Skip to main content


I see so much bafflegab about how Mastodon DMs are readable by admins, do people not think that's true of Discord and Meta?
I trust my fediverse admin *way* more than I trust some rando working for Discord or Facebook. Just sayin'.
the issue (i think) is more that servers are ran by individuals/a small group of people.
@Rosalinya :blobCatBounce::pleading_cat_collar: yeah, there's a perception that fedi admins are less trustworthy than tech bros, a very weird idea, but yes
@silverwizard @Rosalinya :blobCatBounce::pleading_cat_collar: I think it is actually a legitimate concern, at least for newbs who sign up to rando instance. If the 'verse becomes the leader in social media, like some people want, there likely will be Nigerian princes and other online scammers spinning up their own instances for various reasons. One of the many reasons I try to recommend people try to get their feet wet before getting "locked in" to a particular platform instance so they can make a better decision of where they actual trust the people (another reason to avoid the mastodon.socials of the 'verse, though I think its a fine place to start). Does that make sense?
Heck, it's an upsell feature in Slack, right?
@furicle @silverwizard I think I'm thankful I have no clue what you are talking about.
@Nick | OneThingWell.dev if you can explain how to make E2E keys work on a multidevice web client... I am all ears
@Nick | OneThingWell.dev but they have per-device preshared keys
if you drop your phone in the toilet and get a new one, all your old messages are gone and you're TOFUing new keys
@silverwizard the only reason anyone bats and eye, is because Mastodon acutally calls out the fact that its not. I think that is actually better than actually doing so as it leads to this conversation.
@Ji Fu yeah, exactly. By letting you make decisions it allows you to scare monger.

@unixroot buddy,

pal,

fellow traveler on this wet ball of gas and rock,

if I were upset, I would have expanded my blocklist without saying a word.

I am merely annoyed.

please attempt to comprehend the following:

popping out of the digital undergrowth unbidden and saying, effectively, "ah but you're incorrect and here's several reasons why" to strangers comes across as - at minimum - extremely rude and thoughtless.

@Nick | OneThingWell.dev so when I pop on to my work laptop I need to grab my zero knowledge backup creds and pull them from cold storage to read the message "Hey, can you grab cheese on your way home"?

@Nick | OneThingWell.dev I refuse to use the decrepit and broken Matrix protocol. I use XMPP+OMEMO quite regularely. I don't use proton mail, I do mail myself.

How do you backup keys? Do you just huck them on an unencrypted Samba share? Managing keys is a thorny issue, and I don't want to do that for low end and low importance messages. Threat modelling matters.

@silverwizard

I do mail myself.


why am I not surprised from a guy who's domain ends in .email have you tried Delta Chat? Its a modern e2ee instant messaging application handled via IMAP.

@Nick | OneThingWell.dev

but it's relatively convenient for people I'm interacting with.


how has this gone for you? Save getting my mom to swith to it to video chat with my daughters after Google shit the bed on the hangouts/duo/whatever-they-call-it-now transitions, the response I usually get form family& IRL friends is "why should I download a new app just to talk to you?"

@Nick | OneThingWell.dev @Alexis @silverwizard Is there a particular reason you see DMs as the one, as opposed to any other form of communication?

@Ji Fu I use Delta Chat quite heavily and love it!

And yes, people get annoyed when I tell them my email is [theircompany]@convenient.email ;)

@Nick | OneThingWell.dev @Alexis @silverwizard how do you define private? If I have a fedi post that I have set to visible only to friends, or only to people tagged, is that private? How about a XMPP group chat?
@Nick | OneThingWell.dev @Ji Fu @Alexis so you value accessibility that much less than confidentiality? You'd rather lose all your messages whenever you made a single error?

@Nick | OneThingWell.dev @Ji Fu Ok, so you don't want E2E encryption, you want... what? S2S? If you want S2S why the concern about DB dumps, since a DB dump will reveal the key?

For key management, I guess you need to do *more* key management, every single thing I work with has its own keyflow and backup strategy, and needing to do that for another things sucks, and is an onboarding burden for a new device, and why should that be default.

*Also* if you don't trust your admin, why would you trust your admin to do the encryption they said they would?

Fundamentally I am.unsure how your threat model works, and what the attacker model is, and how you balance it within the CIA Triad.

@Nick | OneThingWell.dev @Ji Fu well, optional means both sides need encryption to be turned on to get a benefit, so sure, but use signal

As for DB dumps not revealing keys, how do you envision them stored. Cryptography doesn't exist without key management, and it's *hard*. And thus network isn't designed for it, so LARPing crypto is way.more dangerous

@silverwizard I don't host my own, but I do have my own domain. I often get people thinking I'm backwards on my actual email when I tell them its [organization]@[myname].com
@Nick | OneThingWell.dev @Ji Fu I... don't understand the value of this really - right? This feels like it strongly values an attack by an ephemeral attacker? I guess?