I'm seeing a few new people cautiously say things like "let's enjoy this place before the bad people get here" and I just want to say:

Don't worry! They're already here! But thanks to the heroic work of your instance moderators and admins, you will never see them. And if they do show up then your mods will get rid of them: unlike Twitter, the reporting functions here are reviewed by real people who don't care about turning a profit, and instead focus on enforcing community guidelines

@melissasage (and followers) please ask your admins if they would sell out for large sums of money that people in power might offer them. After all the network of all instance admins could be the most frightening IT cell deployed and employed with minimum hassle.
I'm being sarcastic because most admins are the nicest hosts across the fediverse but hey! servers need money to run and optionally upgrade for smooth operations. 😀


@dpreacher hah! i mean, I'm sure the Five Eyes are watching somehow.

More seriously, it's a good thing to note that nothing on Mastodon is encrypted, not even DMs. Your admin can theoretically read them, so it's important to be on a server where you trust the admin.

@melissasage i don't recall that about DMs but to your point, I'll add that in case you need to DM a lot, be the admin or join an instance whose admin you might as well know personally or join an instance with so many users, it's a insurmountable task to find and read your DMs unless they are focussed solely on you.

@dpreacher i mean, you can just look it up in Postgres. There isn't a UI for it, but anyone with database access can access any of the information on any instance

@melissasage is that true for instances that outsource the heavy lifting of actual server configuration and provisioning to services like masto.host?

@dpreacher iirc on masto.host, the third party is whoever owns masto.host- idk off the top of my head- but in that case instance admins can't see DMs at all, since there isn't a UI for it.

but, Mastodon has to run on a computer somewhere, and so anyone who can run a Postgres shell on that computer can look into the database, since there is no encryption on Mastodon toots.

@melissasage personally i like the transparency and unless there is zero knowledge encryption, I wouldn't want any kind of hiding or locking of any kind. I guess I have the irc generation mindset. I hope most of us find our own safe spaces to express our true selves as happily as possible without getting into DMs unless say it is to admins (in the sad case that you feel threatened or unsafe).

@melissasage @dpreacher shouldn’t DMs be encrypted for privacy’s sake atleast ? maybe it’s part of the roadmap ?

@Fx86 @dpreacher as far as I know, I believe encryption is being discussed for the ActivityPub protocol (the protocol that lets different Mastodon instances talk to each other and other open source social media like Pleroma, Peertube, Pixelfed etc.), but finding a way to implement encryption that doesn't also break federation isn't trivial.

@melissasage @Fx86 @dpreacher Encryption has long been the bane of the current system, it's a constant privacy topic for certain. Everyone has different ideas about what that solution should look like. Further, the new influx I'm certain will bring some talented people with experience on the subject to the project with new ideas on how to approach that problem.

But for now, trust in your server administrator is basically critical, and most admins with users beyond themselves take that very seriously, especially if they want to keep those users. It would get around rather fast if they violated that trust, and probably find their instance being blocked across the fedi...

@Fx86 @melissasage @dpreacher Or may be it is better to integrate something like Keybase. Why re-invent the wheel?

@sakivwarla @Fx86 @dpreacher Keybase is already integrated for identity verification, but like I said, integrating encryption without breaking federation is a hard problem.

If you have the technical knowhow or a hunch on how it could be done, you can open an issue on the ActivityPub repo: github.com/w3c/activitypub/

@melissasage @sakivwarla @Fx86 the second para is necessary to tell that even if I don't agree about encryption of DMs, if anyone got ideas or skills to bring in encryption knowing how varied the content on ActivityPub servers can be, they should contribute.
There's no guarantee or evidence that birdsite encrypts their DMs, so what do we compare it to? Messaging apps? Why

@Fx86 that's subjective or rather a choice. I would not use fediverse for anything critically confidential. I'd usually use DMs as literally "Direct Messages" which means I want to specifically converse with a person (or more) and it won't make sense to rest of my followers or fediverse. Like branching out from a public discussion into discussing specific instance of the current topic relevant to just one or few people. Even the admin has no frontend tool. @melissasage

@dpreacher @melissasage I’d rather have that choice as a checkbox in my settings. Why should it be available (unless shared) to anyone else, including the admin.

Sign in to participate in the conversation
Radical Town

A cool and chill place for cool and chill people.