Another friendly reminder:
Mastodon is awesome, but mastodon isn't an appropriate tool if you want private communications. DMs aren't actually private, they can be seen by instance admins and maybe by other people, it isn't at all secure.
Mastodon and GNU social aren't made for private conversations, if you want to have a private conversation there are many tools that are appropriate for that.
I suggest Tox, but Cryptocat and XMPP with OTR are also good. There are others but I have used those
@jz I have not used that, I switched to Tox which has been awesome so far. I will try to look into it.
@inmysocks so how is Tox? Stopped following the development some time ago even though we tried introducing it in our org. It was not quite ready yet, and while I love the idea, we had to drop it.
@inmysocks An easy and very secure option: Wire (wire.com) Works on multiple devices, end-to-end encryption everywhere. And unlike Signal, you can use it without a cell phone #.
@inmysocks I learn so much stuff from you. Please keep throwing info at me.
And coffee...
@Menura74 I don't know where you are, unless you are very close I don't think I could throw coffee that far.
@inmysocks My timezone is: CET+2 (daylight savings), so I hope can throw well.
And no you are not shouting in the void. I hear every thing you say.
@Menura74 Also thanks! It is nice to know that I am not just shouting into the void.
@inmysocks There's a lot of blank spoace in the left column under the toot entry box.
Maybe there should be a warning that "Not to be used for private communication. DM's aren't private."
@unorigmoniker I like this idea.
@inmysocks @unorigmoniker Or "DM's are private but not secret."
@gamehawk @inmysocks Ooh! That's good. Concise. To the point. I like that.
Tsatnosk
@inmysocks @unorigmoniker @gamehawk or (a tiny bit) more poeticly: "DMs are only as private as a paper envelope".
@zatnosk @inmysocks @gamehawk I think you mean postcard, no?
@unorigmoniker @gamehawk @zatnosk for a dm it isn't immediately obvious what it says, there has to be some action to read it. @-mentions would be more like a post-card.
@inmysocks @zatnosk @gamehawk Yes, but, since a DM can be read by any node admin, they're more akin to Email and a postcard (since your letter carrier can read your postcards).
@inmysocks @gamehawk @unorigmoniker As a node admin I still have to open the database (paper envelope) and find the message or use a special tool (letter opener) to easily open it. That's why I said envelope.
It's only private as long as anyone who handles it doesn't choose to open up and look.
Also, if I sent a DM to my friend, only the admin(s) of his instance (or mine = me) actually have the message in database. Google doesn't get to read.
@zatnosk @inmysocks @gamehawk Users are rliant upon the honesty of the node admins. I think it provides a false sense of security to claim DMs are any more secure than a postcard to be honest.
@inmysocks @gamehawk @unorigmoniker how is "a letter made of paper in the admins hands" a too safe metaphor? Any privacy based on that is purely based on trusting everyone who handles the letter.
Also, unless you actually build a tool for it, it's not trivial to find and read any given message - yes, it's not encrypted, but it still takes some effort, unlike holding a postcard?
Sorry if I'm being an ass about it, but I like the letter metaphor.
@zatnosk @inmysocks @gamehawk You and I might just have to agree to disagree on this one salient point.
Letters are sealed in envelopes that can't legally be opened except by the recipient or under court order.
A postcard has its contents visible to everyone that handles the piece whether or not someone chooses to read the contents or not.
I've been a sysadmin since 1994 and before that a BBS sysop and now an InfoSec pro since 1999 to know what a letter and a postcard is.
@inmysocks @gamehawk @unorigmoniker sure, let's just disagree. But the just because letters are illegal to open, doesn't make them more secure - you just *trust* the other party to not break a promise / the law.
@zatnosk @inmysocks @gamehawk Postal Service Inspectors are nobody to mess with. They will fuck you up. If there's one thing that's taken very seriously it's the sanctity and security of our mail.
@inmysocks @jz is it really in the decentralisation concept DNA anyway?
@gregoiremarty @jz you can have privacy and security in a decentralised system, and in a federated one. It is just that the social aspect of mastodon and gnu social was created without much thought for the privacy aspects.
@inmysocks @jz what I meant is that, in terms of ideas, is including DMs really thinking forward the decentralization concept (to its top scale)?
I see decentralization more like something that challenge us to disconnect from the one-app-only standard to a multi-apps/platforms use.
@inmysocks (and, before someone jerks at the knee: twitter has the same issue, it's just harder to tell who has access exactly)
@inmysocks
I suggest XMPP + OMEMO as the stare of the art encryption technology (wich is also used by cryptocat).
OMEMO doesn't require to be online and if multiple clients are online, messages are send to all, and all messages are still end to end encrypted.
Tox is cool for it's p2p approach, but on the other hand, you're required to be online, when another one sends you a message.
@allilengyi when I am wearing my tin foil hat than I have to say that the trade off is using a server to store the messages for XMPP, which can lead to problems with traffic analysis.
But that is only when I am being a tinfoil hat wearing paranoid person.
@inmysocks
Thx for the warning
:pineapple:
toot :elephant:
#Mastodon #privacy #questions
@inmysocks thx just downloaded antox to my droid
Telegram (the app, not the 19th century version of SMS), is also quite good for easy, encrypted chats.
@ChristianD @inmysocks Wire and Signal are my preferred apps.
@ChristianD telegram is supposed to be mostly good, the only complaint I have is that it uses a server you don't control, unlike Tox. But that is the only downside to it and that doesn't matter in most cases so I am just being unreasonably picky.
@inmysocks
I actually really like that they use server so that you can sync between all your devices. It does cause some privacy/security terms, though :/
@inmysocks XMPP with OMEMO is probably your best choice if you want a fully open and federated system right now. Matrix is up and coming, but e2e is still in beta. Signal is good if you don't care about Federation or multi-device and you want to give your phone number to everyone you talk to.
And pretty much everything leaks metadata, at least of the kind "you talked to your server at this time, and your server talked to this other server at this time". Maybe tox doesn't?
@jfm yeah, that is actually the big selling point of Tox for me, it has some very interesting technological solutions for the initial connections and then after that only your ISP has a way to listen and there are things that are in place to make that hard too.
@inmysocks I will have to read up on it.
@inmysocks Finally looked into tox. I don't like what I see, but my opinions have low epistemic value.
@jfm is there something specific you dislike about it?
@inmysocks OK.
1. Manually exchanging public keys on order to contact people.
2. Pure p2p, which I don't like on mobile devices. Also implies no multi-device support, which is important to me.
3. Development community doesn't inspire the trust (subjective).
@jfm Fair enough. I am not personally involved with the development, I was just interested in what people like or don't like. My thoughts quick thoughts: 1 - this isn't really different than your id on other platforms is it? 2 - This is actually one of the biggest draws for me, I guess we want different things. 3 - I will have to look closer at this, I haven't looked at the dev community much.
@inmysocks As to 1, 56A1ADE4B65B86BCD51CC73E2CD4E542179F47959FE3E0E21B4B0ACDADE51855D34D34D37CB5 is a much less wieldy id than myname@xmppserver.org or @username:matrixserver.org.
For 2, yeah, I guess we want different things. I want to be able to continue the same conversations on my phone, tablet, and desktop. This works great on XMPP with OMEMO, okay on matrix (will be great someday), poorly on Signal, and not at all on tox.
3 is just an impression from HN threads.
@inmysocks How about Keybase.io and saltpack messages?
@wishx they aren't bad services, they are good for ensuring identity and preventing eavesdropping, I am not sure how they are about metadata, I haven't looked at it much.
I dislike having to use someone elses server so I have been avoiding keybase.io
@inmysocks use Signal if you trust the other person with your phone number
@inmysocks I'd also throw in Signal (if you're on mobile) and keybase.io (if you want mobile and some other handy features).
I haven't looked at Tox in quite some time. Is it still progressing?
@inmysocks
XMPP with OMEMO is the future! OTR should be thrown away and we shall all go OMEMO! It now has plugins in most OSes/clients...
<3 OMEMO (= the same type of crytographic ratchet used in Signal)