Forum Computer tracking - what is being kept? And why?


#1

(Yeah… my weird curiosity is kicking in again… happens when I am tired :wink:)

A question for the Forum Rulers / Admin

I noticed earlier today odd Notification boxes popping up in my web browser. I didn’t remember enabling them so I went into the forum settings to turn them off.

I am curious now at something I find. Why does the forum need to keep track of my computer?

What is that list kept for? And who is getting access? Is this just MetaBrainz or is that also going back to the forum makers?

It seems a strange type of metadata to collate on us users. What is being stored about me when I login? I don’t see why it is relevant to store the fact I was using Windows or Chrome (especially when that data is incorrect :laughing:)

Yeah, I can understand needing to know which computers, browsers, etc. at a hosting level as I am used to WebLogs as described in your Privacy Policy - but why is that data not anonymised as it normally is? Keeping a list of my browser and computer choices in the forum database seems a bit creepy to me. I’m guessing my IP Address is in there as well? :thinking:

Ultimately I know I have no choice - I want to be a member here. Just it would be nice to know what is happening to my personal data. :slight_smile:

I will pick out positives on this - clearly someone knows of this feature and has reduced the level of tracking. I notice at another Discourse based forum when I go into the settings there I find they have my country of access too. Good to see here at MetaBrainz that bit is at least turned off and it just says “unknown”. And the booting out of Google Analytics is a DoublePlusGood in my eyes.

Thanks for looking after my privacy :smile: It now makes me think about setting up my VPN for a few more countries so I can just “spin the dial” each time I go online and pop out at another random part of the planet. Hehe…

Oh - and it is clear not many people read the FAQ. Did you know that the “Site Feedback” link goes to a secured page us users can’t access?

Site feedback category tries to open the following and fails: https://community.metabrainz.org/c/site-feedback


#2

Perhaps it’s used to keep banned users from logging back in with a new name? Or maybe to combat sock-puppetry?


#3

Afaik it’s just for you. At least I know moderators don’t have access to it (maybe admins do) - I know from being a moderator on other forums.
I believe it’s just for you to check if someone else logged in to (hacked) your account.


#4

It is good to know it is not a MOD accessible thing. Admins - yeah, fair enough. We all bow down to the Mighty Admins. I can also see how they’d need the IP Addresses for the Sock Puppet checks as @Billy_Yank points out. (I’ve run forums myself before)

Just seems odd to me seeing all that data against my own record here. Anytime I see extra details about me being stored beyond what is needed to run an operation I wonder what the need is.

I know MetaBrainz is on the right leaning here. The removal of Google “All seeing Eye of Sauron” Analytics is nice to see and shows the real underlying attitudes here. :slight_smile:

What is odd is that elsewhere in the privacy docs it mentioned discarding Server IP Logs after seven days, so this is weird that it seems to contradict that. These go back to early September.


#5

Well you went in https://community.metabrainz.org/u/jesus2099/preferences/account and saw the list of connections with your account.
It’s a security list made for you to spot if anyone else than you used your account (hack).


#6

Seems a bit of an overkill for a forum. Was there a MetaBrainz forum ID theft problem in the past?

Isn’t the main MusicBrainz login more important? That is a place of real data and real information so if this was an anti-hack thing I’d have been more concerned about over there. (I assume they already have anti-sock puppetry checks going on over there as the vote system is open to abuse otherwise)

This topic is probably more geared towards what Discourse are up to as I know this is their software. Seems a bit of a dubious over-reach for data.

Cracks open another beer and presses the teleport button on VPN again…:robot:


#7

I think it’s very good feature to be able to remotely log out from a distant cyber café computer I might have used while travelling and from which I forgot to log out.


#8

I think it’s a standard part of the forum software that MetaBrainz uses. It’s not something MB added. (I would guess the location not working is actually a bug — or maybe just the geolocation data not being present; it should be derived from the IP address, which is stored, you can see it by hovering over the “unknown” location).


#9

Like @derobert said, our Discourse instance is a non-modified version of upstream Discourse. Discourse stores the last IP address you logged in from, but not any previous ones. The things you showed are just a list of browsers/platforms (note: not IP addresses) used to access the forums, which is not something I noticed before (but yes, I as an admin can see this list too, when I go to e.g., https://community.metabrainz.org/u/jesus2099/preferences/account - I also have the option of “impersonating” another user, basically letting me act on the forums as if I am them (all admin actions, like impersonation, is logged, so we can’t do this without it other admins being to tell)).

As others have noted, this is primarily an aid to you to check that only devices that you’re familiar with are getting access. I also agree that the MusicBrainz login is of (much) more importance, but MusicBrainz’s codebase is a lot older than Discourse’s and many modern security measures like this hasn’t made it into MusicBrainz (yet). We’ve also been talking about moving the whole user authentication to MetaBrainz (since it’s a bit weird to have to make a MusicBrainz account if you want to edit books on BookBrainz), so we’re also not doing a lot on this front currently. There’s also SpamBrainz getting made ready for release which will also have some impact on the user registration part at least.

I’m not sure I covered all your concerns, but I hope I helped clarify some things. Please do point out any that I missed though. :slight_smile:


#10

Hover over the location (the “unknown”) — it’ll display the IP address (or check the HTML for the ‘title’ attribute, it’ll be there too).


#11

@Freso thanks for the confirmations. I know you lot are the Good Guys.

Did you notice my mentions of the borken site feedback links in the FAQ?


#12

I had noticed those IP Addresses. On the other forum where Discourse is used that is all translated to physical locations. So thanks to whoever turned that off here at MB. But it is still listing 68 entries for me going back into September. Certainly got different IP Addresses listed there when I have been jumping around the planet on my Space Hopper VPN.

Is this page getting confused by my browser throwing the session cookies away every day? I always have to log back in both here and MusicBrainz each time I open my web browser. Is this showing up a bug in Discourse then? @Freso thought only the last IP Address is stored. Looks like Discourse updated their software and crunched into bizarre grounds.

Good job I am not a dodgy geezer as hacking sites like this would give the MiB all kinds of info about my movements. :male_detective:


#13

Okay, so I was a bit confused. Seems like we have a “max age unmatched ips” setting which has a default value of “365” (days), but we have had it set to “61”:

I guess this didn’t get updated when we made our GDPR compliance policy, but I have updated it now to reflect the 7 days mentioned in that document:

Sorry about that confusion!

However, I am not sure whether this will actually remove IP addresses attached to a login session. I think Discourse might store an IP address together with a login session so that you can’t reuse a session cookie when you’re on a new IP. This might actually mean that Discourse is in violation of our stated GDPR policy. :frowning: I’ll have to bring this up with @Rob and @zas to see what to do about this.


#14

Just FIY for anyone who really cares about their privacy: Orbot works wonders. Here are my stats from another forum:

image

The only correct info here is that I used an android device on those days.


#15

Okay, so I found the setting for “session age”. It was at its default setting of 1440 hours (60 days):
billede

I changed it to 168 hours (7 days):

This should mean that any session that hasn’t been used for 7 days gets deleted, including its associated IP address. It may result in us having to log in more frequently, but this at least should mean that the forum is compliant with our stated GDPR compliance policy. Phew.

I hope this is okay. Thanks for bringing it to my/our attention! And please let me know if you find anything else concerning. :slight_smile:


#16

Excellent bit of digging there sir. I thought you’d like to know this as it was making the GDPR comments seem a bit out of sync. Well found on the actual causes.

Now the only little bug left - check the bottom of the FAQ as the Site Feedback link goes no-where for me.


#17

Haha - I like the look of Orbot. Anything that messes with the heads of the trackers.


#18

I get a feeling that Discourse is from the US of Advertising. A little bit slap-dash with its attitude to privacy. :smiley:

Now the “max age” has been adjusted I notice it didn’t clean up what was already stored in the database. That still goes back 61 days. Not exactly well tested by Discourse. It should all go stale now and be removed back to the new 7 day limit (and yes, I realise I can delete it, but I am curious as to its behaviour)

The “IP addresses attached to a login session” is an odd one. I’ll often be already logged into MusicBrainz when I flip my VPN to a different location and IP Address. It often makes me laugh when I see the web browser just carry on without a care that I have teleported half way around the planet mid-session. It seems perfectly happy for me to carry that cookie session into a different country - even continent - minutes after initially logging in.

None of this is a “whinge”. This is more a game of curiosity. You guys take GDPR and Privacy seriously so it was a little odd seeing Discourse in the middle of this being the naughty child. :laughing: