i saw a toot about it elsewhere but i can’t find it so: basically don’t trust mastodon for things you want to stay Actually Private. instance admins can read DMs, and instance admins can read the private posts of anyone their users follow. this is sort of inherent to the current architecture. and for all twitter’s sins, i trust the admins to not leak random people’s DMs more than i trust every instance admin ever.


Yeah, I was talking about this on Twitter, how you have to completely trust your instance admin to not read, mess with, or completely drop the ball with your posts.

Even if you run your own instance, hope you don't get hacked, you don't screw up an upgrade, or even just get bored with the whole thing and decide to stop paying for it

@BestGirlGrace oh, that’s where i saw it! yeah, that’s always the downside of smaller communities like these.

Why can't every site be run by an infallible sysadmin who pays for everything forever and shares my exact politics?

@BestGirlGrace @hierarchon I dunno, it's been working pretty well for me on WTDWTF and this Mastodon instance so far...

@ben @BestGirlGrace @hierarchon That's one of the main reasons I decided to host my own instance. It doesn't actually solve the DM issue though when messaging to other instances. A nice alternative might be GPG though.

@ben @hierarchon @aldude999 Yeah, though if you're going to do that, you might as well use something with real privacy guarantees.

@BestGirlGrace @ben @hierarchon Yeah, I don't really expect privacy from a social media site, but it's nice to be aware of the data going in and out of a server since I have physical control of it.

@aldude999 @BestGirlGrace @hierarchon I don't think any of the privacy issues with GPG apply when you're sending a message to a person who is addressed in cleartext.

@aldude999 @BestGirlGrace @hierarchon yeah, but what I'm saying is the metadata in the GPG message wouldn't be anything more than what's already visible in the ActivityPub wrapper.

@aldude999 @BestGirlGrace @hierarchon speaking of GPG, it'd be nice to have a way to sign another user's account in ActivityPub as either "this person is me" or "I trust this person is who they say they are"

@ben @BestGirlGrace @hierarchon Web of Trust in the fediverse would actually be really sweet. Someone could transfer their account to another instance and as long as they still had their GPG key, it would show up that you still trust that person. I would want it generated and stored off-site though and I'm not sure how that would work.

@aldude999 @BestGirlGrace @hierarchon Mastodon accounts already have RSA keys associated with them, so maybe it'd be some form of signing that key with an existing offline GPG key?

Sign in to participate in the conversation
Princess Grace's Space Base Place

Don't let the name fool you. All the pornography here is legal, and much of it is hand-written. No fascists, no bigots.