How PRIVATE is a PM ?
#1
BANNED
Thread Starter
Join Date: Mar 2002
Location: LIVERPOOL THE CENTRE OF EXCELLENCE
Posts: 8,511
Likes: 0
Received 0 Likes
on
0 Posts
How PRIVATE is a PM ?
As title really.
How private is a private message, who else gets to read it?
How long do you keep them on file ?
Do you give up information to any third party ?
If its not private, why is it called a private message ?
Cheers
How private is a private message, who else gets to read it?
How long do you keep them on file ?
Do you give up information to any third party ?
If its not private, why is it called a private message ?
Cheers
#2
Everything on the net is viewable in some form. So, write knowing that the message will probably have an audience of more than one.
Ive worked in places where whole desks of IT guys were reading through personal emails, looking for gossip :-)
SBK
Ive worked in places where whole desks of IT guys were reading through personal emails, looking for gossip :-)
SBK
#3
Scooby Regular
iTrader: (12)
Join Date: Mar 2009
Location: in a house
Posts: 2,078
Likes: 0
Received 0 Likes
on
0 Posts
i know a majority of site have admin panels and can upgrade this so that they can read private messages sent between everyone. i believe it is against the law but you have to prove it.
#5
Scooby Regular
iTrader: (2)
Join Date: Mar 2001
Location: Swilling coffee at my lab bench
Posts: 9,096
Likes: 0
Received 0 Likes
on
0 Posts
Judging by the tantrum that SdB threw at me a few years ago when I refused to tell him what was in a few PM's I'd allegedly sent, I'd say that they probably were quite private. At least, they were before the server move and upgrade - maybe things are different now.
#7
Scooby Regular
Join Date: Feb 2003
Location: Zed Ess Won Hay Tee
Posts: 21,611
Likes: 0
Received 0 Likes
on
0 Posts
Not sure if it is installed at the moment? but i know PM`s have been read in the past, well i was told this by somebody on the inside, so i would assume its true .....
Besides, you could easy just reset the login password and haver the admin login as the user if required ?
Besides, you could easy just reset the login password and haver the admin login as the user if required ?
Last edited by StickyMicky; 23 July 2009 at 09:12 AM.
Trending Topics
#11
Scooby Regular
Join Date: Sep 2006
Location: RIP Tam.
Posts: 5,108
Likes: 0
Received 0 Likes
on
0 Posts
They should be under data protection but if they need to be accessed for legal reasons I suppose they can do so.
Yoza at the end of the day things should only be sent that you are not worried about others seeing, if you are use the phone ;-)
Yoza at the end of the day things should only be sent that you are not worried about others seeing, if you are use the phone ;-)
#13
Scooby Regular
Join Date: Mar 1999
Location: The Great White North
Posts: 25,080
Likes: 0
Received 0 Likes
on
0 Posts
As said by others, if you have db access you can read pm's, simply look for the pmtext table, it's all in there (or at least that is where vB 3.8.3 stores them), in clear-text.
Who has access to the db? It could be that even Stu does not have access. It depends how things are setup. I know most hosts won't allow remote access to the db, for obvious reasons, so you'd need either shell access (SSH) to the server and run sql from the command line, or an install of phpmyadmin, again on the server, and you'd need the access codes to get into that.
Apart from the db you can install modifications that allow you to read pm's or simply login as the user, thus enabling you to masquerade as them. That overcomes the whole "reset their password" situation, as you don't need a password perform this login, and the user is unaware their account is being viewed.
To be quite frank, if you think the mods/admins are logging in as you and/or reading your PM's then I think you're a little over confident that they find what you share with others via PM's to be in the slightest interest.
I would say PM's would only be read if there is a complaint, say one user has threatened another by PM or there is pending legal action, the Admin would ideally need to see what has been said by both parties to get to the bottom of things.
If you are worried about PM's being read then use email, unless of course you think the mods/admins are monitoring your emails as well
Who has access to the db? It could be that even Stu does not have access. It depends how things are setup. I know most hosts won't allow remote access to the db, for obvious reasons, so you'd need either shell access (SSH) to the server and run sql from the command line, or an install of phpmyadmin, again on the server, and you'd need the access codes to get into that.
Apart from the db you can install modifications that allow you to read pm's or simply login as the user, thus enabling you to masquerade as them. That overcomes the whole "reset their password" situation, as you don't need a password perform this login, and the user is unaware their account is being viewed.
To be quite frank, if you think the mods/admins are logging in as you and/or reading your PM's then I think you're a little over confident that they find what you share with others via PM's to be in the slightest interest.
I would say PM's would only be read if there is a complaint, say one user has threatened another by PM or there is pending legal action, the Admin would ideally need to see what has been said by both parties to get to the bottom of things.
If you are worried about PM's being read then use email, unless of course you think the mods/admins are monitoring your emails as well
#15
#17
Track Day Organiser
I know a site owner who did this for a while and it drove him to closing it down in the end as he couldn't beleive what people actually would say behind his back and not to his face ..........WELCOME TO THE INTERNET!
I am sure the current management have absolutly no interest in whats said by PM
I am sure the current management have absolutly no interest in whats said by PM
#18
Scooby Regular
Join Date: Dec 2006
Location: S.E London
Posts: 13,654
Likes: 0
Received 0 Likes
on
0 Posts
Send emails instead! Duh lol Message the person once asking for an email address. Unless its to send people abuse, in which case, get a grip
They are called PRIVATE messages as they are not posted on a PUBLIC forum, not because they are super encrypted, spy level secret.
That said, as the owner of a forum for 10 years I have to say I do not condone the reading of peoples messages.
They are called PRIVATE messages as they are not posted on a PUBLIC forum, not because they are super encrypted, spy level secret.
That said, as the owner of a forum for 10 years I have to say I do not condone the reading of peoples messages.
#19
Moderator
iTrader: (4)
Join Date: Jul 2004
Location: The Terry Crews of moderation. P P P P P P POWER!!
Posts: 18,687
Likes: 0
Received 0 Likes
on
0 Posts
Mods DO NOT have access to PMs. Believe me, we woudn't want it either!!
The only way we get to read a PM from another member on here that wasn't sent to us is if it is forwarded to us by someone should, for example, they be on the receiving end of abuse or a libelous comment via the PM system. In these instances we will save the PM (s) (as evidence) untill we are satisfied that the matter is resolved.
This can come in handy when a situation arises where a disgruntled member denies having comitted a transgression from the T&Cs via PM or questions a moderators integrity, for example. Even then, we don't simply disclose the PMs to the community, but will discuss the matter and disclose evidence to other mods so as there is no question of impropiety on the part of a single mod.
Don't worry, your PMs are not being watched.......at least, not by us!
The only way we get to read a PM from another member on here that wasn't sent to us is if it is forwarded to us by someone should, for example, they be on the receiving end of abuse or a libelous comment via the PM system. In these instances we will save the PM (s) (as evidence) untill we are satisfied that the matter is resolved.
This can come in handy when a situation arises where a disgruntled member denies having comitted a transgression from the T&Cs via PM or questions a moderators integrity, for example. Even then, we don't simply disclose the PMs to the community, but will discuss the matter and disclose evidence to other mods so as there is no question of impropiety on the part of a single mod.
Don't worry, your PMs are not being watched.......at least, not by us!
Last edited by New_scooby_04; 23 July 2009 at 01:41 PM.
#20
BANNED
Thread Starter
Join Date: Mar 2002
Location: LIVERPOOL THE CENTRE OF EXCELLENCE
Posts: 8,511
Likes: 0
Received 0 Likes
on
0 Posts
Why do the same people assume something untoward is going on....
I just asked a simple question, I am not planning on writing anything in a PM that would be of any worry to me, I just wondered how PRIVATE a PRIVATE message was.
And for the record.....not very PRIVATE by the sounds of it.
I just asked a simple question, I am not planning on writing anything in a PM that would be of any worry to me, I just wondered how PRIVATE a PRIVATE message was.
And for the record.....not very PRIVATE by the sounds of it.
#24
Scooby Regular
Join Date: Aug 2002
Location: In the naughty corner
Posts: 10,869
Likes: 0
Received 0 Likes
on
0 Posts
BTW, IT departments often include girls as well as 'guys' these days. Outrageous, I know, but true.
When I was a ladette working in IT I used to go out of my way to make it difficult for the Hell Desk to spy on me. In one company they installed a snooping system whereby Hell Desk could remotely monitor the screen of any employee, without that employee being aware. Mysteriously, no matter how many times it was installed on my system, it became corrupted within hours. It was never discovered what was causing it. *cough* Not that I had anything to hide. I am an honest employee with a good work ethic; I just resent the implication that if I would not be if I were not spied upon.
In another company I sent a few mails out in encrypted form, only to get a stroppy mail from the Hell Desk Manager to say this was against company policy. I enquired why. I was told I could be sending company secrets out of the building. I pointed out as an IT team member and as someone who took a company laptop out of the building every night, if I wished to steal company "secrets" I had much better ways of doing it. I then switched to sending messages to certain people in a code that didn't flag up on the mail gateway software, but that meant Hell Desk couldn't understand them. This was picked up on within days, and I got another tantrum from Hell Desk Control. My response was to challenge them to prove I was sending anything more than gibberish and to show me where that was against company policy, (which stated that personal e-mails were acceptable to a degree).
I have a real problem with companies spying on me when I've done nothing to warrant it. If they don't trust me, they just shouldn't employ me. It doesn't stop me from doing my job to the best of my ability but it does mean I'll do anything I can to make it difficult for them to spy.
It can be quite entertaining wording emails in such a way that they are innocent but likely to set off the content management flags on the mail system, and seeing just how fast and how often stroppy mails from Hell Desk Control can be prompted.
Childish? Me? Yeah, sometimes.
And to return to topic... PMs could be reasonably private in terms of who on this site can see them, but it's not safe to assume that is the case.
#25
Scooby Regular
iTrader: (6)
The site is owned and by using the site you agree to the rules are set out by the owner.
PMs are generally private and moderators do not have access, but an Admin could quite easily gain access should they want to, as they have access to the service and code.
Even email isn't private as every ISP can access your emails and see your password. Not the customer facing staff but back office support.
#27
Scooby Regular
Join Date: Aug 2002
Location: In the naughty corner
Posts: 10,869
Likes: 0
Received 0 Likes
on
0 Posts
#29
Standard forum software, MySql back end, standard schema, easily reverse engineered from a test forum, just need access to the database, hopefully its well protected from SQL injection or any other techniques.
#30
Last time I checked (before the site move) there were no mods that permitted easy reading of PMs by anyone. It's a piece of pee to pull the text out of the database directly (if you have access), but to be honest it's all so boring and mundane that no-one ever actually wants to. Much as people might like to think that what they put in a PM is oh so exciting and interesting, the reality is that it's invariably as boring as hell.