Originally Posted by stewy

It's been brought to my attention that the security arrangements for the storage of personal data currently operated by this forum are thoroughly inadequate.

Specifically, the following security breaches have been identified...

- Member's email addresses are publically accessible
- The content of private messages is publically accessible
- Member's passwords are stored in a format (MD5 hash) that is now considered unsafe and vulnerable to hostile decryption.

I have investigated these claims independently and I can confirm that this is the case.

I'm also aware that in the current forum climate such claims, if made without evidence, will be taken with a pinch of salt or dismissed as troublemaking. In that spirit I offer up the following email addresses as proof of their availability...

stevectaylor = <email was here>
Midas = <email was here>
uncon =<email was here>
Opinionated = <email was here>
Greg-Lance Watkins = <email was here>
newspresenter = <email was here>

Disclosure: I am also a member of another, recently-created politics forum. Nevertheless the members of any forum have a right to know how their personal data is being stored, what safeguards are in place to protect it and the extent to which that information is accessible to others.

JAMC (who's normal account is now inoperable)

Tut tut

For pointing out a serious issue on this forum. It is being dealt with and I will keep you both informed.

There does seem to have been an issue with JAMC's account which involved email confirmation in some way, and when I know more, obviously I will contact JAMC direct.

Once again I am grateful for people who have put the forum community in general above their own interest. Steve is understandably busy ensuring that this cannot happen in future.

Oh yeah, as if JAMC was banned for not having email confirmation. Steve being a moron again.

Thanks for getting him back though.