Bitcointalk - About Privacy

[bitmover]

I was taking a look at the About Privacy session.

I am going to admit I almost never any privacy info from websites, but I was curious about this one.
I want to congratulate theymos for making it so clear and easy to understand.

It's possible to use bitcointalk.org without submitting any personal info. Use Tor + a throwaway email + a new pseudonym, etc. If you care about preventing personal information from being collected on bitcointalk.org, then preventing this collection is your responsibility.

This is very important, as we are responsible for what we do and say online.


What I didn't knew is how much information is collected by third party!

Second, our tech-related service providers necessarily have access to user data, and could collect/store data beyond what bitcointalk.org itself does. Example service providers may or may not include, and are not limited to: Amazon Web Services, Google Cloud Platform, Google ReCAPTCHA, Cloudflare, DigitalOcean, and Vultr.

and later on

Thing	Retention
Deleted posts and trust ratings, as well as their edit histories.	Kept on the live server for a couple of years; then probably kept indefinitely in backups.
Email addresses, including all past email addresses.	Indefinite

Those companies Amazon, Google, Cloudfare, etc have access to data that I do not even have, such as deleted posts, all past e-mail addresses, etc.
Are there any addons that could prevent this retention of data?

I didn't know that, and certainly I will be more careful about any information that I post here or anywhere online. We all should.

[Welsh]

This is why using browsers such as Tor browser is recommended. Whatever website you're visiting will have all sorts of third parties collecting information on you. This was the big debate on whether we should move to Cloudflare or use an alternative service. I believe theymos even considered running his own hardware, because at the time we were having some pretty bad DDOS attacks.

Registering for services with tor browser, and only connecting via the internet through a VPN that you're sure doesn't collect any logs is the only way to really prevent this. Other websites collect much more information including cookies, and other data which they use to fingerprint. Some websites even collect your resolution!

Just to be clear, your VPN/Tor access will still be logged.

[bob123]

Are there any addons that could prevent this retention of data?

No.

Any data you transmit to the bitcointalk.org server, can be stored.
There is no browser plugin which allows you to circumvent that.

Your only way would be to not send anything to the server.. so basically.. not using this forum.


Browser plugins only enhance the user experience on the client-side. They can't affect software on a 3rd party server (i mean.. they theoretically can by sending wrong headers etc.., but that won't help you in this case).

[Welsh]

Expanding on Bob123's point, extensions can also be used to identify, and create a fingerprint depending on what information the website you're visiting collects. Obviously, Bitcointalk isn't collecting this information, but its worth chucking that out there so you're aware of it. AFAIK Tor Browser only has No Script, and a HTTPS plugin.

[bernardos]

What exactly is considered a throwaway email? I am asking because there was some talk a few days ago about emails who expire and get registered a 2nd time and could lead to users having their bitcointalk password reset with the expired and re registered email.

[LoyceV]

What exactly is considered a throwaway email?

I'd say create a new email address that you only use here. It's best not to let it expire though, just keep it active.

I created a new email for this and other crypto websites years ago, I like to separate crypto from my other emails.

[theymos]

What exactly is considered a throwaway email? I am asking because there was some talk a few days ago about emails who expire and get registered a 2nd time and could lead to users having their bitcointalk password reset with the expired and re registered email.

Use https://cock.li/

[TryNinja]

Use https://cock.li/

cumallover.me
loves.dicksinmyan.us
horsefucker.org
[...]

Sounds nice.

[LoyceV]

Use https://cock.li/

cumallover.me
loves.dicksinmyan.us
horsefucker.org
[...]

Sounds nice.

That's a surprise coming from theymos

national.shitposting.agency sounds fun

[theymos]

BTW, email is a big privacy issue in general. It's too expensive (mainly time-wise) to create new email addresses, but if you use the same one, it creates tons of links. Ideally, you should use one email per service. I've had two ideas in this area:

First, you could create a simple email forwarding service like this:
 - Without registration (but maybe with a tiny fee via eg. Lightning), take a user's email address, generate a random key, and use the random key to encrypt the email address.
 - Also encrypt the email address with a server secret.
 - Give the user an email address of the form ENCRYPTED_EMAIL.DECRYPTION_KEY@asdf.com
 - When the service receives email at a forwarding address, it decrypts the email first using its server secret, and then using the provided decryption key. Then it forwards the email to the email address
 - To destroy forwarding addresses, users could provide the service with both their forwarding address and target address, and the service could then send a confirmation email.

This would be convenient, and it'd fix the problem of services being able to connect users across multiple sites through email-address reuse. But it trusts the forwarder not to log the per-email decryption keys or give up the server secret key. Though if multiple services like this existed, you could chain emails through them to increase security.

My second idea is:
 - The user would be using his own software (like eg. Thunderbird or perhaps prontonmail). From this software, the user could instantly create low-capacity throwaway accounts on the server. Each throwaway account could be (or behave similar to) a POP3 account with low capacity (eg. 50MB) and quick message expiration (eg. 60 days).
 - The client software would use Tor and careful polling to download all of the messages on its throwaway accounts without leaking to the server info about which accounts are connected. To improve anonymity and efficiency, you could perhaps use PIR, or the server could publish hourly/daily bloom filters meant to match email addresses which received mail in the time period. The client software would collect all of the messages into a single inbox for the end-user. Since it polls frequently, the client wouldn't have to worry about the low limits on the individual throwaways.
 - The server could anonymously require a small one-time for each throwaway account by using blinded bearer certificates.

With this, the server shouldn't ever be able to connect any of the accounts together. You could also send mail from the throwaways.

The main thing necessary for this second idea is a really smart email client meant to juggle many throwaways. You also need a cooperative server allowing quick account creation (like cock.li), ideally via an API.