Conversation

so, it’s been documented that random engineers at Twitter would open the Great Big Dashboard and flip through private messages of people they know, right?

i’m confident the same is true of Facebook and Instagram, even if it’s not documented (or that i haven’t heard of it

even outside of those services, it’s also been documented that random NSA agents will open their version of the Great Big Dashboard and flip through private messages of people they know, aggregated across the services they have taps for

similarly, the reason that every healthcare professional in the US won’t discuss private details over email is that email is a fundamentally insecure medium. there is no protection for messages in transit or at rest, where “at rest” includes your phone if you’re using the default Mail app on iOS

so over here, when people trot out the old canard that “fedi admins can read the DMs to/from people on their server”, i kinda get annoyed because /that’s not new/. at least here there’s no Great Big Dashboard to pull them out - you need to manually trawl through the database tables to pull posts out

the only secure medium to exchange electronic messages is encrypted email, or end-to-end encrypted messaging platforms like Signal, WhatsApp, or iMessage. full stop.