i saw a toot about it elsewhere but i can’t find it so: basically don’t trust mastodon for things you want to stay Actually Private. instance admins can read DMs, and instance admins can read the private posts of anyone their users follow. this is sort of inherent to the current architecture. and for all twitter’s sins, i trust the admins to not leak random people’s DMs more than i trust every instance admin ever.
@hierarchon Why not encrypt that shit?
@imkwazy Storing the keys server-side doesn't help anything, and storing them client-side means you need some way to do key exchange and distribution and stuff, which is a Hard problem.
