i saw a toot about it elsewhere but i can’t find it so: basically don’t trust mastodon for things you want to stay Actually Private. instance admins can read DMs, and instance admins can read the private posts of anyone their users follow. this is sort of inherent to the current architecture. and for all twitter’s sins, i trust the admins to not leak random people’s DMs more than i trust every instance admin ever.
@hierarchon
Yeah, I was talking about this on Twitter, how you have to completely trust your instance admin to not read, mess with, or completely drop the ball with your posts.
@BestGirlGrace oh, that’s where i saw it! yeah, that’s always the downside of smaller communities like these.
@BestGirlGrace @hierarchon I dunno, it's been working pretty well for me on WTDWTF and this Mastodon instance so far...
@ben @BestGirlGrace @hierarchon That's one of the main reasons I decided to host my own instance. It doesn't actually solve the DM issue though when messaging to other instances. A nice alternative might be GPG though.
@ben @hierarchon @aldude999 Yeah, though if you're going to do that, you might as well use something with real privacy guarantees.
@BestGirlGrace @ben @hierarchon Yeah, I don't really expect privacy from a social media site, but it's nice to be aware of the data going in and out of a server since I have physical control of it.
@aldude999 @BestGirlGrace @hierarchon I don't think any of the privacy issues with GPG apply when you're sending a message to a person who is addressed in cleartext.
@ben @BestGirlGrace @hierarchon Content is safe, metadata definitely not.
Ah, as relevant now as it was then. I'm a prophet. #GraceTour
@hierarchon
Why can't every site be run by an infallible sysadmin who pays for everything forever and shares my exact politics?