Customizing SMF > Mod Requests
PM protection
rmb:
I'm sorry, my english is reather poor. I hope that you'll understand me.
I belive that text in PM's in database must be encrypted. I do not heave enough knowledge or skills to make such mode, so I hope that somebody will read this message and will make such mod.
Thantos:
Would it be too much irony if I wrote this mod?
Now the questions that come to mind:
What type of encryption scheme?
Where would the key be stored?
What would the key be based off of?
What laws would impede or limit it (and yes there are laws both US and international)?
What is the average airspeed velocity of an unladen swallow?
What copyrights or patents would interfer?
Villesa:
Why would they need to be encrypted? Only site owner is able (or anyone with sql access) to read them. Are you reading your members mail? I don't know any admins who would even think of reading those. Any admin with even a little sense of honor wouldn't do it.
rmb:
--- Quote from: MikeMill on April 14, 2005, 01:47:21 AM ---Would it be too much irony if I wrote this mod?
--- End quote ---
Mike, I don't think that it would be ironic if you wrote this mode.. I belive that this will be great and also very important mode.
I'm not programer, I do not heave enough knowledge and skills, so do not ask me to answer on your questions... ;D I belive that such option was integrated in IBF (I used before SMF)
--- Quote ---Are you reading your members mail? I don't know any admins who would even think of reading those. Any admin with even a little sense of honor wouldn't do it.
--- End quote ---
I do not read members mail... My point is: if there is any chance that somebody use their privileges, close that chance! I belive that my suggestion will made SMF better, more secure and also more popular... Privacy is for me, I belive also for you all, very important value.
Thantos:
Well unfortuantly I'm not a cryptologist so I would not even attempt to write a new algorithm.
There are a bunch of problems the biggest (IMO) is the key. For those who aren't fimilar with the term, the key is what "locks" and "unlocks" the encrypted message. While an algoirthm can be open for the world to see, the key needs to be guarded.
So considering we want the messages guarded so that the admin can't read them it can't be stored on the server.
That means it'd have to be stored client side. So how will the receiver known what the key? What if they change computers?
Well you could use a public key/ private key type of deal. But what about people who don't have thier keys? How would the user be able to tell the server their private key without compromising it?
IMO there are too many "what if"s and relies heavily on intelligent users. Also there are quite a few legal ramifications to consider when dealing with encryption.
But if anyone else wants a go be my guest...
Navigation
[0] Message Index
[#] Next page
Go to full version