A naive question, perhaps, but I am curious, having heard today that it was not only possible, but also practiced. :-(

Well, I would hope so. Hate to see this forum used illegally.

Yes. It is commonly known fact that Renderosity admins read every IM and actually print them to post on the walls, pass them around at work, and make fun of people while plotting secret bannings and practicing politically motivated censorship. In fact, they commonly check all IMs for keywords like "warez", "dissent", "revolution", and "Legume" to insure that they give extra attention to the ones that might cause a new rival to rise up and throw off the yoke of tyranny. Paul P.S.: Sometimes I've even heard that they intentionally cause trouble by intercepting an IM, replacing the message text with a flame or innuendo, and then retransmitting the modified message.

I've heard that the admins even pretend to be regular members and infiltrate the chat rooms and forums There's also a camera in the top right hand side of your monitor; it comes with the cookie:)

:-) Well, it was a serious question. To clarify, I do not mean on the part of the admins; I mean private individuals using tools to essentially hack into and read others' IM messages. I have heard this ability claimed -- should I assume it is just so much smoke being blown, then?

I would personally write a note to the admins and tell them who was claiming it. For one, it's illegal, two, it's an invasion of our privacy and a threat to the community, and three, if they made it up, then they should probably receive a visit from the admin or the police to let them know it's not tolerated. ;) Paul

It's doubtful. What's possible is if people are sharing a computer and not logging off after a session, so the next person can enter the site without logging in, because the cookie with the password is still on the computer. Of course, it's also possible for people to guess other members' passwords if they are using obvious passwords, and while doubtful, there is always a chance of a hacker supreme breaking in, but I'd rate the overall chances of hacking as low. Next on list, find out how Entropic learned all our secrets and figure out a way for him to disappear ....

"Next on list, find out how Entropic learned all our secrets and figure out a way for him to disappear .... " Heh... Making me disappear won't solve a thing! I learned it all from the neighbor's cat and she'll tell the world!!!

On a serious note, Entropic is right, please contact one of us mods or admins so it can be investigated. Thanks!

Thank you all. The admins have been notified, but they haven't gotten back to my wife yet. She was actually who the claim was made to -- I was just hoping that I could get some sort of consensus as to whether it could actually be done, and maybe get her to not be quite so upset :-) Thanks again to all. BTW, do you know how you can tell if a mathmetician is an extrovert? He looks at YOUR shoes when he's talking to you :-)

You mean to tell me that people are actually passing messages to each other that are worth someone's effort to hack in to? I would have thought they (the hackers) would find more "entertaining" targets.

PabloS. Why? Once you can find a weakness, any weakness in a site's programming and defences it's a relatively simple matter to exploit that. IM and suchlike would be the least of concern to rosity admin whereas the store would carry the heaviest encryption and protection. So, you hack what can be hacked, check out the coding, check out the routing, watch what goes where, follow it through and try to hack in through other doors. If you can't get further by that route then you try others. Always attacking the least sensitive areas first. Besides, what's utter boredom to you is the height of entertainment to another. That's why soap operas, game shows and these stupid survival programs are so popular. :) Entropic. Ignoring your sarcasm for a moment. As this is a public site owned by private individuals, who may or may not be held liable for information transmitted across their network and servers it's possible that there is method to intercept IMs if they so chose to implement it. With the membership base this site has it's highly unlikely that any of the admin staff have sufficient time to bother but that doesn't mean it can't be done. As a matter of example there is sufficient precedent of successful lawsuits held against ISPs for newsgroup messages that were considered defamatory to certain individuals. One example is a recent law suit carried by an American citizen against a British ISP. Not saying that they DO this sort of thing here, but you can bet for sure that the tools and ability certainly exists.

I doubt IM's are 100% secure but I also doubt admins are reading them for kicks.

Regardless, I'm safe. None of my IM's are likely to make the Christmas Party entertainment.

Questor, I believe there is some truth to Entropics comment. It is normal for IM's to be at least logged, so if a problem arises, the messages can be recalled.

Given the fact that the majority of the resources on R'osity are supported by a backend database, I would presume that there is a possibility that all IMs, etc, on the site are logged and retained within the database for a given amount of time and, quite likely, archived for another period of time. Therefore, anyone who gains access to the database can, most likely, read IMs and other resources that utilize it. The Admins do have a responsibility to ensure that all conduct of the community follows the TOS, whether in public or private. Therefore, it is unreasonable to even expect that any communication through the site is 100% "private" and or "secure". It is always best to err on the side of caution and ensure that you say nothing in "private" that you would not say in open discussion.

ElectricAardvark. Sorry, but I must be reading things differently because all I see from Entropic is flippancy and sarcasm rather than a constructive comment in any form. Though it might be that it's getting late and my eyes aren't focussing right. :)

Questor: LOL, I've grown use to decyphering Entropics posts. Usually has a point in there, coated in his jockularity.

What's much more likely is someone intercepting your messages at YOUR end. There were an awful lot of computers out there with the Subseven trojan in them before I completely shut it down in my firewall. It was just getting WAAAAY too bothersome to deal with the attacks individually and pretty well all of them come from infected machines. If someone can plant the trojan in your system and you don't know it's there, it can turn over a copy of everything you type or file. Nailing a web server is also possible, but those tend to get their holes plugged much more promptly...

Questor, you're right. I failed to look at it from the simple-minded, soap opera watchin', game show cheerin', survivor survivin', point of view. Now I've got better things to do. I got inspired by an image that I just have to render but first I have to hit the MP to buy a temple and a sword for Vicki. :-)

I know there a administrator hacks for PHPbb and other forums software the admins can install to view PM's. It wouldn't surprise me one bit if Renderosity admins can do the same. Not saying they use them for nefarious purposes, but a site like renderosity would be missing the boat to not have some sort of tracking ability if not to cover their own tails.

PabloS ROTFL... Cool idea, might do that myself. smirk

Intercepted no but people have been known to post them publically from time to time(edited). :)

Hi Anton

Hey there.

ah that's where the porn links came from. Hasn't everyone here had a chance to me a mod yet? Funny what little truths can get mixed in with jokes though.

I just gotta wonder what part of "Instant Message" tells anyone it was gonna be private in any way. Just treat renderosity IMs like posts in the forums. :)

lol @ Doc Legume Never believe a word that man says until you FINISH reading his post...words to live by

I can honestly say that in the few months I've been a mod I have never seen or hear of an instance where the staff here have read members PRIVATE IMs. There are occasions where members will present IMs to the staff as evidence of harassment or other complaints but never a situation of 'digging through the files' or intercepting IMs.

The Dr strikes again :) lol nice one Legume Rob

One way I can think of in which i.m.s may be interecepted is if when someone relays a renderosity url, especially in chat or other i.m. (yahoo, msn, etc) and includes the "Form.sess_id=" and the "Form.sess_key=" information - it gives access into their Renderosity account.

It would look like this basically -
http://www.renderosity.com/freestuff.ez?Form.sess_id=########&Form.sess_key=########## - or something similar and the '#' would be actual numbers.

Jesus! You mean that IM I am sharing with my friend about all my different positions... I do my gardening in... could end up at some Christmas Bash! Um... None of it is true - no - none of it is true - I don't garden, I have never held a spade in my life... um Not WiNC - This is someone else post - yes - I'm not WiNC, I'm CNIW :) um um bye

WiNC: We also have pictures of you in an apron.