Instance admins could also intercept your login and password and pretend to be you, btw. You always have to trust the sysadmins at some point.

@jpwarren i don’t mind trusting the admins of my instance but not all the other ones - i don’t think it’s going to work

@firstdogonthemoon @jpwarren That is definitely a good point. How did you feel when you found out that Facebook sold/sells off user information?

@firstdogonthemoon @jpwarren it's a matter of trust. If you don't trust that the admins of the person you are dming are going to behave then don't dm.

It's the same trust model as email.

@purserj @firstdogonthemoon Exactly. Unless you encrypt everything end-to-end (such as with Signal) the admins could read it. If this is important to you, Mastodon isn't the only system you need to rethink. Email, SMS, DNS, all things metadata…

Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!