I'm seeing a few new people cautiously say things like "let's enjoy this place before the bad people get here" and I just want to say:

Don't worry! They're already here! But thanks to the heroic work of your instance moderators and admins, you will never see them. And if they do show up then your mods will get rid of them: unlike Twitter, the reporting functions here are reviewed by real people who don't care about turning a profit, and instead focus on enforcing community guidelines

@melissasage (and followers) please ask your admins if they would sell out for large sums of money that people in power might offer them. After all the network of all instance admins could be the most frightening IT cell deployed and employed with minimum hassle.
I'm being sarcastic because most admins are the nicest hosts across the fediverse but hey! servers need money to run and optionally upgrade for smooth operations. 😀

@dpreacher hah! i mean, I'm sure the Five Eyes are watching somehow.

More seriously, it's a good thing to note that nothing on Mastodon is encrypted, not even DMs. Your admin can theoretically read them, so it's important to be on a server where you trust the admin.

@melissasage i don't recall that about DMs but to your point, I'll add that in case you need to DM a lot, be the admin or join an instance whose admin you might as well know personally or join an instance with so many users, it's a insurmountable task to find and read your DMs unless they are focussed solely on you.

@dpreacher i mean, you can just look it up in Postgres. There isn't a UI for it, but anyone with database access can access any of the information on any instance

@melissasage @dpreacher shouldn’t DMs be encrypted for privacy’s sake atleast ? maybe it’s part of the roadmap ?


@Fx86 @melissasage @dpreacher Or may be it is better to integrate something like Keybase. Why re-invent the wheel?

@sakivwarla @Fx86 @dpreacher Keybase is already integrated for identity verification, but like I said, integrating encryption without breaking federation is a hard problem.

If you have the technical knowhow or a hunch on how it could be done, you can open an issue on the ActivityPub repo: github.com/w3c/activitypub/

@melissasage @sakivwarla @Fx86 the second para is necessary to tell that even if I don't agree about encryption of DMs, if anyone got ideas or skills to bring in encryption knowing how varied the content on ActivityPub servers can be, they should contribute.
There's no guarantee or evidence that birdsite encrypts their DMs, so what do we compare it to? Messaging apps? Why

Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!