Update to Steem tip #3: Do NOT send encrypted messages from any other apps than Steemit.com!
About two weeks ago I wrote a guide in the "Steem tips" series where I shared information about how to send encrypted messages in the memo field on transactions. This has been working pretty fine, but I recently learned about a huge problem with this; it only works if you send from Steemit.com.
Basically the memo will not be encrypted if you use the # from another Steem app such as Busy.org, so I urge everyone to not send any sensitive information with the method from another app.
Keep in mind that I have not tested every single app - maybe some of the lesser known ones have a functional encryption?
Testing it out
I did a few transactions from busy to verify the information, and as you can see below the messages are not encrypted. Both messages were sent from http://busy.org, and I was not logged into any account on either of the screenshots below.
Steemit
Busy.org
You are fine if you sent from Steemit
Luckily Steemit encrypts the messages before sending them, so it's not like you can read the secret messages by going to busy.org. As you can see, my older encrypted transactions are still hidden on busy.org:
Thanks to @rizzopablo
@rizzopablo was the one who told me about it in the comment section of the old post, so thanks to him for warning me, and thus be able to warn you guys! Please head over to the comment and give him an upvote for his effort in raising awareness on this big problem!
I just hope no one sent any secret stuff that were not properly encrypted because of my lack of research..
I actually did not know that!!! Thx a lot for this lecture @Valth
You're welcome! Luckily most people use Steemit.com to send transactions, so it does not seem like many people got into trouble by unsuccessful encryptions.
Glad to help! Anyway, it would be great if other apps implemented the encripted memos too, I hope they will! Regards!
Yeah, I hope so as well. It would suck if someone shared sensitive/secret information by mistake by using Busy.org for sending it..
Hehe I didn't even know we could send encrypted messages but this can be a really useful tool. Thanks for testing it so we don't have to :)
I'm glad this update made you aware of the encryption in the first place, @wanderingdanish :) It's a pretty useful tool, that for some reason is largely unknown by the community.
I think it was a good plan and useful to test the limits of the blockchain @valth. This is how discoveries are made. I can see an application of scientific method and deductive reasoning. You found a way to encrypt a message on Steemit. You applied it to another site using Steem and found that it didn't work. This is a discovery... and you are humble enough to announce to people who used it that it does not encrypt on all blockchain applications. I love your logic.
sir this is the information for me because I didn't know before that if we
to send a message in encrypted form, then we have to use # before the message. fine right now I'm not using busy.org I'm using the only steemit.com. but this is so helpful for me Thanks a lot sir.
sir please make a post on Sp delegation. how to delegate sp to someone and how to undelegate it back
I'm glad you learned something new from this post then, @xawi :)
A delegation "guide" is in the works, and coming hopefully soon ;)
Thanks for the warning my friend:)you saved many from the privacy trouble...
You're welcome :)
Special thanks to @rizzopablo for pointing out the issues and thanks @valth for transferring knowledge with valth wonderful community. Thanks for sharing @valth
You're welcome! I figured it was really important to post this before anyone made a mistake and reveled sensitive information for all to see.
It is so nice of you that you give utmost care and importannce to your followers. Thanks. Keep sharing @valth
Steemit is enhancing day by day and we dont need any other app to send encrypted messages.
Well, I for one believe that it would be great if the other Steem apps also added support for encrypting memos. Some people can share potentially secret information by mistake this way..