mastodon.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
The original server operated by the Mastodon gGmbH non-profit

Administered by:

Server stats:

380K
active users

Adi Robertson

Encrypted messaging might feel like an “extreme” conception of privacy until you consider the vast number of things we once did in surveillance-resistant private settings that now routinely take place online. It’s like complaining people are allowed to buy homes without hidden microphones because they might plan crimes in them.

@thedextriarchy *sigh* Tired of NYT terrible takes. First, many of the users adopting Signal and (even WhatsApp at one point *gross*) was because of the point of having or the promise to have end to end encryption in a trust less way. Second, it is not the fault of Signal that a “wire tap” (outdated term, and was originally for voice communications) doesn’t provide full OS access to read the decrypted content on the client side. This is an argument for creating security holes and risks through the manufacturers themselves. Third, Privacy is a right, nothing to hide is a piss poor narrative that was pushed aggressively to the point of gaslighting the typical American to justify the invasion the Patriot Act brought.

We can’t continue to call for transparency from our governments yet still think it’s okay to allow them to secretly acquire/invade their citizen’s data/privacy.

They have warrants that can be achieved to clone phones or receive physical access. Biometrics aren’t protected, pins/passcodes are, complaining that people exercise their rights is not the correct take. Never was. Never will be.

@thedextriarchy Surprising that Mastodon doesn’t offer E2E for DMs.

@anthony I saw (on Twitter, ha) that it’s on the features roadmap, but I imagine there’s a lot going on right now.

@anthony @thedextriarchy it's complicated, Mastodon needs to work on the web and that makes key management very very hard.

@thedextriarchy In the 2000s, I tried to get my freelance clients to let me deliver all documents to them through secure FTP or at least as passworded email attachments (I would give them the passwords by phone). They hated it and I eventually had to stop hammering them about data security, but it was uncomfortable for me, coming from an IT job where I had managed servers.

@linguacaps @thedextriarchy still fighting the fight of getting reasonably normal people to accept "password protected file, password delivered by a separate channel" here, it's amazing how many fundamentally don't get it and do things like sending the password in the same email as the password-protected attachment.

[OnTopic] FWIW, I think it's appropriate for govs to freak out about secure E2E being something normal people can get off the shelf, it's just not OK for them to pass that anxiety onto us. I remember that iconic Olivier line "try acting dear boy", and I find myself wanting to say the same re fieldwork and proper intelligence prioritisation, instead of grepping everyone's private business.

@thedextriarchy @linguacaps
I just read here yesterday, “Security at the expense of Usability comes at the expense of Security.”

@linguacaps @thedextriarchy Having also worked in infosec, when I volunteered for the 2016 Bernie campaign and came upon all these staffers and volunteers just passing around passwords will-nilly for all the computers with access to all information.

@thedextriarchy Or like banning curtains, or criminalizing closing them.

@thedextriarchy Is end to end being discussed? Or just endpoint?

@thedextriarchy I'm constantly planning crimes in my unbugged house

@thedextriarchy If you've got a virtual assistant in your house the microphone is already there!

@thedextriarchy I get this philosophically but would love to read a vision of how law enforcement happens in an e2e world. Is it just on-device surveillance? It's been hard to see past the noise from folks claiming there is no such thing as legitimate surveillance.

@krave
They get a warrant from a judge to seize and examine devices, or in some cases they may get a warrant from a judge to place spyware on a device.
@thedextriarchy

@krave @thedextriarchy it happens like it did before electronics. Seizing physical documents, infiltration, targeted surveillance.

@thedextriarchy Or how about regulating the sale of paper and pens because you might write something down and have it in your home, or hand it to a friend to take to their home, and then you or they might decide to burn or otherwise destroy it, and nobody will ever be able to know what it said! Maybe it was bad...

@thedextriarchy
Nobody needs to argue against buying homes without hidden microphones because we constantly carry a microphone around with us and willingly install them in our houses ourselves

"Hey Alexa, how many of my smart devices have a microphone?"

@thedextriarchy facial recognition and lisence plate reading is the norm now

@thedextriarchy the only people who think it's "extreme" are spooks, snoops, and gossips. Treat them appropriately.

@thedextriarchy Saying there must be a microphone in every house is like something Bezos would do...oh, wait a minute

@thedextriarchy I dunno, 45 MHz cordless phones were a thing.

@thedextriarchy
SZelf-revealed: I plopped down the money for paid #protonmail in part to support them and in part so my multiple accounts are on the edge of a TOS viol anyway. They know that and that I know they know that and they are nice enough not to lock those accounts but it seems wise to pay it forward.

@thedextriarchy with HTTPS finally essentially seeing complete adoption as a defacto standard, its really inexcusable for people not to comprehend why comms ought to have similar if not superior protections.

we hand out credit card numbers and the last four of our SSN over the phone for “account security,” thinking nothing of it. that channel is weakly protected at best and usually breakable.

doesn’t make any sense to me how the existence of a small percentage of bad actors can convince so many people that their personal security is worth giving up. i gotta imagine they’re just brainpoisoned by politics enough to not let these realities sink in.