@ericbuijs We have to be very careful about setting privacy expectations: there is no #privacy in the #ActivityPub protocol/#mastodon/the #fediverse.
mastodon.ar.al/web/@aral/10925…
ar.al🌻 (@aral@mastodon.ar.al)
Dear #TwitterMigration folks, an important tip on #privacy on the fediverse: There is none. This is a public medium; please treat it as such.Aral’s Mastodon
mray
in reply to Aral Balkan • • •Eric Buijs
in reply to Aral Balkan • • •Friday Ortiz
in reply to Aral Balkan • • •Carey Lening
in reply to Aral Balkan • • •but there can be if folks start to think about this collectively and understand how the laws may apply.
github.com/clening/MastodonPri…
GitHub - clening/MastodonPrivacyGuide: A guide on data protection obligations, challenges & pitfalls for Mastodon Users & Instance Admins
GitHubMackaj
in reply to Aral Balkan • • •mathew 🦜☕
in reply to Aral Balkan • • •Aral Balkan
in reply to mathew 🦜☕ • • •mathew 🦜☕
in reply to Aral Balkan • • •Aral Balkan
in reply to mathew 🦜☕ • • •@mathew But we’re talking about end-to-end encryption and private messaging. Removing the ability for people to communicate privately wouldn’t do anything to stop bad actors, it would just make private communication illegal. And guess who are great at doing illegal things… that’s right, bad actors :)
What it would also do, of course, is allow corporations and governments to further skew the power dynamic in their favour and, eventually, to erode the very concept of personhood.
mathew 🦜☕
in reply to Aral Balkan • • •I have no problem with end-to-end encrypted messaging for 1-on-1 communication, or 1-to-small-group.
Where it becomes problematic is if you imagine K*w*farms or 8k*n, but decentralized enough to be unstoppable, and with everything encrypted so that nobody would know what was going on until it was far too late.
I think people building social networks need to put more effort into making sure they're not building or enabling a more effective K*w*farms.
Linux in a Bit 🐧
in reply to Aral Balkan • • •At least with Mastodon you know exactly who can.
Hi @omnipotens
Aral Balkan
in reply to Linux in a Bit 🐧 • • •ar.al🌻 (@aral@mastodon.ar.al)
Aral’s MastodonMichael Brazda
in reply to Linux in a Bit 🐧 • • •I don't think anyone cares enough to go through the work of digging through DB to read DMs lol honestly not even sure it is possible never looked. @architect is the only one who's ever touched the dB on lr to repair records.
Aral Balkan
in reply to Michael Brazda • • •Michael Brazda
in reply to Aral Balkan • • •@Linux_in_a_Bit @architect
Fair enough the comment was mostly in jest as the point was it would be a pain in the rear just to read someone's DMs.
As for security it is taken pretty seriously from physical access to software. Including using clevis and tang with tpm on the host.
If someone were to break into the data center and take the server even they would not have access to the data.
Terry Hancock
in reply to Aral Balkan • • •It is really just as secure as DMs on Twitter or Facebook. Which is to say: not really secure at all.
The question is: is it safer to trust a random assortment of admins with overheard info, or corporations who exist to aggregate and sell your data?
"Safe as a Pub" is probably about right.
Perhaps it will call attention to end-to-end encrypted chat methods, though.