Re: Request: Add forum policy re Personal Messages, which are NOT private messages
⭐ Merited by mprep (2)
Great! I hope Theymos will publish the PMs of Satoshi now... 
That will not happen next year (2021) as originally considered,* but maybe after a few more decades.
(I have further thoughts on that; but the discussion is off-topic for this high-traffic, highly watched thread about forum rules.)
* I merited that post two years agofor reason of the information that Satoshi always used Tor, not due to the prospective release of Satoshis PMs. I have frequently quoted it in argument against people who have have a negative impression of Tor users.
Potentially relevant to how Personal Messages may be mentioned in the rules list:
Based on the theymos statements that I quoted, I think of the administrations policy as roughly analogous to a one-party consent rule for disclosure of PMs.
I find it admirable that the forums administration has a reasonable policy to prevent overt fishing expeditions that may seek to coerce disclosure of PMs with consent of none of the involved parties...
https://bitcointalk.org/privacy.php
Quote
Bitcointalk.org is in US jurisdiction, and is subject to US subpoenas, wiretap orders, preservation orders (which would negate the above retention rules), and similar. Furthermore, our service providers could also be subject to similar orders without our knowledge. Note that we consider PMs to require a warrant in order to be released.
...although that is a quite limited protection, when every PM passes in cleartext through Cloudflare each and every time it is previewed, sent, or viewed. What it really means in practice is that police (obviously police, because nobody would ever try to steal an official identity) cant grab your PMs simply by e-mailing or faxing an official-looking request. If the forums administration requires a warrant, I also infer that that means they will at least seek to quash civil subpoenas for PMs.
Although that is always important for protecting metadata (which is in many ways even more revealing than content), it is less of a concern for people who use cryptoI mean, who really use crypto:
Quote from: The ⚠ WARNING ⚠ that you see adjacent to the Send message button, each and every time you send a PMare you blind, people!?
Note: PM privacy is not guaranteed. ⚠ Encrypt sensitive messages. ⚠
Quote from: nullius (DRAFT of a long-intended post on this subject)
Because I am sick and tired of this:
PM = Personal Message, not Private Message.
Compare "private interview" to "personal interview" or "private locker" to "personal locker". Something private isn't expected to be made public, but something personal is only owned by or associated with a single person, not necessarily with a strong guarantee of privacy.
I really don't believe in willingly putting a man-in-the-middle in your HTTPS like this, [
]
I especially dislike Cloudflare, which I'm almost certain is basically owned by US intelligence agencies. [...]
The security implications are that Cloudflare can read everything you send to or receive from the server, including your cleartext password and any PMs you send or look at.
I especially dislike Cloudflare, which I'm almost certain is basically owned by US intelligence agencies. [...]
The security implications are that Cloudflare can read everything you send to or receive from the server, including your cleartext password and any PMs you send or look at.
Thank you, theymos, for honestly disclosing and discussing the facts about Cloudflare.
Oh, no! Cloudflare now knows Grandmas secret cookie recipe!
