Explanation of security changes

[Martin]

Hey peeps,

I have been asked by Paul to give a general explanation on why the security changes got introduced to the site.

Around June 2008 we got a report that an older aged member was making innappropriate contact with young members on the site. After an investigation we found that these reports were proven to be true and the member in question had made some pretty serious advances on various members. This incident was reported both to police and the site owners who both reviewed what we had found for themselves. We can't give any further details on this as it is now a closed matter and the members affected by this will not wish to have the event revealed to the whole forum.

Once the member had been banned the site owners approached us and originally requested that all features on the site that allowed private communication (including private messages and the chat room) were removed from the forum. This was rejected by the staff and we later came to the agreement that an application process was needed so that the features could remain. This was verified both by the lawyers who work for the owners and by Paul who made legal enquiries about it too.

The features that are set up now are essential if the owners are to keep EC open. It's very easy to complain about how restricting they are, unfair etc but without them there would be no forum for you to complain about it on. We aren't introducing them to be awkward and make it difficult for members to settle in. They are just needed if we wish EC to remain open for you all, and this way is the safest we can get without removing any site features for everybody. The site owners can't risk being held liable for any problems that may arise out of people not thinking sensibly when they are handing out personal information, and as a result all information that can be used to identify you off this site is not allowed to be posted publicly on here.

If anybody does have any questions about these changes then you are welcome to ask. Just don't post here ranting about the changes because it will not achieve anything nor will it make us cave in and undo the changes made last summer. We would rather have a forum that is restricting and benefits a small number of members than have no forum at all.

[Rainbow]

I think the restrictions are good. It makes me feel safer to know that I am probably not talking to someone strange.

[George]

These security measures may be annoying, but they're needed.

Though I sometimes doubt how efficient the system is, even if it works.

This is good that that member has been caught and banned its a scary thought and im happy for the restrictions.

[Kid Quasar]

[Seanboy23]

I think the restrictions are great, even if they're a little frustrating. I don't know anything about what happened, but it's sad when we have to relate to those old cliches about "one rotten apple spoiling the whole bunch".

Everyone here, however frustrated they might get, should be thankful that EC is here at all, and is working for the purpose it's intended.

[Kryz]

Quote:

Originally Posted by George

Though I sometimes doubt how efficient the system is, even if it works.

That's exactly what I think most of the time.

Why don't you just make some of the forums private?

Like, make them only viewable for full members?

I mean, EVERYONE in the internet can see the boards and it's messages. Why don't just make some of them private and full members viewable?

This way at least some part of the forum could go to "what it was before".

[Martin]

The boards are something that have not been changed because of the security changes. What can be posted on them has been changed a bit, but it's nowhere near enough to warrant a Full Member forum. The gap between Full and Regular members needs to be kept as minimal as possible to avoid rank superiority, and allowing Full Members to access new forums would just cause bitterness from regular members who haven't been promoted. The forum is not a social networking site so will not go out of it's way to introduce ways for it to become one. At the moment you can PM people any info you want which is the safest way for both members and staff.

Also, I am not quite sure how a Full Member forum can be justified when there is also a sense of the security features not being effective. If people feel they aren't working then I don't understand how you can also ask for a full member forum, which I assume won't have the posting restrictions that the public forums have? If people feel they aren't working then they should be making a more conscious effort to avoid handing out personal information to strangers, not suggesting ways that could make it easier for them to obtain such information.

I know what the strengths and weaknesses of the security features are. They can and do work, but they aren't fool-proof. The application process is only the beginning of the security, and it's also relatively simple for somebody who is a good and consistant liar to pass through it. However, the monitoring that does go on will catch them as we know whether they have started throwing out ID's left, right and centre, whether they are making innappropriate contact or whether the information they have provided us is not consistant with the information posted on other sites off EC.

There is a lot of behind the scenes work to the security features. It's easy to see why you may think they're not effective because of what you do see occur. There is a lot more to that though that is hidden, and that is what makes it the most effective system that we can have whilst also allowing EC to exist (without removing all possibility of private communication). It is still important for members to be aware of their actions though, including who they do give out information to. That is why we strongly encourage that any suspicious behaviour is reported immedietly. We are confident that the system works most of the time, but we are aware that people can slip past us at any time.

[George]

Quote:

Originally Posted by Kryz

Quote:

That's exactly what I think most of the time.

Why don't you just make some of the forums private?

Like, make them only viewable for full members?

I mean, EVERYONE in the internet can see the boards and it's messages. Why don't just make some of them private and full members viewable?

This way at least some part of the forum could go to "what it was before".

I agree totally with that.

Maybe make the forum only viewable for registered users, and then as people reach certain amounts of posts they get access to everything else.

[heatqueen]

^No, that wouldn't work because it would be creating a problem we're trying to avoid. Like Martin said, the full/regular member system was set up so there'd be as little a gap between the full and regular members as possible. Making some forums private would only enforce this gap.

Waitddasecond...
Something changed recently?

Or is this just repeating the Full/Regular member stuff?

[Kryz]

I know what's the purpose of this site is. And it's pretty clear for me. But in my humblest opinion, if you want a site to provide support and advice from many ppl and with many points of view, you need to keep a good and strong community to do such.

And well, the way I see it, to make a slightly bigger (bcoz I only said SOME forums, or even just one, not all) gap between regular and full members would be another way to encourage regular members to be more active and maybe help even more. And of course if any full member can contact the other full members via PM, to have an open private section wouldn't change anything, except the fact that yo could do it in a forum...

I somewhat feel the thing isn't working flawlessly, but also feel that ppl really want it "the way it was before". That's why it came to my mind that this could be applied, since it's something that has the owners somewhat happy and could get the members somewhat happy.

And you made the most important point there Martin. Members SHOULD be aware and responsible for their actions, and for their own essential security and privacy.

This idea is just a thought that got to my mind, and seemed like a good way to make members a bit happier. It was not my intention by suggesting this to make stalkers and other bad ppl's job easier, it was just to improve the community.

[George]

Quote:

Originally Posted by heatqueen

^No, that wouldn't work because it would be creating a problem we're trying to avoid. Like Martin said, the full/regular member system was set up so there'd be as little a gap between the full and regular members as possible. Making some forums private would only enforce this gap.

Well I mean like when someone registers, until they post say, 50 times, they can't access 3-4 of the forums, chatroom and PM system. And once they get up to 50 they have access. So simply it makes the transition from regular to full member much more smoother and avoids confusion (as evident by the people wondering why they have to "apply" to gain access to everything).
Also doing things in that way would make the admins and mods seem less (for lack of a better word XD) anal retentive about security.

And one thing I honestly don't get is why the forums are visible to guests when security is meant to be one of the main concerns here.

I really don't want to start an argument here, but I'm just giving my opinions. YES, I agree that security is needed because I know I wouldn't want to be a victim of paedophilia, but the way security is operated here feels very militant and (again, for lack of a better word) anal retentive.

Because the way it is at the moment, there's a huge divide between regular and full members, and it just adds to frustration.

[biisme]

If the boards weren't visible, why would anyone join? Why would they sign up for a site they can tell nothing about?

And, it's because they're visible that it isn't allowed to post personal contact information, so a random person can't randomly track you down.

And, if member upgrades were automatic, what would stop someone from joining and just posting in the fun and games fifty times in less than an hour?

[Maddy]

I'd have thought that making some of the boards inaccessible to regular members would increase the divide between regular and full members, not decrease it.

[George]

Quote:

Originally Posted by biisme

And, if member upgrades were automatic, what would stop someone from joining and just posting in the fun and games fifty times in less than an hour?

Simple, do what heaps of forums do and don't count posts in fun/games and any other forum which exhibits spamming.

And keep in mind that not having the forums visible to guests may not have the effect that people are worrying about. Those who need help will join, which is what this forum is for right?

[Ben]

Quote:

Originally Posted by George

Well I mean like when someone registers, until they post say, 50 times, they can't access 3-4 of the forums, chatroom and PM system. And once they get up to 50 they have access. So simply it makes the transition from regular to full member much more smoother and avoids confusion (as evident by the people wondering why they have to "apply" to gain access to everything).
Also doing things in that way would make the admins and mods seem less (for lack of a better word XD) anal retentive about security.

The problem with that system would be that the whole concept of full members and regular members would be pointless. Not everyone who applies with 50 posts and after 2 weeks gets through the system, as there has to be enough confidence that the person can be trusted with private forms of communication and to go into the chatroom.
Therefore, to avoid someone getting full member status when they cannot be trusted with it, each application must be reviewed individually.
This system is needed in order to avoid a repeat of the previous situation mentioned in the first post of this thread, because if something like that happens again then the consequences for EC will not be pretty.

[Peter]

As an older member of the group, I just wanted to say that I fully support the rules and appreciate them - for my personal benefit. I am not trying to pick up young boys through this site and have appreciated the comment (slap on the wrist) that I received a while back when something I posted could be misinterpreted. Sometimes things can be misunderstood when they are just meant to be friendly manner. Private fora (that's the plural of forum) would also have to have age restrictions, etc. It all gets very messy. BTW, thanks to the EC staff for all the work you do on this site.

[Martin]

Quote:

Originally Posted by George

Well I mean like when someone registers, until they post say, 50 times, they can't access 3-4 of the forums, chatroom and PM system. And once they get up to 50 they have access. So simply it makes the transition from regular to full member much more smoother and avoids confusion (as evident by the people wondering why they have to "apply" to gain access to everything).
Also doing things in that way would make the admins and mods seem less (for lack of a better word XD) anal retentive about security.

That wouldn't work either. You would just be replacing peoples confusion of why they have to apply with why they have to get x number of posts. It's very easy for somebody to post 50 times on the site regardless of which forum it is in. The idea of the system is to have control over it, not hope that an undesirable doesn't post 50 times and gain access to areas of the site. That is more flawed than the system being complained about.

Quote:

Originally Posted by George

And one thing I honestly don't get is why the forums are visible to guests when security is meant to be one of the main concerns here.

Because guests need to see an active forum if they are going to join. You can't make somebody feel welcome if you aren't even letting them see what they are joining. That isn't an issue as that big red notice at the top of the forum forbids any personal information being posted on the forum. If people stick to that then guests are unable to obtain any information they should not have therefore it isn't an issue that any random person can see the forum.

Quote:

Originally Posted by Kryz

I know what's the purpose of this site is. And it's pretty clear for me. But in my humblest opinion, if you want a site to provide support and advice from many ppl and with many points of view, you need to keep a good and strong community to do such.

And well, the way I see it, to make a slightly bigger (bcoz I only said SOME forums, or even just one, not all) gap between regular and full members would be another way to encourage regular members to be more active and maybe help even more. And of course if any full member can contact the other full members via PM, to have an open private section wouldn't change anything, except the fact that yo could do it in a forum...

You're right, it could encourage people to join. However, it could quite as easily have the opposite effect. The bigger the gap between Regular and Full members the more people who are going to have issues with it. It's great when people just post, apply and get promoted. Sadly it's not always the case though and people will dislike gap. One thing that we can say is unchanged about this system is that the forum is still the same for all member ranks. Also, a full member forum does change things. Giving out information via PM allows members to control who receives this information and makes them responsible for it. Allowing them to post it on a forum (whether public or private) does not allow them to have control over who obtains it, which then makes EC liable for hosting it on the site if anything was to go wrong. Yep, the member would still be at fault for posting it in the first place but EC allowed it to stay there so is to blame too.

Quote:

Originally Posted by Kryz

I somewhat feel the thing isn't working flawlessly, but also feel that ppl really want it "the way it was before". That's why it came to my mind that this could be applied, since it's something that has the owners somewhat happy and could get the members somewhat happy.

And you made the most important point there Martin. Members SHOULD be aware and responsible for their actions, and for their own essential security and privacy.

This idea is just a thought that got to my mind, and seemed like a good way to make members a bit happier. It was not my intention by suggesting this to make stalkers and other bad ppl's job easier, it was just to improve the community.

They're not the only ones who want them back the way it was. Every single staff member on here would choose the old way if we had a choice in the matter. These changes have made it so that we are more staff members rather than members, and by that I mean that we can't just come online and start posting. Instead we have to check all the applications, process them, make the necessary checks, catch up on any issues on the forum/chat, read staff discussions and give input, check Ask The Staff and reply to any threads, check the chat logs, make sure there are no trigger posts in Anon and so on. I am not sure about the other staff, but since these changes were introduced I have become more of a staff member working behind the scenes than a member who posts on the public forum. These changes cause a massive amount of work for us behind the scenes, but we keep them working because otherwise there is no EC. It really is that simple peeps. If we thought for one second that the owners would relax the system, allow some change that could benefit members etc then we would try and make it happen. Currently the owners want to play it this way, and we can't risk going against that otherwise we will sign on one morning to find that EC is nothing more than a blank page.

You're also correct, members should be aware and responsible for what they post. Sadly they aren't. Despite a massive annoying notice box at the top of the forum, Big Brother style security, restricted access to communication features and rules on the code of conduct, members still fail to be careful with what they post. I've had to deal with a gazillion people who have posted their email on the public forum or in a wall comment, have used the site for hooking up and other reasons. It would be great to make them aware and responsible for what they post, but they still choose to ignore it despite all our warnings. That's why the owners cannot risk being held liable for anything that may arise from a members irresponsible behaviour.

Quote:

Originally Posted by Peter

Private fora (that's the plural of forum) would also have to have age restrictions, etc. It all gets very messy. BTW, thanks to the EC staff for all the work you do on this site.

Even that I don't like the sound of. It's not fair that an older aged member who is here to benefit from the forum should not be allowed access to a private forum because of their age. As it currently stands you have the exact same rights as all other full members regardless of age. Anything other than that is not fair at all. We can't say to you "Oh, we trust you enough to be a full member but you can't access this forum because of your age". It would defeat the point of us trusting you if we put an age restriction on the forum. Besides, most of the problems I have had with members avoiding the security has been from younger aged members who would access the site. An example being a 14/15 year old a few weeks ago who decided it would be fun to see if they could use the site as a way to get "sucked off". I dislike that age has to be considered in applications, but I like that once you are a full member you have the same rights as everybody whether you are 14 or 40. A private forum with age restrictions would completely change that and would be a slap in the face for older members who we do trust on here.

[George]

Hmm. Is there a mod you can get for vBulletin which hides user data for guests? So they could browse the forum but not see usernames, avatars and whatnot..