This is the time to start thinking about the long-term sustainability and governance of the new, bigger Mastodon, says Alek Tarkowski.
The King
link
fedilink
5
edit-2
2Y

> As new users set up their accounts and start using Mastodon, they realize that some things work differently than on Twitter … DMs are complicated, and there are concerns about their security.

Isn’t the security model for Mastodon DMs the same as Twitter?

@theking @fediverse DMs aren’t encrypted. They’re basically just posts with a very small audience. Your instance admins can see them, and anyone mentioned in them can see them.

Afaik DMs on Twitter are also not encrypted, so moderators or other employees can view them. So the number of people who can view your DMs on Twitter is probably much higher (hundreds of employees) compared to Mastodon (a couple of server admins).

If, on Mastodon, you make a DM between you and someone else, then you @ a third user in that DM, then the third user becomes able to see that DM. At least that’s what I heard a few weeks ago.

This is because DMs are, regrettably, just normal posts with default visibility of two people. If you @ more people, then they gain visibility into the DM.

The King
link
fedilink
32Y

@pizza_is_yum
Hmm, okay yeah I could see that being surprising to people who don’t know about it.
@fediverse

Yeah, both have the exact same unexisting security model.

@SrEstegosaurio @theking I hope I live to see the day where end-to-end encryption for DMs is considered the bare minimum

Same…

arky
link
fedilink
22Y

@theking Not really. A DM between users on different servers is exposed to multiple instance operators. @fediverse

Its exposed to the admins of instances where the involved users are registered. For example if @sally@mastodon.social sends a dm to @nelly@example.com, only the admins of mastodon.social and example.com can access it.

The King
link
fedilink
42Y

@arkiuat
So like the same as email or SMS?
@fediverse

arky
link
fedilink
22Y

@theking I‘ve only just begun to study the detailed ActivityPub spec, and I haven’t read the DM part yet. @fediverse

arky
link
fedilink
1
edit-2
2Y

deleted by creator

arky
link
fedilink
1
edit-2
2Y

deleted by creator

The King
link
fedilink
2
edit-2
2Y

deleted by creator

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of “federation” and “universe”.

Getting started on Fediverse;

  • 0 users online
  • 1 user / day
  • 15 users / week
  • 80 users / month
  • 352 users / 6 months
  • 1 subscriber
  • 999 Posts
  • 13.4K Comments
  • Modlog