RE: No site security concerns in real life

RE: No site security concerns in real life (Full Version)

All Forums >> [Casual Banter] >> Off the Grid

Message

crumpets -> RE: No site security concerns in real life (1/24/2016 1:12:24 PM)
quote: ORIGINAL: angelikaJ And what does that have to do with anything having to do with the OP? ...And why would anyone have an interest in who you have chosen to put on hide? Simply because I respond to everyone who deserves a response, and even they who are on HIDE deserve a response (which is to explain why their comments aren't responded to). That you fail to understand this most basic of logic scares me. Do you vote? (HINT: I certainly hope not.)

Spiritedsub2 -> RE: No site security concerns in real life (1/24/2016 1:23:42 PM)
quote: ORIGINAL: stef quote: ORIGINAL: Spiritedsub2 Stef and I ARE the same person! I knew someone would finally figure that out [sm=banana.gif] Except she's a lot funnier than me. How can I be funnier than myself??? Well we are. Don't ask me how; that's just a technicality [sm=dance-smiley03.gif]

crumpets -> RE: No site security concerns in real life (1/24/2016 1:36:28 PM)
quote: ORIGINAL: mousekabob I'll make it simple for ya. Don't post what you don't want others to see or read. Kapich?? I find it utterly hilarious that you can't even spell the simplest of words. Hai capito? That you inform the entire world that you're an idiot is astoundingly open of you. Given your total lack of intelligence, are you really sure you want even the public stuff on this web site about you known to the world? Tu capisci?

angelikaJ -> RE: No site security concerns in real life (1/24/2016 1:37:21 PM)
quote: ORIGINAL: crumpets quote: ORIGINAL: angelikaJ And what does that have to do with anything having to do with the OP? ...And why would anyone have an interest in who you have chosen to put on hide? Simply because I respond to everyone who deserves a response, and even they who are on HIDE deserve a response (which is to explain why their comments aren't responded to). That you fail to understand this most basic of logic scares me. Do you vote? (HINT: I certainly hope not.) Excuse me, I don't know who pissed in your cheerios but having a complex disorder of brain development does not give you the right to post personal attacks. You were explaining why you were not responding to posters on hide by posting who they were and making derogatory remarks? That is not offering a response. It is cloaking a personal attack.

stef -> RE: No site security concerns in real life (1/24/2016 1:38:06 PM)
quote: ORIGINAL: crumpets That this site has absolutely no security, not even the bare-bones basics, should give anyone cause for concern who knows anything about security & privacy. It has the same "bare-bones basics" level of security that the majority of sites that don't store personal information use. You can bold your claim or make it different colors but the fact of the matter is that you're just plain wrong. If the site doesn't require and doesn't store personal info, then no other security is required. Would it be nice if they offered more security? Yup. Is the fact that they don't offer more security worthy of all of your tantrums and hysterics? Nope.

mousekabob -> RE: No site security concerns in real life (1/24/2016 1:44:24 PM)
nevermind, not worth the effort. Small minds and all.

freedomdwarf1 -> RE: No site security concerns in real life (1/24/2016 2:08:09 PM)
And you can't get any smaller than his.[:)]

LadyPact -> RE: No site security concerns in real life (1/24/2016 4:27:49 PM)
Hey, crumpets... Let's be nice to the mouse. quote: ORIGINAL: Wayward5oul quote: ORIGINAL: mousekabob Even if you had their password, what exactly would you find? This site doesn't ask for your real name, ssn or much of anything else except your email address. What info are you exactly gonna get?? Their kink preferences? LOL That's why I am wondering about. There is nothing in my private messages or forum posts that reveal any more info than what I am ready willing to give. I gave no personal details when I registered, so there are no tidbits of info that someone could get that would 'out' me or even interest anyone. I am curious as to why there is so much hubbub. I highlighted the above because that would be how this would pertain to me. More often than not, if you are planning to meet somebody, exchange phone numbers, etc, I'd suggest taking that off site. If you put it in an email here, the potential exists for Admin to access it, if you kept it, rather than deleted it. Admin has to have the ability to read emails, etc. Really, they do. They have to have that ability if there is any case where LEO is involved. They aren't supposed to be doing it for their own personal sh^ts and giggles and most of the long term members here have seen that certain former Mods did. It's not especially the signing up for this site that you have to worry about. Instead, think of everything you've ever said is a supposedly private email. Admins really do have access to that stuff.

crumpets -> RE: No site security concerns in real life (1/24/2016 4:35:11 PM)
quote: ORIGINAL: angelikaJ I don't know who pissed in your cheerios Simply because I respond to everyone who deserves a response. Some deserve praise. Others deserve ridicule. What they post determines what they deserve. The point of praise is to encourage more of the same; the point of the ridicule is to discourage more of the drivel. Back on topic, the technical concerns in this thread are: 1. Much (all?) of the profiles and forums are apparently indexed on Google (not my beef, by the way) 2. There is a supreme lack of attention to security on this site bordering on scary (this is also my beef, by the way). The solution that "I" would propose (although I'm not sure if the OP would agree) is simply to add SSL/TLS encryption (much like Craigslist does, for example, by having https://craigslist.org and http://craigslist.org at the same time). It's a simple solution. The OP proposes telling the administrators; but I don't propose that simply because they know they're lacking in basic security. I don't see how telling them makes any difference. Besides, plenty of people who posted here seem to not mind in the least that anyone near enough to intercept their WiFi signals already has their login and password if they wanted it.

Wayward5oul -> RE: No site security concerns in real life (1/24/2016 4:42:59 PM)
quote: ORIGINAL: crumpets How on earth do you vet and meet people without giving out personal information? By going to real life events. That usually works pretty well. Also, I don't meet people who have no other online presence than just this site. That's my version of security. Usually they have a Fet profile, and I direct them to mine. Same username, so no personal info exchanged.

Wayward5oul -> RE: No site security concerns in real life (1/24/2016 4:50:37 PM)
quote: ORIGINAL: crumpets quote: ORIGINAL: angelikaJ And what does that have to do with anything having to do with the OP? ...And why would anyone have an interest in who you have chosen to put on hide? Simply because I respond to everyone who deserves a response, and even they who are on HIDE deserve a response (which is to explain why their comments aren't responded to). That you fail to understand this most basic of logic scares me. Do you vote? (HINT: I certainly hope not.) Actually, back when this place was actually moderated, there was a poster who would respond to other posters he had on hide, by doing it through posters that quoted them. A mod came on and reminded everyone that it was against ToS to respond to posts of people you have hidden. Make up your mind. Either you want to communicate with them or not.

crumpets -> RE: No site security concerns in real life (1/24/2016 4:56:19 PM)
quote: ORIGINAL: LadyPact There is nothing in my private messages or forum posts that reveal any more info than what I am ready willing to give. Like I said, there are always (at least) two kinds of people: 1. People who don't mind EVERYTHING they typed into collarspace mails being made public, and, 2. People who would mind everything they typed into their collarspace mails being made public. BTW, this includes people who are two-timing, and people who are married, and people who tell someone they have Herpes or HIV, and people who tell one person they're gay while they tell the other that they're heterosexual, etc. Everything is everything. Once they have your password (and, trust us, they have your password if they want to just look for it), then they have EVERYTHING (within the past year, anyway). quote: ORIGINAL: LadyPact I highlighted the above because that would be how this would pertain to me. I can't speak for the OP, but "my" issue isn't the personal details of the initial login. Mine would be the fact that ALL MY MAILS are open game for ANYONE who wants them (who knows how to get them). That's anyone in the library or Starbucks within WiFi distance, anyone at my ISP at home, anyone in the house who wants my password, anyone on any server that the port 80 http connection goes through (which can be a dozen or more servers - just do a traceroute for an idea of how many hops it takes to get from your computer to the collarspace server and back). quote: ORIGINAL: LadyPact More often than not, if you are planning to meet somebody, exchange phone numbers, etc, I'd suggest taking that off site. If you put it in an email here, the potential exists for Admin to access it, if you kept it, rather than deleted it. I see this as the chicken-and-the-egg problem. You rarely have to prove you're a female, but, a guy would want to be sure he's talking to a female before he bothers to meet "her". And, a woman might need the guy to prove he's not overweight or not bald or that he really does have that Clark Gable look. Most women would like the security of a guy who gives his real name, and maybe his real phone number, wouldn't they? I know I'd like that. How does anyone give ANY of this reasonably necessary information out without putting it in the Collarspace mail? quote: ORIGINAL: LadyPact Admin has to have the ability to read emails, etc. Really, they do. They have to have that ability if there is any case where LEO is involved. They aren't supposed to be doing it for their own personal sh^ts and giggles and most of the long term members here have seen that certain former Mods did. I don't think this is the issue that the OP brought up though. Certainly it can happen - but - really - it can and will happen with or without https SSL/TLS encryption. So, correct me if I'm wrong, but, snooping by those on Collarspace/Collarchat who have root privileges isn't at all the issue being discussed here that was brought up by the OP. quote: ORIGINAL: LadyPact It's not especially the signing up for this site that you have to worry about. Instead, think of everything you've ever said is a supposedly private email. Admins really do have access to that stuff. Again, the issue that the OP brought up seems to be: Google indexes (apparently) all the profiles and collarchat discussions (this is not my beef, btw) Your Collarspace/Collarchat login/password is easily compromised (almost certainly already IS compromised), if you've ever logged in from a non-encrypted access point or if you've logged in from home on an ethernet connection, or if anyone anywhere along the chain from your modem to the collarme/collarchat site, including the ISP, feels like looking at your login/password which are all transmitted in the clear, clear across the Internet!

Wayward5oul -> RE: No site security concerns in real life (1/24/2016 4:56:52 PM)
quote: ORIGINAL: crumpets That this site has absolutely no security, not even the bare-bones basics, should give anyone cause for concern who knows anything about security & privacy. If I was as concerned about this as you seem to be, I just wouldn't use the site. Or I would use it as I do, meaning I take care of what I provide through the site. You sound like my nieces who posted something on Facebook that they should not have. A family friend saw it, and told their mother. When they got in trouble, their response was 'that was their private stuff and that adult had no business looking at it'. Never mind that they had friended that adult, so they could see anything the girls posted. Its adorable that you still think there is such a thing as privacy on the Internet.

Wayward5oul -> RE: No site security concerns in real life (1/24/2016 5:02:48 PM)
quote: ORIGINAL: crumpets The OP proposes telling the administrators; but I don't propose that simply because they know they're lacking in basic security. I don't see how telling them makes any difference. Well if you know this, why do you rant on about it the way that you do?

crumpets -> RE: No site security concerns in real life (1/24/2016 5:04:58 PM)
quote: ORIGINAL: Wayward5oul By going to real life events. That usually works pretty well. That works, but it won't work for everyone unless you assume that NOBODY actually meets ANYONE here through JUST the Collarspace profiles. (We all know that's patently false.) quote: ORIGINAL: Wayward5oul Also, I don't meet people who have no other online presence than just this site. That's my version of security. Usually they have a Fet profile, and I direct them to mine. Same username, so no personal info exchanged. That works for you, but PLENTY of people don't have a fetlife account and just as many have a different account on Fetlife (I know I do, for example), so, while it works for some, it certainly doesn't work for others. I've met a handful of people here, and ALL of them asked for my phone number first. What am I gonna give them? Your phone number? No way. I have to give them MY phone number if that's what they want. Or, I have to give them MY email address, if that's what they would like. Or I even have to give them MY home address, if we're gonna meet at home (I've done that). And of course, MY real name (which also I give to people who ask). And MY picture, of course (I don't even know what YOU look like, but I can't get away with giving them YOUR picture and still meeting them, can I?) etc. Logically, unless you meet sight unseen with absolutely no communication outside of Collarspace, you have to transmit SOME private information to meet with QUALITY PEOPLE (I'm sure hookers don't care all that much) And, let's not forget that once someone has your login and password, which, you can assume they have already, then they know WHOM you're conversing with. Do you really want person1 to know you're also talking to person2 and that you told person3 that you lived alone yet you told person4 that you lived with your mom?

crumpets -> RE: No site security concerns in real life (1/24/2016 5:09:50 PM)
quote: ORIGINAL: Wayward5oul Well if you know this, why do you rant on about it the way that you do? Oh wow. Just wow. How can you be that dense? Did you read NOTHING whatsoever in this thread? Didn't I long ago already explain that we want to help the USERS multiple times early on in this thread? How did you miss that? Don't you know that I have created multiple threads in the perv-to-perv section trying to HELP people UNDERSTAND issues and how to protect themselves on Collarspace/Collarchat? Given that question, I have to just say Wow. Why do I bother even responding to you if you don't even get it that I'm trying to HELP the users who want to help themselves to knowledge? Can you be so dense as to ask that question? Wow. Do you vote?

mousekabob -> RE: No site security concerns in real life (1/24/2016 5:15:13 PM)
or you know...you don't give them your phone number, you don't give them your home address (which just baffles me why you would) and you give a vague picture...enough for them to see enough but not enough for them to just pick you out of a crowd. And then you say "Let's meet at such and such cafe for a coffee and get to know each other. I will be wearing a black dress with a yellow handbag". You see each other, you sit down, you talk, you get to see if you have anything further and go from there. Soooo simple. Why all the personal info before you ever even meet??? Overkill and then people wonder why they get scammed, taken for a ride, hacked, etc...

crumpets -> RE: No site security concerns in real life (1/24/2016 5:20:38 PM)
quote: ORIGINAL: Wayward5oul If I was as concerned about this as you seem to be, I just wouldn't use the site. Are you new here? Do you really THINK for a moment that I have EVER logged into this site without the protection of ENCRYPTION? quote: ORIGINAL: Wayward5oul Or I would use it as I do, meaning I take care of what I provide through the site. Or use it like I do, which is to at least use ENCRYPTION every single moment that I am on this web site! NOTE: Encryption such as VPN or TOR are not perfect; but they're the best we can do since the administrators are so lax about basic privacy and security. You're utterly CRAZY if you log into this site WITHOUT encryption! quote: ORIGINAL: Wayward5oul You sound like my nieces who posted something on Facebook that they should not have. OK. That's the third time you've shown yourself to be a total idiot who has the reading comprehension of a gnat. I'm fine, since "I" use encryption. I'm trying to help the OTHERs who don't know what I know about eavesdropping on someone's cleartext communications. quote: ORIGINAL: Wayward5oul A family friend saw it, and told their mother. When they got in trouble, their response was 'that was their private stuff and that adult had no business looking at it'. Never mind that they had friended that adult, so they could see anything the girls posted. Your scenario is fine for others to be wary of. It's not at all what "I" am trying to do here (which is to EDIFY people who don't realize how lax this site is on security). I'd also like to know HOW you folks who say you can meet up with people without giving them ANY personal information do it. Sure, it works for one person (hookers, for example, who don't expect ANY personal information except your relationship to George Washington); but it certainly doesn't work for the few people that "I" meet here. quote: ORIGINAL: Wayward5oul Its adorable that you still think there is such a thing as privacy on the Internet. It's downright scary how clueless and off base you seem to be, based on what you wrote in the past few minutes (even after already having been given all the facts multiple times!). (I sure hope you don't vote. Please tell me you don't vote!)

Wayward5oul -> RE: No site security concerns in real life (1/24/2016 5:30:13 PM)
quote: ORIGINAL: crumpets That works, but it won't work for everyone unless you assume that NOBODY actually meets ANYONE here through JUST the Collarspace profiles. Good for them. They want to give out personal info? So be it. They aren't me. This is how I guard myself. I don't have to depend on someone else to keep my info secure. quote: That works for you, but PLENTY of people don't have a fetlife account and just as many have a different account on Fetlife (I know I do, for example), so, while it works for some, it certainly doesn't work for others. In this day and age, if someone has no other online presence than just this site, then that is a HUGE red flag for me. If the total of their experience within this risky lifestyle can be summed up on just this site, then they are not anyone I want to meet anyway. quote: I've met a handful of people here, and ALL of them asked for my phone number first. What am I gonna give them? Your phone number? No way. I have to give them MY phone number if that's what they want. Or, I have to give them MY email address, if that's what they would like. Or I even have to give them MY home address, if we're gonna meet at home (I've done that). And of course, MY real name (which also I give to people who ask). And MY picture, of course (I don't even know what YOU look like, but I can't get away with giving them YOUR picture and still meeting them, can I?)etc. You are assuming that you have to give them something. You don't. That's your choice to take that risk. Not mine. quote: Or I even have to give them MY home address, if we're gonna meet at home (I've done that). And you are concerned about this site letting a little info get leaked? That's where you see the risk? quote: Logically, unless you meet sight unseen with absolutely no communication outside of Collarspace, you have to transmit SOME private information to meet with QUALITY PEOPLE (I'm sure hookers don't care all that much) Logically, unless if I were so paranoid about this site, I wouldn't risk it. And QUALITY PEOPLE usually have something other than this site to communicate with their community. If they didn't, I would think twice about meeting them. quote: Do you really want person1 to know you're also talking to person2 and that you told person3 that you lived alone yet you told person4 that you lived with your mom? Well, yanno, that's not a problem if you don't lie. Just sayin'.

crumpets -> RE: No site security concerns in real life (1/24/2016 5:31:32 PM)
quote: ORIGINAL: mousekabob or you know...you don't give them your phone number, you don't give them your home address (which just baffles me why you would) and you give a vague picture...enough for them to see enough but not enough for them to just pick you out of a crowd. And then you say "Let's meet at such and such cafe for a coffee and get to know each other. I will be wearing a black dress with a yellow handbag". You see each other, you sit down, you talk, you get to see if you have anything further and go from there. Soooo simple. Why all the personal info before you ever even meet??? Overkill and then people wonder why they get scammed, taken for a ride, hacked, etc... I have met people here, mostly who contacted me first, whom I converse with almost daily. How am I gonna do that without a real phone number? (Sure, I can use Spoofcard, which I have posted about on other threads - where I can have the caller ID show up as your mother's caller ID if I wanted to - but how are they ever gonna call me back if/when I do that?) Some of the people I converse daily with are on the other side of the country, and one is on the other side of the world. Ya think I'm gonna converse with them on a frequent basis using just the collarspace mail? Sure, it CAN be done - and I'm sure it works for plenty of people - but - it won't work for quality people. Again, I'm not talking hookers. They don't care if you look like Homer Simpson. But quality people often care to find out something REAL about you. And besides, all you guys seem hung up on a SINGLE piece of data such as a personal bit of information. Remember, your ENTIRE mailbox is basically handed to anyone who wants it (because they will have your login/password). So, part of being private is all the meta information that is in your mailbox. I have very long conversations with many people here, and these conversations are private to those people. I'm sure I'm not the only one. Maybe all YOU do is textspeak but I actually write detailed emails (some folks on this very thread can attest to that fact). I'm sure there are people here who wouldn't want ALL their conversations published to the web so their moms and sisters and their priest could read them simply because the Collarspace admins are too lax to implement the most basic of security.

Page: << < prev 1 2 [3] 4 5 next > >>

Collarchat.com © 2025

Terms of Service

0.125