Is it safe to share my MM5.DB?

Get help for different MediaMonkey 5 Addons.

Moderators: jiri, drakinite, Addon Administrators

GusFit
Posts: 4
Joined: Wed Aug 16, 2023 2:32 pm

Is it safe to share my MM5.DB?

Post by GusFit »

I've emailed a developer about helping test an unreleased addon, and they've requested me to send my database to help with setup and potential troubleshooting. Is there any personal or sensitive data tied to the database, or is this safe? I downloaded a database viewer and have been poking around but haven't found any issue so far.

Thanks in advance.
Peke
Posts: 17431
Joined: Tue Jun 10, 2003 7:21 pm
Location: Earth
Contact:

Re: Is it safe to share my MM5.DB?

Post by Peke »

Hi,
You are safe, DB shares are for our team eyes only as we do not share it to anyone and it is intended for helping you, while you can request deletion anytime.

Most (99%) of DB structure and data it contain can be found at this link https://www.mediamonkey.com/wiki/Databa ... ture_(MM4) and you can ask anything if you see something irregular or suspicious.
Best regards,
Peke
MediaMonkey Team lead QA/Tech Support guru
Admin of Free MediaMonkey addon Site HappyMonkeying
Image
Image
Image
How to attach PICTURE/SCREENSHOTS to forum posts
GusFit
Posts: 4
Joined: Wed Aug 16, 2023 2:32 pm

Re: Is it safe to share my MM5.DB?

Post by GusFit »

Thanks for the reply.

I should clarify this is a third party developer. Any data related to the media library is fine, I'm more worried if MM stores personal data (like every service seems to do these days).

Appreciate the link to those tables.
Barry4679
Posts: 2386
Joined: Fri Sep 11, 2009 8:07 am
Location: Australia
Contact:

Re: Is it safe to share my MM5.DB?

Post by Barry4679 »

GusFit wrote: Fri Sep 08, 2023 11:13 pm I should clarify this is a third party developer. Any data related to the media library is fine, I'm more worried if MM stores personal data (like every service seems to do these days).
I have sent my MM db to various people, and have received the MM dbs from many people.
I don't think that there is anything to worry about, but as I presume that I am the Developer that you are concerned about, you should get the following verified.

AFAIK if you want to authorise MM to access your account at a "service" (eg. Dropbox), it works as follows:
  • For each service that MM supports they have been issued a private key, which MM keeps secret
  • You try to sign into your "service" from within MM
  • They send their (MM) private key to the service, along with the account name that you have supplied
  • The service opens a Browser window asking for your password and for permission to allow MM to access your account ... MM never sees your password to your account
  • Once you have authenticated yourself and validated the access request, the service sends an access token to MM ... this token is specific to your account AND TO MM ... ie. can only be used for access if both the token and the MM private key are supplied
  • MM stores only the token to the MM db
If you were still concerned, you could sign out of the services, in MM, before sharing your database. This will invalidate the tokens. You would be issued new tokens when you signed back into services using MM, ie. after sharing the database

NB. I don't personally use MM to scrobble to my LFM account. I don't know how MM secures access your LFM account. Presumably it is something similar?

GusFit wrote: Fri Sep 08, 2023 11:13 pm Appreciate the link to those tables.

Code: Select all

select * from devices where handlerID = 'cloud'
Want a dark skin for MM5? This is the one that works best for me .. elegant, compact & clear.
Post Reply