Quote from: tree on June 16, 2013, 06:22 pmQuote from: Xennek on June 16, 2013, 05:59 pmWhy don't more people encrypt or at least privnote their addresses? Is there absolutely anything stopping LEAs/ "good" guys running a compromised exit node from reading your order list and adding all of the addresses to a watch list? Seems like an easy way to get nabbed to me.Why would you think that privnote is safer than using the address field? Your address is automatically deleted from SR's servers too so why use a third party to do that for you? Privnote could keep a copy of all its messages for all we know.Privnote actually was -- at least at the time that I looked at it -- just as safe as PGP. Though I didn't go over it line by line or anything; still, the only real problem with it is that the code to encrypt stuff is downloaded on-the-fly from the server, and there's no guarantee that it hasn't changed since someone last looked at it.By design, there will never be a guarantee that the code you download to encrypt the message wasn't changed the moment prior to you downloading it. That's why it isn't secure, but to my knowledge it's the only reason.