[DEV] Encrypted PMs

A place for Extension Authors to post and receive feedback on Extensions still in development. No Extensions within this forum should be used within a live environment!
Get Involved
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

IMPORTANT: Extensions Development rules

IMPORTANT FOR NEEDED EVENTS!!!
If you need an event for your extension please read this for the steps to follow to request the event(s)
User avatar
david63
Registered User
Posts: 16327
Joined: Thu Dec 19, 2002 8:08 am
Location: Lancashire, UK
Name: David Wood
Contact:

Re: [DEV] Encrypted PMs

Post by david63 » Thu Jun 27, 2019 2:22 pm

fagbutlil wrote:
Thu Jun 27, 2019 2:17 pm
Why are they called PRIVATE messages when phpbb knows there not private at all ? thats another balls up from phpbb lets call them private messages knowing there not private and can be read straight out of the database :lol: they should be renamed to just Messages.
In fairness I suspect that it is historic - that was the name used at the time phpBB was developed. But as I have said elsewhere over time it has become misinterpreted.
David
Remember: You only know what you know and - you don't know what you don't know!
My CDB Contributions | How to install an extension
I will not be accepting translations for any of my extensions in Github - please post any translations in the appropriate topic.
No support requests via PM or email as they will be ignored

User avatar
Mick
Support Team Member
Support Team Member
Posts: 21320
Joined: Fri Aug 29, 2008 9:49 am
Location: Watching cricket - definitely

Re: [DEV] Encrypted PMs

Post by Mick » Thu Jun 27, 2019 2:27 pm

I would expect any software offering PM’s will store the messages in a dB and can therefore be read if you feel the need.
"The more connected we get the more alone we become" - Kyle Broflovski

User avatar
martti
Registered User
Posts: 752
Joined: Thu Jul 31, 2014 8:23 am
Location: Belgium

Re: [DEV] Encrypted PMs

Post by martti » Thu Jun 27, 2019 5:33 pm

Mick wrote:
Thu Jun 27, 2019 11:27 am
I think this is a great idea but it would be better in the core and UCP selectable. In fact it should be on by default IMHO.
I'm actually for moving the whole private messaging out of the core to extensions. People keep adding features to the core and this way the whole core became heavy, complex (not only code but also configuration options for everyone), inflexible and difficult to maintain. It would be far better if there was a general focus on how move features out of the core to extensions. Anything that is not bulletin board, like: PM, birthdays, polls, and so on. In the past this flexibility and compartmentation was not possible. That's why this we-should-add-something-new-to-core culture came to life. But with the introduction of extensions another approach could be considered.

Senky
Extension Customisations
Extension Customisations
Posts: 2124
Joined: Thu Apr 30, 2009 8:49 pm
Name: Jakub
Contact:

Re: [DEV] Encrypted PMs

Post by Senky » Fri Jun 28, 2019 6:00 am

david63 wrote:
Thu Jun 27, 2019 2:00 pm
Senky wrote:
Thu Jun 27, 2019 1:47 pm
I can't allow moderators to look at them. If every moderator owned a key for every message, it beats the whole purpose.
But moderators would only be able to read them if they were reported to them. Reporting of messages MUST remain as a feature.
This could potentially be done by adding all moderator keys to the message keyset after it was reported. Kind of a good idea. Or there is other way as proposed by Ger:
Ger wrote:
Thu Jun 27, 2019 2:06 pm
Why not simply offer the option to decrypt the PM and report it at that point? You would need a clear info message stating the PM won't be encrypted anymore once reported though.

User avatar
thecoalman
Community Team Member
Community Team Member
Posts: 3259
Joined: Wed Dec 22, 2004 3:52 am
Location: Pennsylvania, U.S.A.
Contact:

Re: [DEV] Encrypted PMs

Post by thecoalman » Fri Jun 28, 2019 1:08 pm

david63 wrote:
Tue Jun 25, 2019 2:30 pm
There is a basic flaw in that logic. If the Admin is reading the PMs then they are not going to be installing this extension.
There is no flaw. If I have this deployed I can state without question I cannot read your PM's instead of having to rely on "trust me".

User avatar
thecoalman
Community Team Member
Community Team Member
Posts: 3259
Joined: Wed Dec 22, 2004 3:52 am
Location: Pennsylvania, U.S.A.
Contact:

Re: [DEV] Encrypted PMs

Post by thecoalman » Fri Jun 28, 2019 1:27 pm

Senky wrote:
Wed Jun 26, 2019 12:13 pm
That is not ideal. The "problem" with the encrypted PMs is that when you forget your password, you won't get them back. You loose them all. So personally, I would keep most of my PMs unencrypted, but in some special cases (like sending credentials) encrypt them.
I proposed encrypting PM's in the "Ideas" forum. The one thing I suggested was adding user option for recovery through admin key.
  • Fully private, no recovery possible if you lose your password/key.
  • Fully encrypted on the server. PM's can be recovered by admin in the event you lose your password but they are also readable by admin.


I realize this would require duplicate column for storing PM's encrypted using admin key and additional processing but that would really not be a concern for me.

That said since this in an extension my biggest concern would be support going forward. This is not something you can back out of if support is dropped.

nou nou
Registered User
Posts: 328
Joined: Sat Oct 29, 2016 8:08 pm

Re: [DEV] Encrypted PMs

Post by nou nou » Fri Jun 28, 2019 4:05 pm

thecoalman wrote:
Fri Jun 28, 2019 1:27 pm
That said since this in an extension my biggest concern would be support going forward. This is not something you can back out of if support is dropped.
That's an excellent point, but one that is also valid for every single extension out there. Granted this one has the potential to be particularly problematic in that sense.

I do think it's also a matter of responsibility on whoever runs the forum. You wish to offer certain functionality, you make sure it works and gets support. Even if at a point this requires hiring an external developer, just to state an example...

Open source does not always mean free, but at least it's open... :)

User avatar
thecoalman
Community Team Member
Community Team Member
Posts: 3259
Joined: Wed Dec 22, 2004 3:52 am
Location: Pennsylvania, U.S.A.
Contact:

Re: [DEV] Encrypted PMs

Post by thecoalman » Fri Jun 28, 2019 4:41 pm

nou nou wrote:
Fri Jun 28, 2019 4:05 pm

That's an excellent point, but one that is also valid for every single extension out there.


Depends on what it does, if it's just added feature typically no big deal. You just disable it and lose the feature. Some could be more difficult than others, an SEO extension for example that is rewriting URL's. Not impossible to go back but largely a PITA if you want to do it right. You need to reveres the .htaccess rewrites and write script to handle reverting posted URL's.
Granted this one has the potential to be particularly problematic in that sense.
This is altering the way data is stored and would require a substantial amount of work to revert if it's possible at all.
I do think it's also a matter of responsibility on whoever runs the forum. You wish to offer certain functionality, you make sure it works and gets support. Even if at a point this requires hiring an external developer, just to state an example...
Keep in mind if there is no support for it here you need to support it yourself forever. ;)

nou nou
Registered User
Posts: 328
Joined: Sat Oct 29, 2016 8:08 pm

Re: [DEV] Encrypted PMs

Post by nou nou » Fri Jun 28, 2019 5:47 pm

thecoalman wrote:
Fri Jun 28, 2019 4:41 pm
Keep in mind if there is no support for it here you need to support it yourself forever. ;)
For sure, but that's my point - you may have to consider that responsibility at some point in time.

Of course, you're always free to share whatever support you've secured privately, in order to continue the community support here :)

User avatar
EA117
Registered User
Posts: 753
Joined: Wed Aug 15, 2018 3:23 am
Contact:

Re: [DEV] Encrypted PMs

Post by EA117 » Fri Jun 28, 2019 6:25 pm

thecoalman wrote:
Fri Jun 28, 2019 4:41 pm
This is altering the way data is stored and would require a substantial amount of work to revert if it's possible at all.
Sounds like potentially an additional reason to advocate for the "master key" concept; such that the extension "uninstall" action actually has a pathway to unencrypt "on its way out." i.e. If there is an unsupported scenario in the future, you can remove the extension and be back to unencrypted messages for everything that was encrypted before, before updating to whatever the non-compatible or unsupported scenario is.

Not saying we necessarily like or want the master key for other reasons; but that if it existed, it could offer a solution to this aspect.

User avatar
david63
Registered User
Posts: 16327
Joined: Thu Dec 19, 2002 8:08 am
Location: Lancashire, UK
Name: David Wood
Contact:

Re: [DEV] Encrypted PMs

Post by david63 » Fri Jun 28, 2019 9:30 pm

EA117 wrote:
Fri Jun 28, 2019 6:25 pm
Sounds like potentially an additional reason to advocate for the "master key" concept; such that the extension "uninstall" action actually has a pathway to unencrypt "on its way out.
That does raise an interesting point. What happens if the extension is disabled? Can no PMs be read?

@EA117 - Technically when an extension is disabled AND the data deleted it should leave the board in the same state as it was before the extension was enabled.
David
Remember: You only know what you know and - you don't know what you don't know!
My CDB Contributions | How to install an extension
I will not be accepting translations for any of my extensions in Github - please post any translations in the appropriate topic.
No support requests via PM or email as they will be ignored

User avatar
thecoalman
Community Team Member
Community Team Member
Posts: 3259
Joined: Wed Dec 22, 2004 3:52 am
Location: Pennsylvania, U.S.A.
Contact:

Re: [DEV] Encrypted PMs

Post by thecoalman » Fri Jun 28, 2019 9:57 pm

EA117 wrote:
Fri Jun 28, 2019 6:25 pm
Sounds like potentially an additional reason to advocate for the "master key" concept;
This should be user option or at least the admin should be able to make it user option.

User avatar
Talk19Zehn
Registered User
Posts: 343
Joined: Tue Aug 09, 2011 1:10 pm
Contact:

Re: [DEV] Encrypted PMs

Post by Talk19Zehn » Sat Jun 29, 2019 9:20 am

Hello, I agree: Implementation by default(!) is welcome.

Additional question: Scenario ...
How do the authorities decipher the data in the event of a crime? Is this function ensured?



Best Regards
World Meteorological Organization (WMO) Weather - Climate - Water
BTW: My own works - phpBB - read more: ongray-design-de or look here: phpBB VT Theme

User avatar
thecoalman
Community Team Member
Community Team Member
Posts: 3259
Joined: Wed Dec 22, 2004 3:52 am
Location: Pennsylvania, U.S.A.
Contact:

Re: [DEV] Encrypted PMs

Post by thecoalman » Sat Jun 29, 2019 10:23 am

Talk19Zehn wrote:
Sat Jun 29, 2019 9:20 am
Additional question: Scenario ...
How do the authorities decipher the data in the event of a crime? Is this function ensured?
Unless there was "master" key they would either need to obtain the password from the user or be left with the option to try and crack it.

Passwords are typically short and since there is no control over the rate of attempts brute forcing it is not out of the question.

User avatar
Talk19Zehn
Registered User
Posts: 343
Joined: Tue Aug 09, 2011 1:10 pm
Contact:

Re: [DEV] Encrypted PMs

Post by Talk19Zehn » Sat Jun 29, 2019 12:38 pm

Hello thecoalman, I'm sorry, I did not understand your answer.
If I am forced to hand over the database to the authority because of a criminal complaint, it must be able to read the contents. :?:
World Meteorological Organization (WMO) Weather - Climate - Water
BTW: My own works - phpBB - read more: ongray-design-de or look here: phpBB VT Theme

Post Reply

Return to “Extensions in Development”