Yes, and I hope that remains the case although I think Bugzilla (the software) needs to go further and dispense with visible email addresses entirely.

However regarding b.m.o., the new warning doesn't differentiate between authenticated and non-authenticated users.

Being the uber cynic that I am, one way of resolving the information security issues that have plagued b.m.o. since it's inception would be to not bother protecting emails at all and just rely on this warning text... ie. putting the onus on the end user.