Share The Seeds

Share The Seeds Site => STS FAQ, Rules and Site Support => Topic started by: Meow on June 06, 2016, 03:54:32 am

Title: Request for encryption!
Post by: Meow on June 06, 2016, 03:54:32 am
I would like to formally request that this site be made secure via HTTPS and that PMs be encrypted via PGP or something just as good. I know we don't do anything illegal, but it would bring me peace of mind to be able to know that my home address is encrypted when trading.

Thank you,

Meow
Title: Re: Request for encryption!
Post by: Radium on June 06, 2016, 09:16:17 pm
you can encrypt your PMs using OpenPGP in any website you wish.
Look it up
Title: Re: Request for encryption!
Post by: mr.miyagi on June 06, 2016, 09:19:17 pm
Im with Meow on this  8)
Title: Re: Request for encryption!
Post by: Frog Pajamas on June 06, 2016, 11:47:48 pm
I appreciate everyone's concern, but there's not much we can do. This site is not coded from the ground up; rather it's a template type deal. That was all taken into consideration when we set the forum rules and in our enforcement of them.

Best I can say is to use something like HTTP Everywhere and encrypt like Radium said if you're really concerned.

Peace,
Frog
Title: Re: Request for encryption!
Post by: Radium on June 07, 2016, 08:57:24 am
Works on any website/forum/email/IM/etc:

Public key = only used for encryption
Private key = only used for decryption

Example:
I send you my public key, you encrypt your message for me using that, and send the encrypted message over to me.
Then I decrypt it using my private key.

I do not need to send over my private key to you, so the man-in-the-middle cannot decrypt your message to me.
All he can do is writing encrypted messages for me, by intercepting my public key.
But you can "sign" your messages so I can be assured that they are indeed written by you, and are not fake.
Title: Re: Request for encryption!
Post by: The Seedist on June 07, 2016, 12:42:12 pm
Meow, the best way to deal with folks is to use email if one lets you to communicate by such a way.
Title: Re: Request for encryption!
Post by: Meow on June 07, 2016, 08:07:49 pm
Meow, the best way to deal with folks is to use email if one lets you to communicate by such a way.

Funny enough, I trust this server more than email.

I've asked a couple of people about their PGP key, but it appears that many people do not use it.
Title: Re: Request for encryption!
Post by: Radium on June 07, 2016, 08:55:51 pm
Meow, the best way to deal with folks is to use email if one lets you to communicate by such a way.

Funny enough, I trust this server more than email.

I've asked a couple of people about their PGP key, but it appears that many people do not use it.
Then let's introduce more people to this bullet-proof encrypted communication method.
Learn to use it, and teach your contacts as well.
It's the only encryption stuff you'll ever need everywhere,
Very rewarding to learn (and pretty simple/easy too).

There are many free and open-source tools for utilizing PGP/GPG built by good souls.
One is Enigmail:
https://www.enigmail.net/index.php/en/ (https://www.enigmail.net/index.php/en/)

When you are using PGP, you can even print your message on paper and hand it over to the big brother to deliver it to your contact.
Email, forum PM, IM, paper, even graffiti(!!!), you can use it anywhere you wish.
Title: Re: Request for encryption!
Post by: Frog Pajamas on June 07, 2016, 08:56:32 pm
This site does anonymize our IP's. Every person shows with the same IP, and there is no tracking of real IP's at all.
Title: Re: Request for encryption!
Post by: The Seedist on June 07, 2016, 09:07:05 pm
Funny enough, I trust this server more than email.
Don't you know about modern high standard email service?

This site does anonymize our IP's. Every person shows with the same IP, and there is no tracking of real IP's at all.
'Your IP address is shown only to you and moderators. Remember that this information is not identifying, and that most IPs change periodically. You cannot see other members' IP addresses, and they cannot see yours.' Close window
Title: Re: Request for encryption!
Post by: Frog Pajamas on June 07, 2016, 09:53:57 pm
Where did you see that, The Seedist?

Moderators most definitely can't see your IP address. There is an IP that shows on every post to moderators (it's 127.0.0.1, presumably the same as you see for yourself), but it is the same always and for everyone. We actually had an incident where a mod tried to ban a bot account using "Ban IP" and everyone...mods, Admin, everyone... was banned. It was a mess.
Title: Re: Request for encryption!
Post by: Meow on June 07, 2016, 10:20:43 pm
I trust this site more than say Gmail because it is not subject to my country's laws, and would probably tell the court to go stuff itself if they tried to issue a subpoena or warrant.
Title: Re: Request for encryption!
Post by: Radium on June 07, 2016, 11:19:34 pm
I learnt about PGP/GPG from BubbleCat (dude, wir vermissen dich...),
Long time no news from him.
Hope he's okay and doing well.

Title: Re: Request for encryption!
Post by: nobody on June 08, 2016, 03:27:27 am
Funny enough, I trust this server more than email.
Don't you know about modern high standard email service?

This site does anonymize our IP's. Every person shows with the same IP, and there is no tracking of real IP's at all.
'Your IP address is shown only to you and moderators. Remember that this information is not identifying, and that most IPs change periodically. You cannot see other members' IP addresses, and they cannot see yours.' Close window


That is the generic SMF IP disclaimer. The forum is set to never request or record IP info of any sort.

nobody
Title: Re: Request for encryption!
Post by: The Seedist on June 08, 2016, 09:44:15 am
I trust this site more than say Gmail because it is not subject to my country's laws, and would probably tell the court to go stuff itself if they tried to issue a subpoena or warrant.
You do not have to trust Gmail, Hotmail, Yahoo and others like that. You need to find another good email service which is not the same.

Where did you see that, The Seedist?
Look down at your message box lower right corner and you'll see these Report to moderator and 127.0.0.1, then click the ip numerals button for pop-up window to appeared.
Title: Re: Request for encryption!
Post by: nick on February 24, 2017, 06:21:12 pm
Are there any plans to implement https connections to the server?
Title: Re: Request for encryption!
Post by: cactusman on February 25, 2017, 03:56:45 pm
nvm
Title: Re: Request for encryption!
Post by: The Seedist on February 28, 2017, 09:19:02 pm
Are there any plans to implement https connections to the server?
Guess NO.

What about https protocol?
http://sharetheseeds.me/forum/index.php?topic=322.msg33161#msg33161
Title: Re: Request for encryption!
Post by: BubbleCat on March 01, 2017, 09:56:26 am
To be precise the board is https averse, meaning it wont even interpret links prefixed by https as such. One might want to add that https is weak and very vulnerable to MitM attacks, which the only people that could be interested in any remote way in our activities here, could easily implement.

You can of course choose to access the forum through any alternate network layer of your choice (anything supporting clearnet exit nodes like TOR), which again comes with its own benefits and downsides.

The nature of the forum, as long one sticks to the rules, does, IMO, not call for any advanced security features.