theymos
Administrator
Legendary
 Offline
Activity: 5180
Merit: 12884
|
 |
May 16, 2018, 05:13:11 AM |
|
This is what I like about you. a true rebel.
This isn't a good example of me being a "rebel", since there's ~no legal risk in refusing to help police who don't have a court order, and there's even less risk when they're not even trying to enforce a law which exists in the forum's jurisdiction. Anyone in the US who would help foreign police with a Bitcoin ban is seriously misguided, at the very least. |
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
|
|
|
In order to get the maximum amount of activity points possible, you just need to post once per day on average. Skipping days is OK as long as you maintain the average.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
Quickseller
Copper Member
Legendary
Offline
Activity: 2870
Merit: 2298
|
|
May 16, 2018, 06:01:59 AM |
|
If I put an image in a post in this thread, then I can get a list of the IPs of the people who have viewed the thread. Cross refer a few threads, and I can probably isolate your individual IP.
This was actually done many years ago, many people viewed this person to be a scammer as a result. The forum currently uses an image proxy that makes this attack useless. Only administrators can see your IP address.
The member's table has leaked at least once, and the forum has been hacked multiple times. Your registration IP address and your last recorded IP address as of when the members table leaked is more or less public information now. An unknown amount of additional information from the other hacks is potentially essentially public information as well. Long-term logs are currently kept indefinitely.
I would advise against this. Over time, you will inevitably lose some of this information for a variety of reasons, and you can potentially be in legal trouble if you are unable to produce specific information you say you retain indefinitely, especially if you are close to the person. I would suggest, as an alternative to instead either retain the name of the person's ISP, geolocation data, or truncated IP address (or a combination thereof) over the very long term. This is likely what you essentially will use for things like account recovery anyway and in most instances, a user's IP address will have changed after several months (and to a much greater extent, after multiple years) anyway. |
|
|
|
|
Jet Cash
Legendary
Offline
Activity: 2702
Merit: 2449
https://JetCash.com
|
|
May 16, 2018, 07:11:18 AM |
|
If I put an image in a post in this thread, then I can get a list of the IPs of the people who have viewed the thread. Cross refer a few threads, and I can probably isolate your individual IP.
Try it and see how many IPs you get... I haven't looked into the programming required for this, as individual IPs are of no interest to me. View counts and referring URLs are about as far as I want to go. |
Offgrid campers allow you to enjoy life and preserve your health and wealth. Save old Cars - my project to save old cars from scrapage schemes, and to reduce the sale of new cars. My new Bitcoin transfer address is - bc1q9gtz8e40en6glgxwk4eujuau2fk5wxrprs6fys |
|
|
shahzadafzal
Copper Member
Legendary
Offline
Activity: 1526
Merit: 2890
|
|
May 16, 2018, 07:33:25 AM
Last edit: May 16, 2018, 08:00:53 AM by shahzadafzal Merited by malevolent (2) |
|
Try it and see how many IPs you get...
I haven't looked into the programming required for this, as individual IPs are of no interest to me. View counts and referring URLs are about as far as I want to go. Actually Theymos is pointing out that it's not possible anymore. bitcointalk is using image proxy which prevents any request being forwarded to the source directly from client's browser. If you haven't notice all [img] tages are replaced like, so you will not get IP Address of the user but all requests will be coming from bitcointalk's image proxy server. https://ip.bitcointalk.org/?u={url}
I seriously think, bitcointalk should enable Image caching on proxy server, currently it looks like caching is not enabled or used that's why we don't see any image for few [5+] seconds. |
|
|
|
|
NavI_027
|
|
May 16, 2018, 08:11:30 AM |
|
First of all, I admire you for having the guts to continue engaging with crypto and also for not feeling discouraged at all despite the fact that it is banned in your country. At the same time, I'm a little bit worried to you because you may possibly punished by the law if ever you are proven guilty.
I'm not a total geek about computer stuffs but what I can suggest you is to use a VPN to hide your IP because that makes you anonymous everytime you will access the internet. I hope it helps.
|
|
|
|
|
Welsh
Staff
Legendary
Offline
Activity: 3248
Merit: 4110
|
|
May 16, 2018, 09:28:53 AM |
|
The member's table has leaked at least once, and the forum has been hacked multiple times. Your registration IP address and your last recorded IP address as of when the members table leaked is more or less public information now. An unknown amount of additional information from the other hacks is potentially essentially public information as well. I'm well aware that to be the case, but the OP registered well after the known database leak which I believe was in mid 2015. This is also why I mentioned it's not much of a big deal due to most IPs would have changed by now as you said here: a user's IP address will have changed after several months (and to a much greater extent, after multiple years) anyway.
First of all, I admire you for having the guts to continue engaging with crypto and also for not feeling discouraged at all despite the fact that it is banned in your country. At the same time, I'm a little bit worried to you because you may possibly punished by the law if ever you are proven guilty.
I'm not a total geek about computer stuffs but what I can suggest you is to use a VPN to hide your IP because that makes you anonymous everytime you will access the internet. I hope it helps.
This is also generally bad advise. Just because you are using a VPN doesn't mean you can trust those behind it, especially when confronted by a government authority they may release the information without even putting up a fight. No log VPNs are good practice, but even these in the past have been caught keeping logs. Even, if you use Tor Browser there's speculation that a lot of the end nodes are actually NSA owned. |
|
|
|
|
digaran
Copper Member
Hero Member
Offline
Activity: 1330
Merit: 899
🖤😏
|
|
May 16, 2018, 10:57:57 AM |
|
This is what I like about you. a true rebel.
This isn't a good example of me being a "rebel", since there's ~no legal risk in refusing to help police who don't have a court order, and there's even less risk when they're not even trying to enforce a law which exists in the forum's jurisdiction. Anyone in the US who would help foreign police with a Bitcoin ban is seriously misguided, at the very least. Would you ban my country's IP from accessing this forum if there is a court order? I'm not talking about crime related bans, just a pure access to information? if so then how would you suggest to avoid this? Not to mention that you supporting Bitcoin is equal to be a rebel where I come from. |
🖤😏
|
|
|
Welsh
Staff
Legendary
Offline
Activity: 3248
Merit: 4110
|
|
May 16, 2018, 01:26:11 PM
Last edit: May 16, 2018, 02:03:22 PM by Welsh |
|
Would you ban my country's IP from accessing this forum if there is a court order? I'm not talking about crime related bans, just a pure access to information? if so then how would you suggest to avoid this?
Even if the unlikely scenario happened you could use a VPN/Tor browser to access the forum, and that's how you would avoid it. Even if theymos did receive a court order to restrict certain countries from accessing the forum he would likely be able to argue that it's down to the users if they break the law in their jurisdiction, and therefore isn't down to him. Cour |
|
|
|
|
|
Aveatrex (OP)
|
|
May 16, 2018, 09:11:34 PM |
|
Your mental model should always be that the forum logs everything, especially since it is behind Cloudflare, which is almost certainly an NSA-backed operation. But here is some more detail. Currently there are four classes of IP logs: - Every time your session refreshes (about every 10 minutes while you are browsing the site), your current IP is momentarily logged. This is only kept until a new such entry replaces it, except that whenever the daily database backup happens, the current value will be captured and then possibly kept for a long time. - A tuple (time, userID, ip) is logged whenever you view a forum ad in order to produce ad stats. These are kept for only a few weeks, and are not backed up. - Every HTTP request creates an access log, but while these contain IPs, they do not contain user IDs, and so on the whole they probably cannot be provably associated with users. These are usually deleted after a few months, and are not backed up. - Certain actions trigger a long-term IP log. This includes posts (but not PMs), security-log entries, certain errors, and registration. Long-term logs are currently kept indefinitely. I don't like that IPs are sometimes kept indefinitely. To prevent abuse, it would probably be sufficient to keep them for ~6 months. But keeping these logs long-term is extremely useful for account recoveries. I've been thinking about this issue, and I think that in the future I might let users opt out of long-term IP logging if they have a public key registered in a (currently-not-existing) public-key-registration system. Though, again, even then you should model this site and all sites as keeping complete logs. Unless I am somehow required to do so by law (though I can't see how in this case), I will not assist police who are seeking to enforce any Bitcoin ban. If I put an image in a post in this thread, then I can get a list of the IPs of the people who have viewed the thread. Cross refer a few threads, and I can probably isolate your individual IP.
Try it and see how many IPs you get... This is what I like about you. a true rebel.
This isn't a good example of me being a "rebel", since there's ~no legal risk in refusing to help police who don't have a court order, and there's even less risk when they're not even trying to enforce a law which exists in the forum's jurisdiction. Anyone in the US who would help foreign police with a Bitcoin ban is seriously misguided, at the very least. Would you ban my country's IP from accessing this forum if there is a court order? I'm not talking about crime related bans, just a pure access to information? if so then how would you suggest to avoid this? Not to mention that you supporting Bitcoin is equal to be a rebel where I come from. -Thank you theymos for the clarification,I really appreciate that. I also hope that you will implement the public-key-registration system in the near future as I'm sure alot of people living in countries banning crypto are also worried about tracks they leave behind them please don't forget us.I'm a bit more reassured atleast not all actions leave permanent IP record -Correct me if I wrong but I don't think that Tor having nodes backed by the NSA would cause a lot of troube to users as a node can't directly link to your real IP unless all the nodes your tor client picked are backed by the NSA |
|
|
|
pugman
Legendary
Offline
Activity: 2383
Merit: 1551
dogs are cute.
|
|
May 16, 2018, 11:07:29 PM |
|
This isn't a good example of me being a "rebel", since there's ~no legal risk in refusing to help police who don't have a court order, and there's even less risk when they're not even trying to enforce a law which exists in the forum's jurisdiction. Anyone in the US who would help foreign police with a Bitcoin ban is seriously misguided, at the very least.
What exactly is a bitcoin ban? I am probably assuming the ban from this forum? Also do explain your last point. |
|
|
|
mdayonliner
Copper Member
Sr. Member
Offline
Activity: 630
Merit: 420
We are Bitcoin!
|
|
May 16, 2018, 11:29:26 PM |
|
If I put an image in a post in this thread, then I can get a list of the IPs of the people who have viewed the thread. Cross refer a few threads, and I can probably isolate your individual IP.
Try it and see how many IPs you get...What I understand from this is, It's not gonna work. So seems like we are safe.
Update: Ok seems like I have missed this from shahzadafzal. Actually Theymos is pointing out that it's not possible anymore. bitcointalk is using image proxy which prevents any request being forwarded to the source directly from client's browser. If you haven't notice all [img] tages are replaced like, so you will not get IP Address of the user but all requests will be coming from bitcointalk's image proxy server. https://ip.bitcointalk.org/?u={url}
I seriously think, bitcointalk should enable Image caching on proxy server, currently it looks like caching is not enabled or used that's why we don't see any image for few [5+] seconds. |
Be happy be at peace. Looking forward to BTC at $1M
|
|
|
Welsh
Staff
Legendary
Offline
Activity: 3248
Merit: 4110
|
|
May 17, 2018, 02:11:21 PM |
|
-Thank you theymos for the clarification,I really appreciate that.
I also hope that you will implement the public-key-registration system in the near future as I'm sure alot of people living in countries banning crypto are also worried about tracks they leave behind them please don't forget us.I'm a bit more reassured atleast not all actions leave permanent IP record
-Correct me if I wrong but I don't think that Tor having nodes backed by the NSA would cause a lot of troube to users as a node can't directly link to your real IP unless all the nodes your tor client picked are backed by the NSA
You would be correct. The more end nodes you control in the network the more likely you are to control all the nodes in a circuit. If the NSA or any entity for instance controlled all nodes within the circuit you are using then they would be able to determine the IP that you use. This is why more nodes means more security, because it's more unlikely for one entity to control all the nodes. Although, with the spending power, and resources of someone like NSA there are concerns from a select few. This probably isn't too much of a concern for someone who's accessing a forum that they aren't suppose too, but it's quite well known that journalists use the Tor project to communicate with "whistleblowers" and the like, and you can imagine why the government would want to listen into these. The motives are there, but I'm skeptical of how much of a problem it really is. If you want extra protection some people connect to Tor via a VPN. Then you have to trust that VPN provider. |
|
|
|
|
vlom
Legendary
Offline
Activity: 1498
Merit: 1113
|
|
May 17, 2018, 07:40:54 PM |
|
If I put an image in a post in this thread, then I can get a list of the IPs of the people who have viewed the thread. Cross refer a few threads, and I can probably isolate your individual IP.
is it really possible to place an image - even an invisible image - that works like the traking things that are sent via e-mail? the images that services like mailchimp uses. edit. sorry, i should have read the second page too before asking this question. |
|
|
|
|
|
Aveatrex (OP)
|
|
May 17, 2018, 08:35:56 PM |
|
This isn't a good example of me being a "rebel", since there's ~no legal risk in refusing to help police who don't have a court order, and there's even less risk when they're not even trying to enforce a law which exists in the forum's jurisdiction. Anyone in the US who would help foreign police with a Bitcoin ban is seriously misguided, at the very least.
What exactly is a bitcoin ban? I am probably assuming the ban from this forum? Also do explain your last point. A Bitcoin ban means (In my case) that holding/transacting Bitcoin is illegal and could be punishable by law (fines and penalties) if caught. |
|
|
|
|
imstillthebest
|
|
May 17, 2018, 11:35:24 PM |
|
If I put an image in a post in this thread, then I can get a list of the IPs of the people who have viewed the thread. Cross refer a few threads, and I can probably isolate your individual IP.
is it really possible to place an image - even an invisible image - that works like the traking things that are sent via e-mail? the images that services like mailchimp uses. edit. sorry, i should have read the second page too before asking this question. Yes it is really possible to post images as long as your current rank allows it. junior member and up is the ideal minimum rank that can be able to do it. I forgot , copper members that pays for membership is also another rank that can be able to allow images on their post. And about the ip address thing , i dont thing any of us is concerned about it. ip address isnt really accurate because some of us are using a vpn or a virtual private network in order to browse the forum, so i think it is still pointless to trace the user. Bitcointalk.org is now verry secure because the forum has upgraded its security lately after the hacking had occur. |
|
|
|
|
|
