Removing IPs

[Arantor]

Are you also scrubbing all the logs that go with it like the system access log (which ALSO records IP addresses and the times of posts, which could be used to tie them together)?

[Sir Osis of Liver]

Haven't gotten that far yet, but thanks for the info.

Will be looking for a way to auto-delete PMs after they're read, so they don't remain in the database.

[Arantor]

How about just building something to do this without trying to fix all the edge cases of doing this in SMF?

[Sir Osis of Liver]

Well, it started as a question from one of the forums I take care of, and some bits of it are fairly simple.  Building a secure messaging system from scratch is several levels above my coding skills (at least).

There's also the problem that if it's US based, it's subject to being squeezed by govt goons.  A couple of for-profit secure email services recently shut down and wiped their databases after the feds went after one of them.  Last I read, the guy's still in and out of court.  A modified forum would be less likely to attract unwanted attention.

[Arantor]

Building the system you're proposing is several orders of magnitude down from secure in the first place.

Unless you have SSL on the server, the entire concept is a waste of time before you start because the entirety of traffic is unencrypted. The only thing that won't be is the user's password which is encrypted whenever a user logs in, but that's it.

Then you have all the logs of ISPs, connecting between a given server and endpoints. If the Feds really wanted to chase down posts, they would be able to chase down anyone using domestic broadband connections, things like Tor excepting (and there's no guarantee that Tor hasn't been infiltrated too)

Also note that a commercial VPN provider has also closed its doors now too.

[Sir Osis of Liver]

Ok, been tinkering with this and kicking around ideas with the forum owner, and am taking a step back to the original idea of modifying the PM setup to be more anonymous and secure.  There are some simple things I can do, and some that I can't.

Can do:  Prevent SMF from saving member IPs and email addresses to database, or displaying them anywhere on the forum.  Should be no way to identify or track a member from forum info.

Can't do:  Scrub system access logs.  This appears to be host dependent.  I can get to 30 days of log files on my host, but am blocked from accessing them on other hosts.

What we'd like to be able to do is modify the PMs so that outgoing are not saved (easy enough), and incoming are auto-deleted after being read once (not so easy).  The basic goal is to have a messaging system that doesn't accumulate messages in the database, so there's nothing to see if anyone grabs it.  The theory is that the govt is collecting massive amounts of data, then running search algorithms (similar to what Google uses on gmail) that search the data for keywords (Allahu Akbar!), IPs from target countries, emails from target servers, that sort of thing.  If PMs are in the forum database just until they're read, there won't be much of anything to attract attention or search through.

That's the theory, anyway.  (Paranoids are such interesting people.)

[Arantor]

PMs so that outgoing are not saved (easy enough)

O RLY. The total difference of this is changing a number from 1 to 0 in the database. Literally that's all it is.

and incoming are auto-deleted after being read once (not so easy)

Not even remotely. You need to ensure that every recipient has read it before you can actually delete it. PMs are stored once per message with a list of recipients being separate.


I won't get involved on this topic again. One thought I will leave you with: the terrorists have already won. All the time people act out of fear of some unspeakable thing happening with ever more elaborate methodologies to prevent it, they don't even have to act, because the culture of fear breeds itself.

If you're afraid of the Orwellian Nightmare, there's a better answer. Don't be like the Orwellian Nightmare. You have an option to fight back by way of what Aldous Huxley spoke of in Brave New World. Instead of having little communication and that being tracked, have so much more information and assume it's all tracked. Hide it in plain sight... give them so much information they can't possibly wade through it all. Just a thought.

[Sir Osis of Liver]

On a typical day in the US, many more people die in auto accidents than have been killed here by terrorists in the past ten years.  There is a growing sentiment in this country that terrorism is a straw man the government has used with considerable success over the past decade to intrude into citizens' lives and erode their basic rights.  I don't entirely disagree with this arguement, but it disregards the most basic principle of our form of government:

"The best thing about democracy is that the people get exactly the type of government they deserve.  That's also the worst thing."