this post was submitted on 05 Jul 2023
11 points (100.0% liked)

Fediverse

18 readers
1 users here now

This magazine is dedicated to discussions on the federated social networking ecosystem, which includes decentralized and open-source social media platforms. Whether you are a user, developer, or simply interested in the concept of decentralized social media, this is the place for you. Here you can share your knowledge, ask questions, and engage in discussions on topics such as the benefits and challenges of decentralized social media, new and existing federated platforms, and more. From the latest developments and trends to ethical considerations and the future of federated social media, this category covers a wide range of topics related to the Fediverse.

founded 2 years ago
 

ActivityPub, the protocol that powers the fediverse (including Mastodon – same caveats as the first two times, will be used interchangeably, deal with it) is not private. It is not even semi-private. It is a completely public medium and absolutely nothing posted on it, including direct messages, can be seen as even remotely secure. Worse, anything you post on Mastodon is, once sent, for all intents and purposes completely irrevocable. To function, the network relies upon the good faith participation of thousands of independently owned and operated servers, but a bad actor simply has to behave not in good faith and there is absolutely no mechanism to stop them or to get around this. Worse, whatever legal protections are in place around personal data are either non-applicable or would be stunningly hard to enforce.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 10 points 1 year ago (1 children)

Huh funny how a direct message is not a private message, almost like they’re even called completely different things.

Everything is public here, some stupid Euro anti-user ideals on privacy aren’t the be all and end all .

Things put in public are public. There is no privacy concern because there has never any privacy, nor will there ever be any privacy to be concerned about in a non-private platform such as this.

[–] [email protected] 7 points 1 year ago (2 children)

@Deceptichum

@Bloonface @TiffyBelle

What do they call “private messages” on Twitter? What do you think DMs means on social media? Drivate Messages?

[–] [email protected] 2 points 1 year ago (1 children)

Does Twitter have private messages? I'd have assumed they have access to everything you've posted.

IMs, PMs, and DMs are all pretty different things.

[–] [email protected] 3 points 1 year ago

@Deceptichum

Yes. DMs on Twitter are Direct Messages and are supposed to be private messages send to someone else that no one else can see (except server admins, et al, as we are talking about here). If you send a DM to someone on Twitter or whatever social media (they use DMs to mean private messages on Instagram as well) it’s not on the public feed, no one can search it. Like having a text message conversation

[–] [email protected] 1 points 1 year ago

"Direct Message" and "Private Message" indeed mean different things. In practice, because both involve messaging one individual user, a good deal of people (including myself) still expect them to be functionally the same. Part of this functionality we expect is that there is an attempt to make these messages less visible and easy to access than the reply I just sent to you right now. This expectation is validated on Twitter:

Direct Messages are the private side of Twitter. You can use Direct Messages to have private conversations with people about Tweets and other content.

on Instagram:

Instagram DMs are an in-app messaging feature that allow you to share and privately exchange text, photos, Reels, and posts with one or more people.

by Cambridge Dictionary:

a private message sent on a social media website, that only the person it is sent to can see

and by the fact that if you go on anyone's profile, you can see post history, comment history, and boosts, but not a list of who they tried to send an individual message to or what those messages were. I believe that more technical people could retrieve such messages, that the messages are not totally secure, but to my layman eyes, I do still expect that there was at least an attempt to make these messages private.