Privacy questions about ninjastic.space and loyce.club

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: Husires on November 07, 2022, 03:09:18 PM

@LoyceV & @TryNinja Just create a legal page that explains everything

I'm not a lawyer, I don't do "legal pages". I'm not very fond of the idea that everything needs to have legal disclaimers. Just use common sense (and Tor).

Besides, barely anyone reads legal disclaimers. I get dozens of very annoying cookie popups per day, and want to get rid of them as quickly as possible. I don't have time to read all the details on every site I visit.

Potato Chips

hero member

Activity: 2674

Merit: 865

yesssir! 🫡

Quote from: Pmalek on November 07, 2022, 05:12:38 AM

Or because...

oh it was different from this. I quote: (i remember most information were not blurred)

Quote from: Serj Nazar on March 23, 2022, 09:03:01 AM

- Snip

I hide some for this link, but I send it to HitBTC without any modifications and 7-8 another selfies and scans of my passport. I never had any problem with KYC with other exchanges.
The scan or selfie not enough quality?

I use that scan for any KYC, and I have no problem with Binance, Bittrex, or other exchanges.
I tried taking photos on a phone camera (Samsung S10) and Canon camera - HitBTC canceled all my attempts.
I just want to take my coins and never work with them again, but they even blocked the withdrawal.

You may still be able to find the unedited post in ninjastic and loyceclub but all the links are invalid now. Honestly, it slipped my mind to also report it to those two archive websites, i hope op took down the link not way too long.

Husires

legendary

Activity: 1582

Merit: 1284

@LoyceV & @TryNinja Just create a legal page that explains everything, perhaps the community trusts you, but it is better to resort to clear rules than to trust words. especially the commercial use of this data.
The forum has something similar https://bitcointalk.org/privacy.php

Quote

Bitcointalk.org is in US jurisdiction, and is subject to US subpoenas, wiretap orders, preservation orders (which would negate the above retention rules), and similar. Furthermore, our service providers could also be subject to similar orders without our knowledge. Note that we consider PMs to require a warrant in order to be released.
At our sole discretion, we may voluntarily assist law enforcement worldwide. Generally we do this only when we perceive that the target user has probably committed a serious and non-victimless crime.
At our sole discretion, we may (noncommercially) share or extend retention on any of a specific user's userdata even without law-enforcement involvement. This is very rare.
While we don't intentionally set up systems to do so, data may end up laying around for longer than the above-specified retention limits accidentally. For example, a sysadmin might copy the access logs in order to analyze an ongoing DDoS attack and then forget to delete them for a while.
Computer security can never be guaranteed.

shahzadafzal

copper member

Activity: 1526

Merit: 2890

Quote from: ABCbits on November 07, 2022, 07:58:19 AM

Quote from: shahzadafzal on November 07, 2022, 06:19:24 AM

Well that's a fair question but let's suppose they both agree to delete ninjastic.space and loyce.club, How about other places? For example web.archive.org I don't think they will honor such requests.

Your statement has some inaccuracy, for website/crawler/archive service under legal company/organization have some legal obligation to honor data removal. For example, archive.org provide guide for removal/exclusion[1] while archive.today have button "report bug or abuse"[2]. They might honor your request, but it'll take some time/effort on your side.

[1] https://help.archive.org/help/how-do-i-request-to-remove-something-from-archive-org/
[2] https://archive.ph/Urp7B/abuse

Well I agree with you to some extent but again you can request, there’s no guarantee that it will be removed specially when you have posted something by mistake, whether it’s personal info or private keys.

Yeah copyright or abuse is something else.

Edit:
Typos

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: Pmalek on November 07, 2022, 05:12:38 AM

This is the thread I am talking about: KYC now required. My guess is that all the sensitive data has already been deleted from ninjastic.space and loyce.club as well.

I started scraping a few months after that thread was created. Or more accurately: I scraped posts before that date, but didn't share them online. My current archive on that thread was created much later (July 2020). TryNinja started even later.
Anything that has been in that topic for more than a year deserves to be archived forever

Quote from: ABCbits on November 07, 2022, 07:58:19 AM

Your statement has some inaccuracy, for website/crawler/archive service under legal company/organization have some legal obligation to honor data removal.

That worked so well for all celebrities who wanted certain pictures removed Roll Eyes

All they get with legal action is more attention, and even if one site takes it down, it's already posted on many other sites.

ABCbits

legendary

Activity: 2870

Merit: 7490

Crypto Swap Exchange

Quote from: shahzadafzal on November 07, 2022, 06:19:24 AM

Quote from: Husires on November 03, 2022, 12:26:01 PM

I have a simple question, if I mistakenly post data such as my personal address, private key or any data that I later want to hide, and I contact @ and he delete it, will both sites comply with this deletion?

Well that's a fair question but let's suppose they both agree to delete ninjastic.space and loyce.club, How about other places? For example web.archive.org I don't think they will honor such requests.

Your statement has some inaccuracy, for website/crawler/archive service under legal company/organization have some legal obligation to honor data removal. For example, archive.org provide guide for removal/exclusion[1] while archive.today have button "report bug or abuse"[2]. They might honor your request, but it'll take some time/effort on your side.

[1] https://help.archive.org/help/how-do-i-request-to-remove-something-from-archive-org/
[2] https://archive.ph/Urp7B/abuse

shahzadafzal

copper member

Activity: 1526

Merit: 2890

Quote from: Husires on November 03, 2022, 12:26:01 PM

I have a simple question, if I mistakenly post data such as my personal address, private key or any data that I later want to hide, and I contact @ and he delete it, will both sites comply with this deletion?

Well that's a fair question but let's suppose they both agree to delete ninjastic.space and loyce.club, How about other places? For example web.archive.org I don't think they will honor such requests.

To be honest you can't force LoyceV or TryNinja to do so, yeah you can request them and I'm sure they will listen but if they don't? Even theymos won't help you here :p

So the rule of thumb is always double check before you post anything on the internet, they say "What We Post Online Is Forever, and We Need a Reminder."

For example this post from 2009 https://bitcointalksearch.org/topic/m.65 is DELETED

or is it? https://web.archive.org/web/20140423083534/https://bitcointalk.org/index.php?topic=15.0

Pmalek

legendary

Activity: 2730

Merit: 7065

Farewell, Leo. You will be missed!

Quote from: Potato Chips on November 04, 2022, 02:05:18 PM

Sometimes people also share sensitive information out of ignorance.

Or because they think that Bitcointalk now requires the forum accounts to undergo KYC. But that's also a type of ignorance. Maybe you remember theymos' April Fool's joke from a few years ago when he created a thread to inform people they need to pass KYC to stay on the forum. There were some users who posted selfies and screenshots of their IDs in that thread.

This is the thread I am talking about: KYC now required. My guess is that all the sensitive data has already been deleted from ninjastic.space and loyce.club as well.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18509

You should have the same approach to this forum as you have to the internet in general. Assume that anything and everything you share online is impossible to completely delete and will always exist online somewhere. Anything you post on this site, anything you post on any social media, any email you write, any message you send, any picture you share, any document you upload, any file you store in the cloud, etc. It doesn't matter if you delete it from everywhere you can see it or access it, as you have no idea what other entities have scraped it, what other servers it is backed up on, who else has accessed it and stored it, and so on.

Anything share or store online should be assumed to be permanently compromised.

Quote from: Little Mouse on November 04, 2022, 04:59:16 AM

How will they know this IP is from Husies? Someone else may look for your post too.

If an IP address looks up one post from Husires, it could be anyone. If an IP address looks up multiple posts from Husires, repeatedly over multiple days, than that is probably Husires themselves.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: ?? on ??

Talking about wrong impression, most people also don't know CloudFlare (which used by this forum) decrypt HTTPS traffic. They need to trust CloudFlare not to log and misuse their data.

Lol. Good luck with that:

Quote from: theymos on November 29, 2017, 07:35:34 PM

Cloudflare can see your unencrypted password when you log in. It's still encrypted from the real server to Cloudflare and from Cloudflare to you. So it's not blatantly insecure except in that Cloudflare is very probably an NSA honeypot, and it's not like the NSA is going to steal your password in order to scam people on bitcointalk.org or anything.

Quote from: examplens on November 04, 2022, 12:34:50 PM

an accident can always happen, especially confusion when copying/pasting an address vs. a private key. once in a thousand times, but it happens.

What can I say, it happens:

Quote from: LoyceV on April 18, 2019, 07:17:39 AM

In June, 2016, I accidentally copied the private key for 1foreverDArUNEX2gVD26vautcx3b8zTZ in my Google search bar. That's been bugging me ever since.
~
I've downloaded my data from Google, and it confirms Google still knows the private key. It's not something I worry about that much, but it's a loose end to tie up.

Quote from: Little Mouse on November 04, 2022, 02:24:38 PM

We don't know whether someone else is scraping or not though

We do know: Google is the most famous one, but there are many more web crawlers indexing everything there is on the internet.

Quote

I believe a lot of people are doing including FBI (who knows you are a part of them or not Cheesy

).

Let me put it this way: Unfortunately, the FBI doesn't pay me for my efforts Cheesy

Little Mouse

legendary

Activity: 2044

Merit: 1981

Marketing Campaign Manager |Telegram ID- @LT_Mouse

Quote from: LoyceV on November 04, 2022, 05:23:49 AM

That doesn't make scraping a bad idea, it makes posting private data a bad idea. People should really not post stuff on the internet if they want it to be private.

I didn't say scraping is a bad idea either. It's helpful in many ways to be honest. But scraping addresses isn't a good idea as I said. It doesn't help a lot to the forum. I don't know if it's helpful to others or not as I don't see a lot of benefits there. It only helps forum polices lol. But in general, scraping isn't that bad.
People must not post stuff on the internet but there's bad days. Some may mistakenly post their address or anything private. But with scrapers, it makes easy to keep a record. We don't know whether someone else is scraping or not though I believe a lot of people are doing including FBI (who knows you are a part of them or not Cheesy

).

Potato Chips

hero member

Activity: 2674

Merit: 865

yesssir! 🫡

Sometimes people also share sensitive information out of ignorance. Perhaps there was a time where they did not know any better?, which reminds me of that one user who posted a selfie with his passport... What bewildered me was that he didn't mind posting such information because as he said, "all russians are doxxed". Even if that was true, it makes no sense to deliberately share such information to a new audience.

If one has posted sensitive information, I can understand if they wanna 'take a chance' of minimizing the damage by requesting deletion.

examplens

legendary

Activity: 3248

Merit: 3098

Quote from: Husires on November 03, 2022, 12:26:01 PM

I have a simple question, if I mistakenly post data such as my personal address, private key or any data that I later want to hide, and I contact @ and he delete it, will both sites comply with this deletion?

you obviously got satisfactory answers, so it wouldn't be a problem to delete posts that contain sensitive information. certainly, if that were to happen, you would have to react immediately by changing the password, removing the funds and stopping using the compromised private key, etc... once made public it became public forever.

Quote from: LoyceV on November 04, 2022, 05:23:49 AM

That doesn't make scraping a bad idea, it makes posting private data a bad idea. People should really not post stuff on the internet if they want it to be private.

an accident can always happen, especially confusion when copying/pasting an address vs. a private key. once in a thousand times, but it happens.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: Little Mouse on November 04, 2022, 04:59:16 AM

I always have seen scraping addresses isn't a good idea. There are people who even don't know someone scraps the forum and may mistakenly post an address publicly but instantly deleted. He will get a wrong impression that he is fine while he is not.

That doesn't make scraping a bad idea, it makes posting private data a bad idea. People should really not post stuff on the internet if they want it to be private.

Little Mouse

legendary

Activity: 2044

Merit: 1981

Marketing Campaign Manager |Telegram ID- @LT_Mouse

Quote from: Husires on November 03, 2022, 12:26:01 PM

Add to that, do they keep my IP address? It's easy to get to because I'll look up my posts.

How will they know this IP is from Husies? Someone else may look for your post too. They may (I assume though TryNinja said they don't) have the IP logs but that wouldn't do much harm if I'm correct since they wouldn't be able to know which IP is owned by who. Anyway, it's still safe to use TOR if you are concerned about your privacy regardless of what TryNinja and LoyceV said.

Though it's beneficial for forum's investigators (I can't see any other use), I always have seen scraping addresses isn't a good idea. There are people who even don't know someone scraps the forum and may mistakenly post an address publicly but instantly deleted. He will get a wrong impression that he is fine while he is not.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

This question comes up once in a while. My Apache2 server on loyce.club keeps default logs, which I've used in rare occasions to stop very agressive scrapers. I don't care about IP addresses, but if you don't want me to know your IP address, by all means: use Tor browser. My site doesn't even ask to solve a Captcha.
The different webhosts I use can ~~probably~~ no doubt access the data too.

I've granted most removal requests, but rejected some too when I didn't think it's necessary. I like my data integrity, which I've posted about around this post. For full transparency, I post all censoring in my topic.

If you mistakenly post private data, you should consider it compromised. Ninjastic.space and loyce.club are the most known scrapers here on Bitcointalk, but that's only because we're open about it. It's safe to assume there are other people (or organisations, or governments) that do the same, and you can't even ask them to remove data. You can probably test this by posting a funded private key (NO REALLY DON'T!), and delete the post as fast as you can. Chances are your funds get stolen.
"Generic" archiving sites store pages too.

I don't scrape Investigations (and other non-public boards, but I don't have access to those anyway).

There's only one way to make sure data doesn't leak: keep it offline.

dkbit98

legendary

Activity: 2212

Merit: 7064

Cashback 15%

Quote from: Husires on November 03, 2022, 12:26:01 PM

I have a simple question, if I mistakenly post data such as my personal address, private key or any data that I later want to hide, and I contact @ and he delete it, will both sites comply with this deletion?

I think this already happened before with someone exposing personal information and doxing people on purpose, or making death threats.
Post was deleted both on bitcointalk forum as well as on ninjastic.space and loyce.club website, but you never know if someone archived separately.
I am personally considering every information once posted on internet already compromised, this can include personal information, photos and verification documents.

Quote from: Husires on November 03, 2022, 12:26:01 PM

Add to that, do they keep my IP address? It's easy to get to because I'll look up my posts.

They probably don't keep you IP and they don't need it, but cloudflare keeps it for sure, but you can always use Tor browser or vpn for browsing.

NeuroticFish

legendary

Activity: 3668

Merit: 6382

Looking for campaign manager? Contact icopress!

Quote from: Husires on November 03, 2022, 12:26:01 PM

will both sites comply with this deletion

They will most certainly do. But they're not the only problem, I'm sure others are scraping the forum too, for whatever reasons. Some users may user archive.is (and its brothers), search engines also do their scraping, the internet archive may do so too (less often though), ... the thing is that if you do such a mistake you cannot ever be sure it was not recorded somewhere (else), no matter the nice guys from the forum delete that from their data.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: bitmover on November 03, 2022, 01:23:52 PM

I believe it is important to know that everything you ever send in a forum is public.

You mean everywhere, all over the internet whether it was posted on social media or on some random academic .edu "home" website. The Wayback Machine exists, and many websites themselves keep site backups.

bitmover

legendary

Activity: 2212

Merit: 5622

Non-custodial BTC Wallet

Quote from: Husires on November 03, 2022, 12:26:01 PM

If this isn't the right board, please let me know so I can move it.

I have a simple question, if I mistakenly post data such as my personal address, private key or any data that I later want to hide, and I contact @ and he delete it, will both sites comply with this deletion?

What can I do if both sites do not comply with this, and what is the role of the forum in this case.

I believe it is important to know that everything you ever send in a forum is public. Those users will probably delete the requested data , but it is very hard to get privacy online and to "unsend" information is basically impossible.

Other people maybe de scrapping, there are web archives, etc...

Even when you send a document to an email or an exchange that data could be leaked/hacked/sold etc.
Be careful with everything you write or send online

TryNinja

legendary

Activity: 2758

Merit: 6830

I’m ok with censoring privacy-sensitive posts. But keep in mind that other people are probably also scraping the forum, so be careful.

I don’t log IPs or have any kind of analytics or tracking scripts on ninjastic.space.

PX-Z

hero member

Activity: 1428

Merit: 836

Top Crypto Casino

Mistakenly post? your private keys? Why you even try to post it in the very first place? No one on their right mind willl attempt to post their private keys. Besides posting in any kind is users' responsibility.

Regarding your ip address, you can just mask it easily by vpn, and i dont think those two ^{(loycev and tryninja)} will get interest someone's data like ip address and such.

About the deletion request, probably they will, they have full control those data and records, so feel free to pm them any time.

hosseinimr93

legendary

Activity: 2380

Merit: 5213

Quote from: Husires on November 03, 2022, 12:26:01 PM

I have a simple question, if I mistakenly post data such as my personal address, private key or any data that I later want to hide, and I contact @ and he delete it, will both sites comply with this deletion?

If a post needs to be deleted, I am pretty sure both LoyceV and TryNinja will delete the post from their website.

LoyceV has already done so. See this post.
TryNinja will do the same if that's required and he receives a request. See this post for more information.

Husires

legendary

Activity: 1582

Merit: 1284

If this isn't the right board, please let me know so I can move it.

I have a simple question, if I mistakenly post data such as my personal address, private key or any data that I later want to hide, and I contact @ and he delete it, will both sites comply with this deletion?

What can I do if both sites do not comply with this, and what is the role of the forum in this case.

We can ask more questions, but they will revolve around the sites that collect, analyze or keep forum data.

Add to that, do they keep my IP address? It's easy to get to because I'll look up my posts.

Topic: Privacy questions about ninjastic.space and loyce.club (Read 371 times)