Subj : Re: SSH on BBSes
To   : echicken
From : boraxman
Date : Mon Apr 04 2022 22:32:20

 ec> That's not so much privacy as it is a barrier to entry: must have
 ec> computer and modem. Unless the sysop went to pains to scrutinize new
 ec> users, pretty much anyone could come along and do whatever they wanted
 ec> with what they saw there.  Was it private in practice? Sure, probably.
 ec> In theory? No.
 ec> 

Correct, the effect was the same.  If I posted a message to a friend on Paranoimia BBS, or even engaged in thread, it wasn't the same as tweeting it to the world.

We have to understand privacy is not a binary, it is continuum.  There is less private and more private spaces.  Being on live TV is not private, but one can be in public having a conversation, which is still in public, but it is only accessible to those in earshot.

 ec> It changes a great deal. The barrier to entry has been obliterated.
 ec> Connectedness has increased. Why would anyone assume that the BBS is
 ec> *less* networked and discoverable today than in decades past?
 ec> 

Not less networked, sure, but lets say that data is being captured by a three letter agency (it is), then they can only get a subset of that data, not encrypted communications.  Lets say that data is being trawled on the web (it is), then it is not available if not accessible by http.

There are different degrees of privacy, even on the Internet.  We've never really cared, but I think the time when we can just not care has ended.  The time where we could just disregard how our information is stored and transmitted has ended.

That is not to see people should not engage in public discussion, but that we should have awareness of how public our discussion is, and where it ends up.

 ec> Those steps are easy, especially with Synchronet. Some sysops may put
 ec> their website online without pausing to consider message bases and
 ec> privacy. Their thought process might end at "play door games from the
 ec> browser".
 ec> 
 ec> It's not safe to assume privacy on some random BBS or message network. I
 ec> have little sympathy for anyone who posts a message to a forum on the
 ec> internet, without specific guarantee of privacy, in 2022, and later
 ec> learns to their dismay that it turns up in a web search.
 ec> 
 ec>  bo> That is my point of contention, or should that be, soreness, that sys

Perhaps I am biased because I have young children, and I'm worried about them inadvertently broadcasting information about themselves.  They need to be able to make their own choices regarding whether they want to make information about themselves to the world public or not, and if they are smart, they will want to limit this.

But no one can make that informed choice, a choice they have every right to make, if the site or service they are at doesn't make it clear, and provide some guarantee.  

We just accept this, but it is not something I consider acceptable, not anymore.

That is not to say a sysop cannot choose to enable web access, thereby making the discussion world visible, but they have an obligation to users to make it clear to users from the start, that this is what they are doing.

Simply accessing the BBS by TCP/IP can NOT be taken as an understanding the discussion is totally public.

 ec> It's not safe to assume privacy on a message network. It assumes too
 ec> much about the motivations and values of other sysops and users. For
 ec> everyone who thinks this stuff should be private, there's another who
 ec> thinks that it should be searchable and free.
 ec> 

That is fine, but one should not have to "assume".  They should now so they can make an informed choice, and post with knowledge.

 ec> You can set up a BBS and lock it down to keep stuff off the public web,
 ec> and you're reasonably assured of "privacy". It's unlikely that any user
 ec> or bot is going to start leaking stuff (but they could).
 ec> 
 ec> You can set up a message net and make it a rule that things be locked
 ec> down and kept "private", and then try to police that. Maybe you'll have
 ec> some success, but it's less assured.
 ec> 
 ec> Beyond that, on message networks without specific rules or mechanisms in
 ec> place to keep things private? It's incorrect to expect privacy in such a
 ec> forum.   
 ec> ---  

This is something I wanted to do, and that I may end up doing.  Being a member of the 'net will require accepting an agreement about how data is handled.

This kind of thing is common place now. I'm realising now how far behind the times that BBS users are!

--- Mystic BBS v1.12 A47 2021/12/24 (Linux/64)
 * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)

.