What happened to the Messenger Plus! forums on msghelp.net?
Shoutbox » MsgHelp Archive » General » General Chit Chat » Privacy Issue - regarding @msgplus.net emails!

Pages: (3): « First [ 1 ] 2 3 » Last »
Privacy Issue - regarding @msgplus.net emails!
Author: Message:
EvilSeph
Veteran Member
*****


Posts: 1717
Reputation: 37
– / Male / –
Joined: Oct 2002
O.P. Dodgy  Privacy Issue - regarding @msgplus.net emails!
Where has our privacy wandered off to?

Well well well, I've just learnt something that really ticks me off. My privacy has been violated. I know I get what I paid for but this is COMPLETELY ridiculous. I for one am disappointed in the lack of care taken to secure my @msgplus.net account password. I wouldn't mind if it were forum staff or people I know and trust that moderate the accounts but lettings someone, whom I DON'T TRUST moderate the accounts isn't what I call respecting my privacy. Now that may not be as bad as it seems but combine that with plain text password storage...and there goes my privacy completely. Now what if I used the same password everywhere? "universally" so to speak? There's a possiblity all those accounts could be lost, thankfully all those accounts I have each have a different password. But this isn't really about me it's about everyone. Everyone and everyone's privacy. Now I understand if you've used the same password for everything and I wouldn't call you foolish for doing so..because I'd do the same too as I really trusted the services this community has to offer, but not anymore.. Any trust I have for the services this community provides have been reduced to little to nothing now. I'm not happy about XxRebelSeanxX having access to my plain-text-stored passwords and I don't think other people are happy too. I have nothing against RebelSean, I just don't trust him. For things he's done in the past and for other reasons too. If only you had asked the users for their opinion on who should be allowed to moderate our accounts..then this wouldn't have happened... The fact that RebelSean, someone I really DO NOT TRUST has full access to my password (which, I must emphasise is STORED IN PLAIN TEXT) isn't the only thing that pissed me off, as you've probably already guessed. Why, oh why, are our passwords being stored in plain text in the first place? Why, oh why, are people whom you don't even know being given access to your possessions without your permission? Don't answer that, there's no excuse for recklessness or laziness.

*takes a deep breath*

I don't know why RebelSean has access to moderate our accounts, MY ACCOUNT especially, and I don't know why he was chosen instead of a forum staff member whom we all probably trust..but I hope this get's rectified immediately even if I probably won't be using any services this community offers until I'm well aware of how secure it is and how well thought over the data storage scheme is. I may sound demanding, but hey, I'm pissed off. You just took away my privacy, one of the things that's truly mine. One of the things I thought was safe when I signed up for a(n) @msgplus.net email. Please reconsider your password storage solutions and please, please, PLEASE don't go giving out access to random people that you trust, but we don't. I don't care if your opinion counts the most, we're the ones using the service and sorry if I sound harsh but, if I can't place my trust in your hands, and expect that my voice will be heard and my opinions considered then I don't think I want to utilise the services you offer. That's how it goes, you've given someone I don't trust access to my password (which I once again stress is NOT encrypted) and as a result you've thrown my trust out the window as if it was nothing.

*tries to calm down*

Well, if people like RebelSean can get access, _so easily_, to my passwords then who knows who else can go about doing so too? All I have to end in saying is that you've successfully lost my trust. From now on I'll think it over really hard when you guys offer services to us. Free or not, this is utter bullshit. This is COMPLETELY unacceptable.

-EvilSeph


johnny: removed ALL CAPS from title.

This post was edited on 08-10-2004 at 11:32 PM by Johnny_Mac.
08-10-2004 10:59 PM
Profile PM Find Quote Report
SonicBoom
Full Member
***


Posts: 136
37 / Male / –
Joined: Nov 2002
Status: Away
RE: PRIVACY ISSUE regarding @msgplus.net emails!
quote:
RE: Emails @msgplus.net available again!
In reference to a number of concerns regarding the "help" activating accounts, I have gone back to activating them myself.

Just to address one of the concerns, plaintext passwords are not available on existing accounts, only new signup requests.  If you would like however, you may change your password by submitting a request to rbewley@eq-sys.com, and your password will be changed per request.

I apologize for any confusion and hope that everyone finds this solution suitable.

Thank you,
SonicBoom

Equinox Development - Beyond the Horizon

Website: http://www.eq-dev.com/
Contact: support@eq-sys.com
08-10-2004 11:03 PM
Profile E-Mail PM Web Find Quote Report
Dane
Non-Elite Member
*****

Avatar
Dont ask to ask, just ASK!

Posts: 1621
Reputation: 52
35 / Male / Flag
Joined: Dec 2002
Status: Away
RE: PRIVACY ISSUE regarding @msgplus.net emails!
I completely agree with you EvilSeph.  XxRebelSeanxX is the worst candidate ever to get this option.  There are people that have been at these forums far longer and are far more trusted to do this job.

This was a fast decision and the person given these powers wasnt looked into.  I agree with you, I will now be reconsidering what MsgPlus services I use if any new ones come out.
08-10-2004 11:05 PM
Profile PM Web Find Quote Report
EvilSeph
Veteran Member
*****


Posts: 1717
Reputation: 37
– / Male / –
Joined: Oct 2002
O.P. RE: PRIVACY ISSUE regarding @msgplus.net emails!
Alright, however I still don't understand how and why anyone that doesn't already have access/had access to the old system could so easily get access to our accounts, with our passwords.

Sorry if I really sound rude, or unappreciative, I'm not doing it on purpose, this just makes me angry :s...
08-10-2004 11:08 PM
Profile PM Find Quote Report
jren207
Senior Member
****

Avatar
JR! - We <3 Fanta

Posts: 870
Reputation: 28
35 / Male / –
Joined: Sep 2003
RE: PRIVACY ISSUE regarding @msgplus.net emails!
shouldn't the passwords be encrypted using MD5?? etc.
08-10-2004 11:10 PM
Profile E-Mail PM Web Find Quote Report
SonicBoom
Full Member
***


Posts: 136
37 / Male / –
Joined: Nov 2002
Status: Away
RE: PRIVACY ISSUE regarding @msgplus.net emails!
To address another concern, passwords are not stored on the mailserver in plaintext.  I could not even extract them.  I also keep a mysql version as a backup (and in case we ever changed mailservers or the like) where passwords are stored in plaintext.  Nobody except myself has access to this.

[EDIT] Also, the moderation script does not access this database, and cannot pull plaintext passwords.

SonicBoom

This post was edited on 08-10-2004 at 11:12 PM by SonicBoom.
Equinox Development - Beyond the Horizon

Website: http://www.eq-dev.com/
Contact: support@eq-sys.com
08-10-2004 11:10 PM
Profile E-Mail PM Web Find Quote Report
Concord Dawn
Veteran Member
*****

Avatar
This is a loopy fruit.

Posts: 1203
Reputation: 16
34 / Male / –
Joined: Feb 2004
RE: PRIVACY ISSUE regarding @msgplus.net emails!
OK. I have a problem with this. I'm sure that he won't do anything stupid unless provoked, but that's hard not to do. He is known to be quick to anger. I don't like the idea that he has access to ALL PASSWORDS in plaintext. I request either a GROUP of people be instated or encryption to the passwords be used. I will definetly not be using an @msgplus.net account in the near future.
[Image: 7.png]
08-10-2004 11:12 PM
Profile E-Mail PM Find Quote Report
RebelSean
Veteran Member
*****

Avatar
Microsoft Evangelist

Posts: 2602
Reputation: 59
34 / Male / Flag
Joined: May 2004
Status: Away
RE: PRIVACY ISSUE regarding @msgplus.net emails!
Sorry if I caused anyone any trouble. I never knew that anyone would have a problem with this. Tbh, even if I did know your password, it don't make a difference. SonicBoom trusted me in doing this, and I have done nothing wrong. Not sayin you hav accused me for doing wrong but I didn't. Now, I will not be helping SonicBoom with activating the accounts.The ony reason I have asked him for me to help out with this, is because he got so behind, so I thought that he could use some help. Now this said, I don't think it is a real problem as for I am not immature as for going out with anyones passwords and doing immature things with them, like Seany did on IRC. I am not that immature and I would never do that. I am not that rude and mean. As SonicBoom said the passwords are no longer stored in plaintext.

Sorry I caused you all trouble again.:),



Sean.
I'm on: Twitter, Facebook, and Neowin
08-10-2004 11:14 PM
Profile PM Web Find Quote Report
EvilSeph
Veteran Member
*****


Posts: 1717
Reputation: 37
– / Male / –
Joined: Oct 2002
O.P. RE: PRIVACY ISSUE regarding @msgplus.net emails!
Well SB, I apologise if I'm wrong, but I was informed otherwise..

^^

Edit: Well, that tells me they were, which I'm glad has changed. But I'm still going to be cautious.

This post was edited on 08-10-2004 at 11:16 PM by EvilSeph.
08-10-2004 11:14 PM
Profile PM Find Quote Report
marissa
Veteran Member
*****

Avatar
ahaha

Posts: 1191
Reputation: 66
35 / Female / –
Joined: Mar 2004
RE: PRIVACY ISSUE regarding @msgplus.net emails!
quote:
Originally posted by XxRebelSeanxX
Sorry if I caused anyone any trouble. I never knew that anyone would have a problem with this. Tbh, even if I did know your password, it don't make a difference. SonicBoom trusted me in doing this, and I have done nothing wrong. Not sayin you hav accused me for doing wrong but I didn't. Now, I will not be helping SonicBoom with activating the accounts.The ony reason I have asked him for me to help out with this, is because he got so behind, so I thought that he could use some help. Now this said, I don't think it is a real problem as for I am not immature as for going out with anyones passwords and doing immature things with them, like Seany did on IRC. I am not that immature and I would never do that. I am not that rude and mean. As SonicBoom said the passwords are no longer stored in plaintext.

Sorry I caused you all trouble again.:),



Sean.



Sonicboom trusting you is a whole different story, the point of evilseph writing that was to say that more than half the people on these forums dont trust you, and probably dont trust a lot of people with things such as passwords, as evilseph said, they could use the same passowrd for everything. Say once on IRC, if someone kicks you, you could easily get pissed off and close the account, or do stupid things to it.  And um, if you're helping out, wanna tell me why my 2 week over due mail hasnt came?:D
08-10-2004 11:19 PM
Profile PM Find Quote Report
Pages: (3): « First [ 1 ] 2 3 » Last »
« Next Oldest Return to Top Next Newest »


Threaded Mode | Linear Mode
View a Printable Version
Send this Thread to a Friend
Subscribe | Add to Favorites
Rate This Thread:

Forum Jump:

Forum Rules:
You cannot post new threads
You cannot post replies
You cannot post attachments
You can edit your posts
HTML is Off
myCode is On
Smilies are On
[img] Code is On