SummitPost.org

The PM system uses the phpbb pm system which I can't tell if it was updated to version 3 like the forums or if it's still version 2. I'm pretty sure the red titled admins cannot go up to your profile and straight up check your pms. Unless Josh modded up the private message system to be able to do that.

Unless they were this guy:

Thank you for the explanation Matt.

Matt: it is wrongheaded programming to make people clear their browser's cache to fix a webpage formatting problem that keeps recurring. It's not a rant. It's logic.

Webpage programming should be seamless to the user. A user should not have to go to his Internet Options to make certain webpages load correctly, especially ones he frequents.

Once you implement the user profile setting to turn chat off completely, hopefully this problem will become moot. So thanks for implementing that.

~~~~~~~~~~

As an aside, I've been on this site a long time and have contributed much material; so I would like to think, as a stick in the mud, that I'm a long stick...with a respectable banner waving at the top.

Montana Matt wrote:I thought everyone would know that anything they do on a server that requires information to be saved in the database would be readable by anyone with access to the database. This is true with every site you use on the web.

You have just revealed that you are true computer nerd deep into your soul. That's sweet.
No, most people wouldn't know that anything they do on a server that requires information to be saved in the database would be readable by anyone with access to the database. Most people don't have a clue as to that fact. Most people don't even know there's a database involved.
It might seem logical to a person who works with computers and databases etc, that other people would logically deduce it, but alas, I think that's very far from the truth. The interface is all there is.
Like a wall in a building. If you know what's in a wall, it's easy. To other's it's just the wall.



The difference between red and green.

This is probably meaningless and nobody would even care, nor do I really. But, when you click on a profile it shows "last active" and the date is given. If they are currently logged in we would likely know that. But it might be interesting to know the last active prior to that date. I know who cares.

Matt,

It is not obvious to most people that chat messages would be saved at all. (It is of course rather foolish to assume that nobody is listening to and/or recording anything one does unencrypted on the Internet, but it does make a difference to some of us to know whether an indefinite record is being made *routinely*.)

Regardless, I think SP's features have run ahead of the terms of use , FAQ, etc. It is best if privacy-related info is clearly and officially stated in a single authoritative, easy-to-find place.

--
Those of you worried about whether Matt can see your chats should worry more about whether anybody can access your account and pretend to be you. I haven't tried to do that, but if the ease with which I can fake a vote (by anybody, on any object) is any indication, SP was not built with security in mind.

Well first off I'll bet there was no disclaimer because people would freak out thinking "Oh I'm going to be spied on" which Matt does not have the time even if he was a spy.

Do you see other sites have it in there terms of service? Whether it be facebook, gmail, ymail, youtube, or what ever, the info you post is stored in the database and site owners have access to that kind of stuff. So always make that an expectation for any site!

I agree with narteb's post and think it would be a good idea to put all this information on chats/PMs in a spot where most members can find it. Just so everyone has the same story

nartreb wrote:Those of you worried about whether Matt can see your chats should worry more about whether anybody can access your account and pretend to be you. I haven't tried to do that, but if the ease with which I can fake a vote (by anybody, on any object) is any indication, SP was not built with security in mind.

Wait... What!!!

OK- I don't mean to be suspicious, but this surprises me. You have a nice profile photo... I'd like to give it a 10, but it is late. Will you do it for me?

Only admins and above can do that kind of stuff. And trust me I've had my account taken over (in the past) by admins before so I know quite well how the system works. If your talking about hacks, well why hack a user when you can hack an admin. Ok not likely, but my point is on any given site admins can take over your account if they want to. This is not uncommon for websites to be able to do this kind of stuff folks.

As for SP with security, the voting system has an extreme lack of security, I know about a million ways to cheat the system but your not going to see me do it! So I have yet to see summitpost hacked, so I think they got decent security here.

So why do you say "I'd like to give it a 10, but it is late. Will you do it for me?". It's not possible for a non admin to do that.

As for the info on chat/pm's, I guess I could understand the chat one because Matt has easy access and can see the last 10 chats, but not so much on pm's. If you want to go that far, there might as well be a disclaimer on the profile saying "Note: Site owners can view your password inside the database, you have been warned". I'm not actually suggesting that be done, but I'll bet the database is rarley visited by the site owners (although Matt might for updating stuff). But as I said I guess I understand for the chat part because that can be seen without even looking inside the database.

Josh Lewis wrote:So why do you say "I'd like to give it a 10, but it is late. Will you do it for me?". It's not possible for a non admin to do that.

That is the whole point Josh. Nartreb says he can do it, and he is not an admin. I am giving him my permission to prove he can do it with my account on his profile photo, so he won't get into any trouble if he does.

As surprising as his post is, I'm assuming it has a touch more credibility than yours.

Josh Lewis wrote:I know about a million ways to cheat the system

List just 40 of them...

Ok when I said million, I meant more like a lot!
Well I don't want to give the people on here with lots of "power" ideas. First off with photo of the day you can do some pretty messed up stuff with manipulation. Also without being a powerful member there is some other stuff, in my case I voted for myself which is how I got the admins pretty steamed on that one. Also avatars is another alternative, and pm begging, and the list goes on. But the admins are pretty good about catching some of this stuff. I know of much more than no one would be able to detect but that right there is a pretty sick move for anyone to do. But I always remember this one, there is no honor in cheating! As for why I didn't explain every single move, not only did I not want the ideas out, but the admins would not be so pleased. So I see you want to hack summit post? (Just kidding... kinda)
Plus I know of some crazy codes that do some pretty weird stuff.

SP Chat, applications, chatrooms and notifications

Junk it all.
What's the logic of having a gateway to Farmville from a mountaineering site?
Who needs notifications popping up all over the place all the time, even if the messages have been checked?
Chats - aren't there enough possibilities to get in touch on the www as it is?

Thanks for spending time adding this, but in my book it's all unnecessary, pointless and out of place.

Call me a narrow-minded old-fashioned Old Fart , but I feel the same way as Corax.

Why the hell do we need a "chatting feature" on a mountaineering site ???

ALL chatting leads to is folks cheating the system, airing their dirty laundry and becoming parinoid over the way people
feel about them in their own specified "Groups."

It's all social behavior, typical of people in LOVE with themselves and the internet. Sorry, but it's NOT my glass of beer ..

Chat can be useful when planning a trip or doing a page together or whatever. Keep that one. The others.. well no.
I like the fact I get an email about having a message, the notification is just disturbing.