private messages (6 Viewers)

gray

Senior Member
Moderator
Apr 22, 2003
30,260
#4
I already asked this:

Martin said it's technically possible, which was a very smart answer, because he told me as little as he needed to in order to answer my question :)

I don't really care... why Josh? Got something to hide? :D
 

Zlatan

Senior Member
Jun 9, 2003
23,049
#7
Well, if you're planing a terrorist attack, or a deadly killing spree, or a virus attack on a major web site, Martin and the other mods would know it ;)
 

Martin

Senior Member
Dec 31, 2000
56,913
#11
Josh, I'll tell you like it is. vBulletin is a php script that uses a database backbone to handle it's data. Instead of storing all information in files on disk (like old ikonboard did), it turns out a database (which is a program especially designed to handle data storage and access efficiently) gives a big performance boost so that's what most forums use. You follow?

Now, given the nature of the admin account, which is meant to be used for adminstration of all aspects of the forum, it is effectively impossible to protect yourself as a user from an admin accessing or changing your data. For example, the password to your account is stored in the database encrypted. The algorithm is a one way encryption algorithm, which means that once something is encrypted, there's no way to get it back. What vbulletin does to check your password is that it encrypts what you type and compares it to your encryped password stored in the database. In other words, I can't look up your password if I wanted to.

BUT, none other forum data is stored encrypted. Even using a normal encryption algorithm (one where you need a password to decrypt) it would take far too long to decrypt pm messages. It would slow down the forum and cut back on the amount of traffic the forum can handle. Pms are stored in plain text.

Now, your averge vbulletin forum admin probably does not know how to access pms anyway. An admin is not meant to read pms and there is no function in vbulletin to do so. But if you know how to access the database directly (which of course I do because they teach database programming at my college), then of course you can. I don't know whether it's a common practice among admins, I really can't imagine it could be and I don't see the incentive to read people's pms anyway. But technically it is possible, yes. If you have access to the database.

++ [ originally posted by Zlatan ] ++
You know, with Erik as mod I am a bit afraid.
Don't worry, Erik don't have access to them :devil::D
 

Zlatan

Senior Member
Jun 9, 2003
23,049
#15
Hey, I might be an Al Quaeda terrorist for all you know (look at this, Al Quaeda and terrorist in the same sentence, Echalon must be working overtime :D )
 

Slagathor

Bedpan racing champion
Jul 25, 2001
22,708
#16
Nah, remember, the Americans spell it "Al Qaida" and seeing as it's typically American to assume the rest of the world is the same ... :D;)

No offence to Americans, just a lame joke based on stereotypes.
 

Slagathor

Bedpan racing champion
Jul 25, 2001
22,708
#18
And of course something this sensitive they would immediately post in this thread :howler:

Think before you post and, for god's sake, hit your caps lock a second time.
 

Users Who Are Viewing This Thread (Users: 0, Guests: 6)