As addendum…

I can, of course, only speak for the site on which I have admin access. Things may be set up slightly differently here, but out of the box all a moderator has to do is look at the user’s profile and hit Reveal Email, which is then logged to the action log for accountability. But like I said, that could be down to a settings difference between the two sites… I have no real way of telling , but I also have no real reason to not trust @Foresthillnick when he says they have no access!

Does the ‘action log’ include actions taken by admin users - such as accessing PMs?
If this was logged I would feel much more comfortable that moderators would be able to vouch for the safety of our private messages.

Again, only speaking to my own experience (other experiences are available) yes, accessing PMs is an event that is logged in the action log:

image515×607 35.9 KB

I am making some basic assumptions here but I would say that could only be true providing the forum software is being used. You really do need to trust the SysAdmin.

Absolutely correct, but unfortunately as I mentioned above I have no experience of Discourse from a sysadmin point of view, so cannot say what sort of state the database might be in.

That said, always assume everything you write is viewable by someone, somewhere. Even if you think it’s private.

https://www.se23.com/forum/showthread.php?tid=14095&pid=78836#pid78836

I see that Chris is now emailing other forums threatening legal action. This bodes poorly for the future of the .life forum.

I think an assumption of privacy maybe misplaced, bit specifically here, but in general. I don’t recall other sites or services placing such warnings prominently either (I guess they might be buried in terms of service, but given how Google, Facebook etc… make business out of processing user data, it’s more likely to detail rights of 3rd parties to you data). I guess this is, in part, some of the aims of the GDPR - to form at least some regulation on what is fair use of personal data where companies have failed to self-regulate

Also while encrypting passwords is common and expected, encrypting content is much more techincally difficult and expensive. For example, encrypted data cannot be simply searched or indexed, and properly encrypted content cannot later be compressed either. There is also a computational cost to encryption and decryption.

Finally, encrypting general content securely is difficult as the server would need constant access to the key, and so unless special measures are taken, the key and encrypted data end up in the same place anyway. Password storage differs because the user supplies the password when needed (or rather some transformed version of it which can be used to check it is correct without knowing or storing what it is).

Either way, we have to trust site owners proportionally to the sensitivity of information we place on them. I understand how the FlavaBaker episode has lead some users to question this relationship.

Quite. So how to go about getting a new site owner? The only alternative is to find another site which can be trusted.

Well before we jump to that conclusion we have an opportunity to find out whether the site owner can at least be trusted with our private messages. From what i understand moderators can look at the logs and see if the owner has accessed any PMs. Personally i doubt it but i have spoken to a few people who don’t share my view. If the @moderators could check the logs they will be able to tell users how secure their private messages have been, and they will be able to monitor such actions in the future to confirm that no such security breach takes place.

If there has been access to private messages then i hope moderators will be able to tell us at least the number of occasions and possibly write via email to individuals who may have been impacted.

Personally I wouldn’t trust anything the admin on .com says from past experience not just by myself but many others I know about too.

So I would take that with a pinch of salt.

The admin of .com has had many sockpuppet accounts via his own and other forums.

My point was that checking the forum software logs will not determine that.

You are right. It wouldn’t prove anything because it can be really hard to prove innocence, but I’m sure moderators will want to take a look to see if there is a ‘smoking gun’.

Does anyone with the tech knowledge know if we leave the site what happens to our details eg ip addressses and PMs where we may have shared more details about our lifes than we would online. Will they be deleted or will chris beach still be able to see them as the admin and owner? Sorry if that has been answered before. thanks

Thanks but can Chris as the owner?

Who would want that job?

Firstly, I guess as site owner/admin you get to worry about keeping the site running, paying bills, any legal issues that may arise e.g. for disputed or illegal content which maybe posted at any time of day and need prompt attention (I’m thinking pornography, hate-speech and such, but it could be as simple as copyright infringement). Making a site more authoritarian, with trust levels or similar, may help guard against some problems, but at the same time put off new users. Similarly you could enable advertising on the site to help with costs (Discourse supports Adwords and such), but that maybe unattractive to people, demonised as monetising the community or create pressure to drive page views with click-bait articles.

We can also look back to quote a now infamous article for a flavour of what the job may entail:

“A small minority of people really can affect a big group quickly, which is why I tend to get rid of the people who are abusive fairly quickly. In turn, I get an awful lot of abuse.”

He describes being cyber-stalked and threatened by people who have disagreed with his decisions.

“The worst part about that is that some people will say, ‘It serves you right’, which is upsetting.”

We only have to look across to other forums or Twitter to see the scorn being poured on Chris at present, justified or not, both factual and fanciful, but with a few exceptions, generally far from helpful. Sadly the scorn doesn’t stop at @anon5422159 - the se23.life @moderators have been the target of unnecessary public comment and vitriol as they try and build things back up again too.

And I myself have also noticed passing comments from those forums addressing my account (though not by name - yet!), and I have been privately accused of being a sock puppet, and been blocked on Twitter by multiple people I liked to follow. This, I guess, was just for posting and continuing to support se23.life and not condemning Chris.

Sadly I probably have the technical skills and resources to setup or support a forum styled like se23.life, or se23.life itself. But I also have a family and day job and have no desire to put myself in the firing line of what I see here in the wider community, mainly from outside se23.life at least.

Through all of this I still respect Chris and his team greatly for building something worthy here. I’m not endorsing FlavaBaker, but it’s a magnitude harder to build something than it is to knock it down.

(I’m also very glad I use a pseudonym…)

There appears to be some belief that if one does it, it is okay for the other to do it. This behaviour is never okay despite the reasons behind it. Personally my trust is so withered I don’t know who is or isn’t a sock puppet. I see shadows everywhere and it’s not a very good place to be.

This latest episode should never have been public. If there is a police investigation then the police are unlikely to overlook the vigilante justice sought which kicked this current episode off in the first place. This should have been a private affair, but both parties ensured it became very public. And in the case of one engaged this Forum in the process, and through engagement of associated forums, and official forum twitter accounts, a much wider social media audience.

As Londondrz previously noted, if there is a police investigation by one of the other than that is there business. But how the Forum and it’s membership were made a party to it very much a public affair. And it would seem this incident has triggered a number of other members current and past to come forward with other nefarious tales. One could argue that what the admin does off the site is his own business. But there stand many anecdotes with evidence where this admin has engaged dot life accounts in making personal attacks on individuals and other forums. Whether his reasons were valid or not, he did so as a representative of the dot life community, with the good will of that community behind it.

Flavabaker is only symptomatic of a bigger issue. If there exists the complaint which has been claimed I sincerely hope the police will ignore it. There’s been a lot of discussion on this site of what constitutes a waste of police time. My god… how can this be more important.

I applaud your comment here and sincerely hope you enjoyed the rest of Sunday. But given we agree the police matter is private, what fault were you thinking of?

As a bit of background, when I signed on as a moderator here, it was to help housekeep a community forum that I’d found a valuable local resource. As a group, we’d challenge decisions (sometimes in the background), vote on actions and I’m confident that we made the right calls; Chris certainly didn’t always get his own way.

I’ve been away over recent weeks and I’m not going to wade into the rights and wrongs of the recent drama; I suspect there are very few who could genuinely cast that first stone. From a personal viewpoint, I still believe there’s a need for a local forum which is why I’m still on the mod team. I’d like my role to go back to one where my primary prop is a brush to tidy up rather than a blue beret!

Partly because of my preferred role well outside of the previous Politics forum, I’ve only really used the basics of the Discourse software. However, after Michael’s question and @promofaux 's post , I’ve learned something new. I’ve found the logs, I’ve searched for the read private messages (from the team rather than individuals) and there are no results for that particular topic. I’m posting a screenshot so that you, and everyone else can see that result. I hope that reassures.

fullsizeoutput_53e11125×2436 152 KB

I don’t think anyone’s health could not be compromised by the kind of vitriol endured by Chris and I hope those responsible realise this and take responsibility for the consequences of their actions. I am not referring to those who have responded constructively with genuine concerns.
This has gone on long enough. Chris is the owner, and as such, what he does with the site must be entirely his decision. Time to leave Chris and the moderators in peace so that they have the space they need to find a way forward.

Thanks @topofthehill

We agree and as such have opted to close the thread - more information /se23.life/t/a-message-from-the-moderators/12675