ▮  of the travel industry
    ⭐  ●Ann Thread ●Instagram   ⭐ 
✅    U.S.Sec    ➡️
✅  approved!  ➡️
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!