See the entire conversation

fun way to monitor someone's IP address: 1. create a paid slack workspace 2. get them to join your slack 3. now you can see their IP address and device type in Slack's access logs as long as they're logged in and have the Slack webpage/app open
81 replies and sub-replies as of Mar 23 2018

by “open” i mean the app is running, even in the background. so it works even if someone logged into your slack and hasn’t looked at it in a while
Does that work with "Guest Access" to a paid workspace or do they have to be a paid user as well?
works with anyone in the workspace
Ummmm guess it's time to close all my pinned slacks
lol yup. i saw my IP address being logged several times a day for some that i hadn’t opened in weeks if you're an admin if you're a regular user and just want to see your own access log
I'm embarrassed to admit how many goes it took me to realise I had to replace foobar with my own slack workspace name. I blame this mysterious Dutch brown beer.
You could also setup an IRC or TeamSpeak server. They won't give you device details, but the software can be used for free, so it's something ...
the benefit of slack is that you can convince more non-technical users to sign up for it vs IRC
If collecting IP address and device details are the main goal, along with user-friendliness, wouldn't setting up a website with some logging suffice? I would say that's even more user-friendly. All they need to do is *click teh link*; no sign-up required.
but slack gives your their IP whenever it changes, no user interaction needed
Ah, I see now. How nice of them . . .
Thanks! I look at log, signed off, but didn't think to change settings while there (account worked but not admin). Is it possible to turn it off?
i don't think you can turn off ip logging
Is proxychains an option? I'm slack-illiterate.
Off topic but Twitter warned me this tweet contains offensive content 🤷🤦🤣…
Is proxychains an option? I'm slack-illiterate.
lol that's funny
Slack works fine over Tor 😏
honestly, do YOU use slack with Tor?
Depends on the slack...but yeah.
Yup. Infosec sucks like that sometimes, but if you’re going to be secure then that’s what you gotta do.
Does slack have any P2P elements? I remember when Skype could (may still) disclose IP addresses of those you're chatting with. You can use your local firewall like @littlesnitch to ascertain probable IP addresses
Semi related: slack will show your slack subdomain in the referrer if you click a link to a 3rd party from within slack
you can turn it off in this admin setting
Ok, but isn’t that as shocking as “slack can see all your messages” and “slack admins can see your ‘private’ messages”? Or: Mozilla knows where you are, b/c Firefox calls home every 30min. (Chrome/Google, too, of course.)
it's more surprising because (in my experience) people aren't aware that they're sending IP several times an hour to whoever is admining a slack (lots of randos) versus just employees of Slack
in addition to the Slack run by my employer, i've been invited to Slacks admin'ed by random people for conferences, hackerspaces, living groups, art projects, etc.
Yeah, I suppose one issue is the muddling of an enterprise solution (where this is expected) with the random community setup.
This is the daily reminder that the cloud is just someone else’s computer.
Somebody else's dumpster fire, as 2018 is turning out. Though the more we know,the better in the long run. I hope a lot more comes out and some privacy-abusing companies go down hard
You don’t join other slacks. Simple as that. Infosec sucks like that sometimes.
Is. Slack the only app that harvests ip addresses? So no other apps do this?
Yeah exactly, why admins would need that at the end? Really thanks a lot for sharing
Mozilla does not keep any records about your location.
There is no privacy.
wait is “slack admins can see your ‘private’ messages” real or an example
it’s real but you have to submit a request for access
To Slack or the user?
to Slack
yeah knowing someone's IP is as plain as knowing what their phone number is when they call you
the logs of every website have the IPs of every user, and the server admin can see them
slack gives you more persistent access since people usually close tabs but not slack. i was able to get random people’s IP addresses several times an hour months after they had last looked at my slack.
which meant i could see when they were on home wifi and when/where they were traveling over the course of months without any user interaction :)
so this is actually more like running an IRC server than running a website
Wait a sec, people willingly join a slack servers?
Anyone with a rinky dink website can see the IP address of their visitor in the back end ops, no? So use a VPN.
I had a similar issue where a supposed “IT security professional” from a swiss bank who shall remain unnamed was “afraid to give me his ip address” to assist me in debugging why he couldn’t register to our sip sbc. Looked it up in [some other chat application]… ah well… 🤷‍♂️
So I assume that if you have the client installed on your phone it continually updates your IP
s/:\)/:\(/g Everything is terrible then
it’s all websockets if you have burp open while slacking it will open your eyes to how often it is pinging back.
Wtf kind of crazy language is this!? Gettin' old I guess.
I feel like this would be on a quiz in a women's magazine, and if you didn't understand, it would mean you are officially old.
i don't fully get the reference but it still made me chuckle
This is a thing that burned a real community I was in (ingress, for the record). Records were cross referenced to find a mole from the other team
Dang, this sounds interesting. Can you share anything more?
Is this for paid slack instances only? There's likely a way to tell if a slack you're in is a paid instance.
yeah only paid slack admins get ip logs
Slack is full of security holes. I'm surprised it's taken off with businesses to the degree it has.
Definitely makes me want to speed up the move of all my slack chats to use the weechat slack plugin (already have irc and other comms on an openbsd box that is not at home).
deletes all iphone apps...realizes apple is still tracking me...smashes phone 📱
Indeed. You can also right click on the persons nickname in ICQ and select details to see their IP Address as well. ;)
I dropped slack a while ago. But not for this reason (unaware). But thanks.
See, this is exactly why I route different apps through different ssh proxies.
nah man ... that's just cause you're paranoid ... 😉❤️
I’m not even sure it’s possible to be paranoid, in the true sense of the word, in relation to online privacy at this point.
touché mon ami, touché
👍👍👍👍goedemorgen. Goed weekend 😊
oh jees.. it's time to purify slack my channels