Bitcoin Forum
August 25, 2019, 10:33:18 AM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: « 1 [2]  All
  Print  
Author Topic: Retention/privacy info  (Read 525 times)
ibminer
Legendary
*
Offline Offline

Activity: 1349
Merit: 1349


Goonies never say die.


View Profile
April 25, 2019, 07:31:48 PM
 #21

It's a bad idea to provide any IP log to the user themselves. Compromised accounts happen and the situation could become worse if the attacker can access your IP logs.
Compromised accounts get PM details as well. That should not be a reason, not to provide IP log data.

PM privacy is not guaranteed and you can control those.

:-: Bitcointalk Public Information Project (BPIP) New stats, new reports, and a new design(done by me. Smiley)
Don't be obsessed with your desires. The Zen philosopher Basho once wrote, 'A flute with no holes, is not a flute... and a donut with no hole, is a Danish.' He was a funny guy.
1566729198
Hero Member
*
Offline Offline

Posts: 1566729198

View Profile Personal Message (Offline)

Ignore
1566729198
Reply with quote  #2

1566729198
Report to moderator
1566729198
Hero Member
*
Offline Offline

Posts: 1566729198

View Profile Personal Message (Offline)

Ignore
1566729198
Reply with quote  #2

1566729198
Report to moderator
1566729198
Hero Member
*
Offline Offline

Posts: 1566729198

View Profile Personal Message (Offline)

Ignore
1566729198
Reply with quote  #2

1566729198
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1566729198
Hero Member
*
Offline Offline

Posts: 1566729198

View Profile Personal Message (Offline)

Ignore
1566729198
Reply with quote  #2

1566729198
Report to moderator
1566729198
Hero Member
*
Offline Offline

Posts: 1566729198

View Profile Personal Message (Offline)

Ignore
1566729198
Reply with quote  #2

1566729198
Report to moderator
Quickseller
Copper Member
Legendary
*
Offline Offline

Activity: 1876
Merit: 1745



View Profile WWW
April 25, 2019, 07:41:06 PM
 #22

I mean, an user has right to know his/her own information.
In the EU, yes. In the US, no.
The forum doesn’t recognize EU law.

████
████
████
████
████           
████             █████████▄
████           ██████████████
████          ██████     ██████
████         ██████       █████
██████████████████████████████
█████████████████████████████▀
              ██████▄
               ██████████████
                 ████████████
  LocalEthereum    50+ Ways To Buy & Sell Ethereum (ETH)   ▄████████████████████▄
██████████████████████
██████████████████████
██████▀▀██████████████
████▀░░░░▀████████████
███▀░░▄▄░░░░░░░░░░████
███▄░░▀▀░░▄▄░░▄▄░░████
████▄░░░░▄██▄▄██▄▄████
██████▄▄██████████████
██████████████████████
██████████████████████
▀████████████████████▀
▄████████████████████▄
██████████████████████
██████████████████████
█████░░▀▀░░░░▀▀░░█████
█████░░░░░░░░░▄░░█████
█████▄░░░░░░▄▀░░▄█████
██████░░░▀▄▀░░░░██████
███████░░░░░░░░███████
████████░░░░░░████████
█████████▄░░▄█████████
██████████████████████
▀████████████████████▀
No verificationsNon-Custodial
Built-in Escrow   ● External Wallet Integration
Lauda
GrumpyKitty
Legendary
*
Offline Offline

Activity: 2310
Merit: 2110


Modern Liberalism is a Mental Disorder


View Profile
April 25, 2019, 07:43:15 PM
 #23

I mean, an user has right to know his/her own information.
In the EU, yes. In the US, no.
The forum doesn’t recognize EU law.
The US is the most corrupt and backwards place in the world, so no surprise there. Keep enjoying the bribes.

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
theymos
Administrator
Legendary
*
Offline Offline

Activity: 3486
Merit: 6063


View Profile
April 25, 2019, 07:51:31 PM
Merited by OgNasty (1)
 #24

Is this change in response to some government order? Just asking...

No. Previously IPs were logged sporadically but usually kept indefinitely; this is an overall significant reduction in retention.

It's a bad idea to provide any IP log to the user themselves. Compromised accounts happen and the situation could become worse if the attacker can access your IP logs.

Right. Though if someone really wants to know, I might consider manually giving them their logs after verifying that their account doesn't look hacked.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
suchmoon
Legendary
*
Offline Offline

Activity: 2044
Merit: 3837


Pedal-powered plaguebot


View Profile
April 25, 2019, 08:02:30 PM
 #25

Trying to grasp it however I think I got the basic idea. May be I need to get help from google for more clarity. Cheers Lauda :-)

Full IP that is kept for 6 months can identify your device (computer, phone, etc) quite accurately, depending on who gets their hands on it. Partial IP can only identify the rough location, like your neighborhood or mobile cell. If you're concerned about any of that - make sure to safeguard your e-mail account, stake a Bitcoin address, and check the new checkbox. Use Tor if feasible. Keep in mind that other entities like Google have potentially lots more info about you.

TalkStar
Copper Member
Sr. Member
****
Offline Offline

Activity: 378
Merit: 270


View Profile
April 25, 2019, 09:08:45 PM
 #26

Right. Though if someone really wants to know, I might consider manually giving them their logs after verifying that their account doesn't look hacked.
That's a nice way IMO because if you provide IP logs manually then its going to be much safer for the real user of that account. Hackers will not be able to verify themselve manually for sure.
AverageGlabella
Sr. Member
****
Offline Offline

Activity: 369
Merit: 572


Thinking with average intent


View Profile
April 28, 2019, 09:07:32 PM
 #27

I do believe that if you are collecting IP addresses to comply with GDPR you would be required for members of the site to accept that you are doing that via a cookie or am I incorrect in assuming that? Also is there any other information that you collect separate to IP addresses?

I'm not sure what law the forum is operating under but I know that a auction site that we owned had to comply with GDPR regulations and there was a big crackdown on it in recent years. Wondering how a forum and specifically a Bitcoin forum would deal with that.
TryNinja
Legendary
*
Offline Offline

Activity: 1106
Merit: 1457


CS <3


View Profile
April 28, 2019, 10:00:33 PM
 #28

I do believe that if you are collecting IP addresses to comply with GDPR you would be required for members of the site to accept that you are doing that via a cookie or am I incorrect in assuming that?
I don't think he is.

See:
I intend to ignore all stupidity coming out of the EUSSR.

Quote
Also is there any other information that you collect separate to IP addresses?
Everything is in the page theymos linked in the OP: https://bitcointalk.org/privacy.php

Quote
I'm not sure what law the forum is operating under but I know that a auction site that we owned had to comply with GDPR regulations and there was a big crackdown on it in recent years. Wondering how a forum and specifically a Bitcoin forum would deal with that.
theymos doesn't care about GDPR regulations (as you can see by his posted I quoted above). But, AFAIK, he will comply with the authorities whenever he receives a subpoena.

mikeywith
Hero Member
*****
Online Online

Activity: 504
Merit: 1107


be constructive or S.T.F.U


View Profile
April 28, 2019, 11:18:52 PM
 #29

Full IP that is kept for 6 months can identify your device (computer, phone, etc) quite accurately

I think that's a bit too much, people will be paranoid  Grin

you can't possibly identify a device on  TCP/IP level only , it's beyond the scope.  

losing those last 8 bits is like going from an aprox longitude and latitude say (50-100 km radius) to just a city/state, now of course it all depends on your location and ISP, in some places you will be lucky to just get the country name right  Grin

Jet Cash
Legendary
*
Offline Offline

Activity: 1344
Merit: 1718


Rubbish at predicting Bitcoin price movements.


View Profile WWW
April 29, 2019, 06:20:29 AM
 #30

I'm sorry if I'm clogging up the records. I use a variety of computing devices ( I think I've used about 10 so far ), and a mix of public and private connection methods and IPs from a variety of geographic locations. I'm also using Brave with a Tor window on occasions. If you want to track me down, then it would probably be easier to do it through a domain name, or you could just send me a PM. Smiley

If Bitcoin didn't exist, bankers would have to invent it.
o_e_l_e_o
Hero Member
*****
Offline Offline

Activity: 658
Merit: 2555



View Profile
April 29, 2019, 08:22:46 AM
 #31

-snip-
I'm probably the same. I use a variety of devices, a variety of locations, a variety of connection methods, a variety of VPN servers, and a variety of browsers. I would take a guess at having ~20 different IPs logged against my username.

As others have said, if you are concerned about your IP being logged, either use Tor or a reputable VPN. See https://thatoneprivacysite.net/vpn-section/ if you don't know where to start. Also be aware that if you use Microsoft, Apple, Google, Chrome, Facebook, etc., then a hell of a lot more than just your IP address is being logged.

ETFbitcoin
Legendary
*
Offline Offline

Activity: 1736
Merit: 1990

Use SegWit and enjoy lower fees.


View Profile WWW
April 29, 2019, 08:27:44 AM
 #32

Glad i use Tor connection, but i wonder if there's typo on "City geolocation" Normal retention which is 6 years, since Full OP only have 6 month duration.

suchmoon
Legendary
*
Offline Offline

Activity: 2044
Merit: 3837


Pedal-powered plaguebot


View Profile
April 29, 2019, 02:25:35 PM
 #33

you can't possibly identify a device on  TCP/IP level only , it's beyond the scope.  

Not at the bare protocol level perhaps but "depending on who gets their hands on [the IP address]" - I'm quite sure your ISP (or someone who can subpoena your ISP) can match that IP at least to your router, your cell carrier can pinpoint you even more accurately. Then there's Google and Facebook and other sites that you use with the same IP and probably hundreds of other ways for you to be paranoid.

Use Tor, that way you only need to worry about NSA and perhaps a half dozen other agencies.

DdmrDdmr
Hero Member
*****
Offline Offline

Activity: 588
Merit: 2574

There are lies, damned lies and statistics. MTwain


View Profile WWW
April 29, 2019, 02:50:40 PM
 #34

Last week I read an article that stated that multiple torrent users in Spain, allegedly all belonging to the same internet service provider (Euskatel), had received letters from a law firm representing a given film/series producer, demanding a certain amount of money for having downloaded copyright protected content through P2P.  The base of it all is a judicial sentence that the Commercial Court in Bilbao had ruled, whereby the ISP has to disclose the identity of a given set of people that were tracked solely through their IP.

It’s not a common extended practice, but some courts may rule in favour of identifying through IPs with the forcibly collaboration of ISPs.

(See Amenazados por piratear: les piden hasta 1000 euros por descargar películas y series) – in Spanish.

o_e_l_e_o
Hero Member
*****
Offline Offline

Activity: 658
Merit: 2555



View Profile
April 29, 2019, 03:13:09 PM
 #35

Use Tor, that way you only need to worry about NSA and perhaps a half dozen other agencies.
I know that you know this, but for the benefit of anyone who might not:

Tor browser obviously only routes what you are accessing through that browser through the Tor network. In DdmrDdmr's example above, if you are torrenting Tor browser will do nothing to protect you, even if you downloaded the torrent link via Tor. Torrenting is a very poor use of the Tor network anyway. If you are using Windows, it will happily phone home continuously outside of the Tor network and expose your real IP to anyone who might be watching. Any other programs you might be using such as Telegram or Discord won't use the Tor network. If you are logging in to sites like Google, Facebook, etc., and you have ever logged in to them from your real IP, then Tor achieves nothing - they are tracking you all the same.

You can route all your traffic through Tor, but as I said, you will notice significant delays and very poor speeds for any downloads, media, etc. If you want to do these kinds of things, you are best served by purchasing a reputable VPN, although note that this still isn't foolproof and you are still trusting your VPN provider to not sell you out.

Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!