Share The Seeds
Share The Seeds Site => STS FAQ, Rules and Site Support => Topic started by: Meow on June 06, 2016, 03:54:32 AM
-
I would like to formally request that this site be made secure via HTTPS and that PMs be encrypted via PGP or something just as good. I know we don't do anything illegal, but it would bring me peace of mind to be able to know that my home address is encrypted when trading.
Thank you,
Meow
-
you can encrypt your PMs using OpenPGP in any website you wish.
Look it up
-
Im with Meow on this 8)
-
I appreciate everyone's concern, but there's not much we can do. This site is not coded from the ground up; rather it's a template type deal. That was all taken into consideration when we set the forum rules and in our enforcement of them.
Best I can say is to use something like HTTP Everywhere and encrypt like Radium said if you're really concerned.
Peace,
Frog
-
Works on any website/forum/email/IM/etc:
- Install OpenPGP
- Create a public and a private key
- Give your public key to anyone who wants to write to you
- Get the public key of people you wish to write to
- Encrypt your text using their public key
- Decrypt their text using your private key
- Enjoy privacy
Public key = only used for encryption
Private key = only used for decryption
Example:
I send you my public key, you encrypt your message for me using that, and send the encrypted message over to me.
Then I decrypt it using my private key.
I do not need to send over my private key to you, so the man-in-the-middle cannot decrypt your message to me.
All he can do is writing encrypted messages for me, by intercepting my public key.
But you can "sign" your messages so I can be assured that they are indeed written by you, and are not fake.
-
Meow, the best way to deal with folks is to use email if one lets you to communicate by such a way.
-
Meow, the best way to deal with folks is to use email if one lets you to communicate by such a way.
Funny enough, I trust this server more than email.
I've asked a couple of people about their PGP key, but it appears that many people do not use it.
-
Meow, the best way to deal with folks is to use email if one lets you to communicate by such a way.
Funny enough, I trust this server more than email.
I've asked a couple of people about their PGP key, but it appears that many people do not use it.
Then let's introduce more people to this bullet-proof encrypted communication method.
Learn to use it, and teach your contacts as well.
It's the only encryption stuff you'll ever need everywhere,
Very rewarding to learn (and pretty simple/easy too).
There are many free and open-source tools for utilizing PGP/GPG built by good souls.
One is Enigmail:
https://www.enigmail.net/index.php/en/ (https://www.enigmail.net/index.php/en/)
When you are using PGP, you can even print your message on paper and hand it over to the big brother to deliver it to your contact.
Email, forum PM, IM, paper, even graffiti(!!!), you can use it anywhere you wish.
-
This site does anonymize our IP's. Every person shows with the same IP, and there is no tracking of real IP's at all.
-
Funny enough, I trust this server more than email.
Don't you know about modern high standard email service?
This site does anonymize our IP's. Every person shows with the same IP, and there is no tracking of real IP's at all.
'Your IP address is shown only to you and moderators. Remember that this information is not identifying, and that most IPs change periodically. You cannot see other members' IP addresses, and they cannot see yours.' Close window
-
Where did you see that, The Seedist?
Moderators most definitely can't see your IP address. There is an IP that shows on every post to moderators (it's 127.0.0.1, presumably the same as you see for yourself), but it is the same always and for everyone. We actually had an incident where a mod tried to ban a bot account using "Ban IP" and everyone...mods, Admin, everyone... was banned. It was a mess.
-
I trust this site more than say Gmail because it is not subject to my country's laws, and would probably tell the court to go stuff itself if they tried to issue a subpoena or warrant.
-
I learnt about PGP/GPG from BubbleCat (dude, wir vermissen dich...),
Long time no news from him.
Hope he's okay and doing well.
-
Funny enough, I trust this server more than email.
Don't you know about modern high standard email service?
This site does anonymize our IP's. Every person shows with the same IP, and there is no tracking of real IP's at all.
'Your IP address is shown only to you and moderators. Remember that this information is not identifying, and that most IPs change periodically. You cannot see other members' IP addresses, and they cannot see yours.' Close window
That is the generic SMF IP disclaimer. The forum is set to never request or record IP info of any sort.
nobody
-
I trust this site more than say Gmail because it is not subject to my country's laws, and would probably tell the court to go stuff itself if they tried to issue a subpoena or warrant.
You do not have to trust Gmail, Hotmail, Yahoo and others like that. You need to find another good email service which is not the same.
Where did you see that, The Seedist?
Look down at your message box lower right corner and you'll see these Report to moderator and 127.0.0.1, then click the ip numerals button for pop-up window to appeared.
-
Are there any plans to implement https connections to the server?
-
nvm
-
Are there any plans to implement https connections to the server?
Guess NO.
What about https protocol?
http://sharetheseeds.me/forum/index.php?topic=322.msg33161#msg33161
-
To be precise the board is https averse, meaning it wont even interpret links prefixed by https as such. One might want to add that https is weak and very vulnerable to MitM attacks, which the only people that could be interested in any remote way in our activities here, could easily implement.
You can of course choose to access the forum through any alternate network layer of your choice (anything supporting clearnet exit nodes like TOR), which again comes with its own benefits and downsides.
The nature of the forum, as long one sticks to the rules, does, IMO, not call for any advanced security features.