Enter discipleship

anyway dipshit reply guys notwithstanding, periodic reminder and psa that

1 - fedi is just a bunch of postgres databases with a friendly clown interface on them and anything you post is copied to hundreds of them! this is cool and fine and "federation" but it is not private at ALL! there is zero encryption!

2 - as such yes any DM can be found in said database if an instance admin on one of the instances involved in the DM goes pawing through their database. DMs can also be reported by a participant. this is true of any service, incl twitter, facebook, etc because for those messages to be sent they need to... exist, in a database.

this is no cause for alarm, i guarantee you twitter and facebook alone do MUCH more nefarious things with the DMs they regularly read and comb through, and i can at least speak for myself that ive never had the implication to go pawing through my instance's database to read PMs because like, ugh why thats gross lmao.

but, just never expect privacy on a platform that doesn't provide it, is all. the point of fedi is to publish, not to keep secrets.

@anna This is a great reminder.

It also makes me realize I haven't seen many of the privacy nutters here. On twitter they were like pests.

@anna
This needs to be repeated at a regular interval. Thanks for summarising it succinctly.

@anna what a peculiar way you dwell on this issue. you are telling me I should start to care? then things are worse than you let on, for I've read this without any worries, but in the end I am faced with quite a beefy warning in terms of word count.

@anna

Also worth noting that both the instances involved in the current conflict are on Masto Host, and as far as I know, instance admins on that host do not have direct database access.

@ben ben me pointing this out is literally what started my involvement here :blobcatglaredrink:

@anna I was not including you in "the two instances"

@anna

Should have a way to use gpg eventually I think. That can would be nice, but I guess that's why things like signal already exist.

@curufuin yeah its brought up occasionally, i think the main concern is it giving too much expectation of privacy?

@anna

Well, I think that the whole idea of DM's is that there is an expectation that the content of that message is seen by one other person. I think there should be functionality to ensure that, but I understand that it's not a first priority here. I think you could still report messages sent that way via screenshot if something inappropriate happens, so there isn't much good reason not to eventually go that route.

@curufuin yeah its not off the table but there's more than a few hurdles to it

@anna @curufuin the way to have perfectly secure DMs is to use them to exchange Signal info

@anna @curufuin oh I see you mentioned signal one post further up

@anna yep.. the old adage applies.. think before you act! BB

@anna really good reminder - for this platform and really any other - don't assume encryption or any iota of privacy... otherwise you're gonna have a bad tiiiiime

Sign in to participate in the conversation
witches.live

A witchy space for most any face! Whether a witch or a witch-respecter, join the coven that is free of fash, TERFs, feds, and bigots