i saw a toot about it elsewhere but i can’t find it so: basically don’t trust mastodon for things you want to stay Actually Private. instance admins can read DMs, and instance admins can read the private posts of anyone their users follow. this is sort of inherent to the current architecture. and for all twitter’s sins, i trust the admins to not leak random people’s DMs more than i trust every instance admin ever.
Yeah, I was talking about this on Twitter, how you have to completely trust your instance admin to not read, mess with, or completely drop the ball with your posts.
@BestGirlGrace oh, that’s where i saw it! yeah, that’s always the downside of smaller communities like these.
Why can't every site be run by an infallible sysadmin who pays for everything forever and shares my exact politics?
Even if you run your own instance, hope you don't get hacked, you don't screw up an upgrade, or even just get bored with the whole thing and decide to stop paying for it
@mediumvillain not really, no. there aren’t any on twitter, but I trust Twitter enough to come down like a sack of hammers on any admin dumb enough to read messages (and there’s safety in numbers there).
@hierarchon Warning heeded, but I think it’s pretty likely twitter engineers look into people’s accounts for kicks too. Seems unlikely it’s encrypted.
@iamskye I can’t speak for Twitter, but at the company I used to work at this sort of data was encrypted and locked down, with monitoring for manual access.
@hierarchon That would make sense in terms of reputation considering all the celeb accounts on Twitter, I just don’t trust them to do anything ethical. Have there been any incidents regarding large/established instance admins leaking DMs?
@hierarchon That’s good, if this continues growing the importance of selecting an instance and the reputation of instances will probably be much better understood
I remember a while back that some users figured out a way to encrypt DM's but I can't remember the process.
@imkwazy Storing the keys server-side doesn't help anything, and storing them client-side means you need some way to do key exchange and distribution and stuff, which is a Hard problem.
@hierarchon yeah this is an unfortunate consequence of federated systems.
It's easier to be anonymous in a large crowd. I don't expect that any engineer at goog is interested in my emails specifically. And in large corps there are safeguards against illicit access.
But in an instance of a federated system, you are one of few users (relatively speaking) and there is just one admin and they have root access.
It's fine for public social networks, but for private stuff... 🙅♂️
the mastodon instance at cybre.space is retired
see the end-of-life plan for details: https://cybre.space/~chr/cybre-space-eol