@chr terrible idea: PGP-encrypted mastodon messages

@chr if privacy is an concern, consider an OTR encryption or PGP over any messaging platform.

@chr If privacy is a concern, I would suggest looking into protocols like Matrix https://matrix.org/blog/home/

@chr I think a problem with the "find admins you trust" thing to new users is:

It assumes they have the social network of some degree in the fediverse already. But if they're new.. They probably don't know any admins, or people who know them well.

If yr not swimming in the fediverse social pools already, it's a trust-fall w/ strangers you don't know, based on their non-private posts, the CoC & random users' feedback you can scratch together asking around.

@chr actually, it's a bit worse than centralized media, because the DM content is stored in at least two (or more, if your DMs have more recipients) databases: your instance database, and the recipient instance's database.

Here again, the parallel with email is pretty good: when you send an email, you have a copy, as well as your recipient.

@chr More importantly remember to use the proper tools for each purpose.

Mastodon and activitypub were designed as a federated publication platform, not a communication system (these use cases are very difficult to reconcile), and thus lack some of the essentials of a proper communication tool, including end to end encryption.

Other tools are better suited for distributed/federated communication, including email, XMPP/Jabber, Matrix, or even Ring and some others.

@chr it's also possible for other instances to get access to private messages due to how the federation stuff works. mastodon is great but don't use it for anything that needs to stay private!

@chr @sajan for the best privacy, visit your friends, share the info and drink a beer! Use more beer if the message must be deleted/forgotten afterwards 😄

lol that isn’t true of other social media and other systems for DMs had been suggested for months here that were already supported by the h spec by the time the mentioned-only privacy level masto passes off as DMs rolled out.