mastodon privacy 

since this is coming up again, i feel it's important to stress the following facts about privacy on mastodon:

- DMs are stored in plaintext in the database
- yes, this means admins can access them
- it also means they will be accessible if your instance DB is leaked

- however: this is the same as the situation on any other mainstream social media site
- at the end of the day you should make sure you trust your admins

- ultimately: don't use mastodon for privacy-critical messages

mastodon privacy 

@chr terrible idea: PGP-encrypted mastodon messages

mastodon privacy 

@Felthry believe me, it's been suggested before :P i believe gargron is reluctant to implement encrypted DMs because it's sometimes valuable for admins to see DMs in reports vis a vis targetted harassment, etc

mastodon privacy 

@chr well I meant it more as putting the whole PGP stuff in the message itself like how it's used for email

this is a terrible idea because even just a PGP signature is extremely long, more than 500 characters probably

mastodon privacy, sarcasm 

@Felthry @chr just embed a screenshot of the PGP signature

@chr if privacy is an concern, consider an OTR encryption or PGP over any messaging platform.

@chr If privacy is a concern, I would suggest looking into protocols like Matrix

mastodon privacy 

@chr I think a problem with the "find admins you trust" thing to new users is:

It assumes they have the social network of some degree in the fediverse already. But if they're new.. They probably don't know any admins, or people who know them well.

If yr not swimming in the fediverse social pools already, it's a trust-fall w/ strangers you don't know, based on their non-private posts, the CoC & random users' feedback you can scratch together asking around.

mastodon privacy 

@chr actually, it's a bit worse than centralized media, because the DM content is stored in at least two (or more, if your DMs have more recipients) databases: your instance database, and the recipient instance's database.

Here again, the parallel with email is pretty good: when you send an email, you have a copy, as well as your recipient.

@chr More importantly remember to use the proper tools for each purpose.

Mastodon and activitypub were designed as a federated publication platform, not a communication system (these use cases are very difficult to reconcile), and thus lack some of the essentials of a proper communication tool, including end to end encryption.

Other tools are better suited for distributed/federated communication, including email, XMPP/Jabber, Matrix, or even Ring and some others.

@chr I guess my main message is: #mastodon (or any activitypub/fediverse service) is not especially bad at privacy. As a publication tool it is even pretty good at #privacy because your connection, search, and consultation data will only be stored by your instance.

It is indeed bad at properly securing your private communication, but hey! It was not meant for having private communications in the first place.

@chr it's also possible for other instances to get access to private messages due to how the federation stuff works. mastodon is great but don't use it for anything that needs to stay private!

mastodon privacy 

@chr @sajan for the best privacy, visit your friends, share the info and drink a beer! Use more beer if the message must be deleted/forgotten afterwards 😄

mastodon privacy 

@WandelStock @chr you know, that last bit is distressingly accurate

lol that isn’t true of other social media and other systems for DMs had been suggested for months here that were already supported by the h spec by the time the mentioned-only privacy level masto passes off as DMs rolled out.
Sign in to participate in the conversation

cybrespace: the social hub of the information superhighway jack in to the mastodon fediverse today and surf the dataflow through our cybrepunk, slightly glitchy web portal support us on patreon or liberapay!