Privacy implications of MyBB imported name = email minus domain


(Dan Dascalescu) #1

The email address of a Discourse user is sensitive enough that it’s not shown by default, and the act of an Admin seeing it is logged.

When importing users (at least using the MyBB importer), the user’s name is derived from their email address. Since a lot of users use a small set of popular email providers (Gmail, Yahoo! etc.), this has the effect of leaking the user’s email, not just to the admin or other forum users, but to anyone on the Internet:

(Sam Saffron) #2

Yeah, importers should be a bit smarter here, does mybb have no concept of Name or Username at all?

(Dan Dascalescu) #3

MyBB does have usernames, but a full name would have to be a custom field added by the admin. My forum does happen to have that field, but the MyBB importer doesn’t do much when importing users - e.g. avatars or optional user fields aren’t imported.

(Sam Saffron) #4

well the “no brainer” change here is to derive name from username instead of email.

(Dan Dascalescu) #5

@codinghorror: saw your changing my post title and adding “MyBB”. Indeed I’ve only tested MyBB imports, but from what I see in the user import code for MyBB and Vanilla (for example), neither sets explicitly the user’s name.

Is it possible that more importers than just the MyBB one create the user’s name from the email, because an underlying Discourse function does that?

(Jeff Atwood) #6

Unless you have specific data that it does, let’s be specific to what is known.