Knubbi wrote: ↑
Fri Mar 02, 2018 12:36 pm
Please consider follwing options for PHPBB:
- Store hash values derived from trunkated IP addresses instead of plain IP addresses.
- Store email addresses and profile fields with AES encryption.
- Add a template to the terms of service template, mentioning what is saved and why.
I strongly doubt we would do any of those as applying these points make no sense.
To your first point, hashing truncated IP addresses would mean that we cannot use them for what we are using them for, thus a better option would be to just allow to not collect them in some contexts (e.g. for post validation/moderation purposes).
To the second point: it just doesn't make sense. Either because this data is displayed publicly anyway, or otherwise it would only be readable if your board is compromised, in which case, the attacker could have access to your encryption keys as well, so you suggesting to introduce something that would require a lot of extra performance for marginal added security, which doesn't make much sense. Simply trying to do our best to keep phpBB secure against attacks seems to me as sufficient protection for this kind of data. If you really want to store sensitive information about your users in custom profile fields, then you should take care of the extra security required yourself (this should never happen realistically).
And finally to your last point: terms of service is a legal document, and as such, we cannot write one which complies with any actual laws, as we do not know nor the law, nor how one of our users handles data. Just by providing some template (which has zero actual value, as which law should we base it on?), some users might think that they have a valid "terms of service page" just by copy-pasting it.