Conversation

Notices

1. Embed this notice
   Matt Blaze (mattblaze@federate.social)'s status on Sunday, 26-Nov-2023 12:58:58 JST Matt Blaze

   I will admit I still don't understand what's so offensive about my pointing out the unsafe, confusing semantics of the Mastodon PM mechanism, or why this topic seems to provoke so much anger.

   Basically, I have learned nothing from your yelling.

   • Embed this notice
     Evan Prodromou (evan@cosocial.ca)'s status on Sunday, 26-Nov-2023 12:58:57 JST Evan Prodromou

     in reply to

     @mattblaze I would say since ActivityPub activities travel over HTTPS, PMs are encrypted on the wire but not at rest.

     So your main danger is from your server admin and your correspondent's server admin. If you both run your own servers, or you use a server from someone you trust, like your family or your employer (maybe), it's probably less of an issue.

     I think they're about as private as email without PGP.

   • Embed this notice
     Evan Prodromou (evan@cosocial.ca)'s status on Sunday, 26-Nov-2023 13:02:22 JST Evan Prodromou

     in reply to

     @mattblaze that said, I'd very much like us to have a mechanism for turning on E2EE if people want it. I talked a bit about it in this blog post:

     https://evanp.me/2023/05/19/end-to-end-encrypted-messages-over-activitypub/

   • Embed this notice
     James M. (jamesmarshall@sfba.social)'s status on Sunday, 26-Nov-2023 13:17:48 JST James M.

     in reply to

     • Evan Prodromou

     @evan @mattblaze somehow I missed this blog post when you wrote it. Glad to know you're thinking about it. I'm very interested in making the fediverse more secure for users, including e2ee messages. With support for e2ee *group* messages, support for private posts could be added, and lots more people would feel safe coming here.

   • Embed this notice
     Evan Prodromou (evan@cosocial.ca)'s status on Sunday, 26-Nov-2023 13:17:48 JST Evan Prodromou

     in reply to

     • James M.

     @jamesmarshall @mattblaze there are a lot of problems with using the same mechanism for private posts, unfortunately, but it's not impossible.

   • Embed this notice
     James M. (jamesmarshall@sfba.social)'s status on Sunday, 26-Nov-2023 13:37:50 JST James M.

     in reply to

     • Evan Prodromou

     @evan hmm. I need to dig in more to AP extensions.

   • Embed this notice
     Evan Prodromou (evan@cosocial.ca)'s status on Sunday, 26-Nov-2023 13:37:50 JST Evan Prodromou

     in reply to

     • James M.

     @jamesmarshall the big problem is that the server is responsible for distributing to followers. You could do it on the client by loading or caching the followers list and encrypting it to each one from the client, but that'd just murder your client if you have 10K or 100K or 1M followers.

   • Embed this notice
     Matt Blaze (mattblaze@federate.social)'s status on Sunday, 26-Nov-2023 16:40:38 JST Matt Blaze

     in reply to

     It's sometimes difficult to remember that communications platforms, including social media platforms like this one, attract a very wide variety of users with a wide range of circumstances. The same systems we might use only for trivial chitchat are likely also being used by political dissidents, labor organizers, and others for whom mistakes can have very serious consequences.

     Making social media platforms reliably usable is important, even if it might not seem so to us personally.

   • Embed this notice
     Matt Blaze (mattblaze@federate.social)'s status on Sunday, 26-Nov-2023 16:40:39 JST Matt Blaze

     in reply to

     Anyway, while I don't understand why this pisses some people off so much, or why they take my critique of the Mastodon PM semantics so personally, it's now very clear that it does piss some people off quite a bit.

     But I'm not going to let that stop me. I'm an expert on security and privacy. And my job is, in large part, to act as a public intellectual. Warning people of dangerous designs that could cause them harm is what I do. If doing so makes me an asshole, so be it.

     GreenSkyOverMe (Monika) repeated this.
   • Embed this notice
     Evan Prodromou (evan@cosocial.ca)'s status on Monday, 27-Nov-2023 02:22:26 JST Evan Prodromou

     in reply to

     • Thomas Lee ✅ :patreon:

     @DoctorDNS @mattblaze yes.

     https://evanp.me/2023/05/19/end-to-end-encrypted-messages-over-activitypub/

   • Embed this notice
     Thomas Lee ✅ :patreon: (doctordns@masto.ai)'s status on Monday, 27-Nov-2023 02:22:27 JST Thomas Lee ✅ :patreon:

     in reply to

     • Evan Prodromou

     @evan @mattblaze I wonder if anyone is considering popping encryption of PMs within Mastodon?