Here’s one post about it. I’m not one for direct messaging on social media personally. And on centralized services it’s true that your direct messages can be seen by employees if they’re sufficiently motivated or by court order, hacks, that sort of thing. But on mastodon both the administrator of your instance and the admins of the instances of the people you’re messaging can see your direct messages. Since an instance can be set up quickly by just one person, there’s higher likelihood of access. That person may have no qualms about accessing private info, they may have insufficient resources for proper security, or to fight legal efforts to access information. A large company will in theory have more concern about reputational risk if it’s uncovered they’ve accessed private information than some individuals will. I know many people running instances take great pride and care in what they do, but that’s not always true.
Setting an instance is easy, but actually getting a significant amount of users is much more difficult. And as admin you can only see the private messages of your local users, no one else. So if you are not talking about illegal stuff the risk is negligible. And if you are, use a real messenger application or better yet avoid all computers.
Do you have a source you could share about admins only seeing the private messages of local users? That’s not my understanding.
Take a look at this post or this one . They say that the admins of both the sending and receiving instance could decide to read your direct messages.
Privacy isn’t just for illegal acts. (And plenty of laws are unjust) You’re right that for truly sensitive communication it’s better to choose a tool dedicated for that purpose. It can still be beneficial to add encrypted communication to direct messages.
Yes that is what I mean, admins can only see private messages that their own local users are either sending or receiving. Not from users on other instances.
I agree that privacy is important, but most admins probably couldnt care less what their users are writing in private messages. And there is a tradeoff between implementing end-to-end encryption, or implementing other features that may be more important.
Well, I mean, there is a lack of privacy. That’s kind of how the platform exists architecturally. I just don’t find that to be a problem, per se. It’s a social platform, which makes sense to me for everything on the protocol to be “open” to one degree or another. Not everything has to be securitymaxxed.
The fact that everything you write, upload or otherwise do (boost, upvote, downvote, etc.) is never private in any way or at any point, on any platform using the ActivityPub protocol, including Mastodon, along with every other platform or service that’s a part of the Fediverse, such as Lemmy or Piefed. Everything is out in the open, able to be seen by third parties.
This is by design, and it’s what enables federation to take place between a multitude of servers aka. instances. So it’s a trade off.
But properly implemented encryption could help to mitigate this to some degree. I think think most things won’t meaningfully benefit from being encrypted, since most things on these platforms are meant to be publicly visible in the first place - such as this conversation you and I are having now. But it would certainly be nice to be able to have direct messages that are also for sure private messages. And I can imagine a couple of other things where encryption could also be meaningfully applied, to some extent.
Private messages are completely private, you as normal user can never see someone elses private message. The only ones who can theoretically read private messages from other users are instance admins. Exactly the same on Reddit or Twitter by the way. But if any admin actually does that, people would quickly spread the word and leave that instance.
End-to-end encryption does add some extra security in that admins also cannot read other users private messages. I dont think that people really send very sensitive information through Lemmy private messages, it is better to use an actual messenger application for that.
As I said here, both the admin of the sending and receiving instances are able to view direct messages. If DMs are encrypted that’s no longer a concern, which is why in my comment starting this thread I said this news was good.
What? By whom? How?
E: why am I being downvoted for asking a question?
Here’s one post about it. I’m not one for direct messaging on social media personally. And on centralized services it’s true that your direct messages can be seen by employees if they’re sufficiently motivated or by court order, hacks, that sort of thing. But on mastodon both the administrator of your instance and the admins of the instances of the people you’re messaging can see your direct messages. Since an instance can be set up quickly by just one person, there’s higher likelihood of access. That person may have no qualms about accessing private info, they may have insufficient resources for proper security, or to fight legal efforts to access information. A large company will in theory have more concern about reputational risk if it’s uncovered they’ve accessed private information than some individuals will. I know many people running instances take great pride and care in what they do, but that’s not always true.
Setting an instance is easy, but actually getting a significant amount of users is much more difficult. And as admin you can only see the private messages of your local users, no one else. So if you are not talking about illegal stuff the risk is negligible. And if you are, use a real messenger application or better yet avoid all computers.
Do you have a source you could share about admins only seeing the private messages of local users? That’s not my understanding.
Take a look at this post or this one . They say that the admins of both the sending and receiving instance could decide to read your direct messages.
Privacy isn’t just for illegal acts. (And plenty of laws are unjust) You’re right that for truly sensitive communication it’s better to choose a tool dedicated for that purpose. It can still be beneficial to add encrypted communication to direct messages.
Yes that is what I mean, admins can only see private messages that their own local users are either sending or receiving. Not from users on other instances.
I agree that privacy is important, but most admins probably couldnt care less what their users are writing in private messages. And there is a tradeoff between implementing end-to-end encryption, or implementing other features that may be more important.
Well, I mean, there is a lack of privacy. That’s kind of how the platform exists architecturally. I just don’t find that to be a problem, per se. It’s a social platform, which makes sense to me for everything on the protocol to be “open” to one degree or another. Not everything has to be securitymaxxed.
I agree with you. It’s a social platform. Most people might think it’s a nice feature, but I don’t think E2EE is an urge.
What lack of privacy are you referring to?
The fact that everything you write, upload or otherwise do (boost, upvote, downvote, etc.) is never private in any way or at any point, on any platform using the ActivityPub protocol, including Mastodon, along with every other platform or service that’s a part of the Fediverse, such as Lemmy or Piefed. Everything is out in the open, able to be seen by third parties.
This is by design, and it’s what enables federation to take place between a multitude of servers aka. instances. So it’s a trade off.
But properly implemented encryption could help to mitigate this to some degree. I think think most things won’t meaningfully benefit from being encrypted, since most things on these platforms are meant to be publicly visible in the first place - such as this conversation you and I are having now. But it would certainly be nice to be able to have direct messages that are also for sure private messages. And I can imagine a couple of other things where encryption could also be meaningfully applied, to some extent.
Private messages are completely private, you as normal user can never see someone elses private message. The only ones who can theoretically read private messages from other users are instance admins. Exactly the same on Reddit or Twitter by the way. But if any admin actually does that, people would quickly spread the word and leave that instance.
End-to-end encryption does add some extra security in that admins also cannot read other users private messages. I dont think that people really send very sensitive information through Lemmy private messages, it is better to use an actual messenger application for that.
I don’t think you can claim there’s a “lack of privacy” when things that are intended to be public…are made public.
Direct messages aren’t intended to be public
…they aren’t public.
As I said here, both the admin of the sending and receiving instances are able to view direct messages. If DMs are encrypted that’s no longer a concern, which is why in my comment starting this thread I said this news was good.