Conversation

Notices

1. Embed this notice
   Blacklight447 (blacklight447@mastodon.social)'s status on Wednesday, 16-Apr-2025 02:35:44 JST Blacklight447

   The lastest release of Privacy Guides is now live!

   One of the biggest changes are the following:

   * We added SecureBlue, a hardened linux distribution based on Fedora Silverblue.

   * The removal of Canary mail, as we do not like their latest shift towards AI inclusion into their application.

   * And last but least, we now recommend social networks with our first recommendation being #Mastodon !

   Thank you to all contributers!

   You can read all other changes here: https://discuss.privacyguides.net/t/2025-04-15/26713

   • Embed this notice
     silverpill (silverpill@mitra.social)'s status on Wednesday, 16-Apr-2025 02:35:44 JST silverpill

     in reply to

     • Jonah Aragon

     @blacklight447

     >we now recommend social networks with our first recommendation being Mastodon !

     Mastodon is one of the worst possible options from the privacy perspective.

     Mastodon doesn't support E2EE, so server admins can read everything you write, including direct messages. The only way to use it privately is to self-host, but Mastodon is very complicated and expensive. There are other Fediverse servers that are much cheaper and easier to install/maintain.

     The only real privacy feature in Mastodon is followers-only posts, and even that is not implemented properly. No private channels, no reply controls. Again, some Fediverse platforms have more privacy options, or at least have sensible defaults (e.g. not exposing social graph).

     cc @jonah

   • Embed this notice
     silverpill (silverpill@mitra.social)'s status on Wednesday, 16-Apr-2025 05:41:05 JST silverpill

     in reply to

     • Jonah Aragon

     @jonah Yes, I did read that. Do you refer to those three points?

     1. Security: not so great. Also, it has bigger attack surface due to tech debt and feature bloat.
     2. Support for different content types is poor, other services are forced to use various workarounds to make their content visible on Mastodon. It still doesn't support rich text, for example.
     3. I already mentioned privacy features - they are not impressive, and other services do it better. Wrong defaults. Quote controls is bad example because it is just a snake oil. Even if this will be implemented, everyone else will keep quoting Mastodon users like they always did

   • Embed this notice
     Jonah Aragon (jonah@mastodon.neat.computer)'s status on Wednesday, 16-Apr-2025 05:41:06 JST Jonah Aragon

     in reply to

     • silverpill

     @silverpill hello! There are additional details on why Mastodon was listed on this page: https://www.privacyguides.org/en/social-networks/#mastodon

   • Embed this notice
     Pawslut420 (sendpaws@mitra.pawslut.party)'s status on Wednesday, 16-Apr-2025 06:03:43 JST Pawslut420

     in reply to

     • Jonah Aragon
     • silverpill

     @silverpill @blacklight447 @jonah

     >The only real privacy feature in Mastodon is followers-only posts, and even that is not implemented properly.

     The problem with how it's implemented, is either two things can happen: a server can "strip" the attribute from a post, or there can be some security flaw allowing people to see your posts as with Pixelfed recently. A lot of privacy features on the fedi are like this, they rely on "good faith" implementations.
     https://fokus.cool/2025/03/25/pixelfed-vulnerability.html

   • Embed this notice
     silverpill (silverpill@mitra.social)'s status on Wednesday, 16-Apr-2025 06:03:43 JST silverpill

     in reply to

     • Jonah Aragon
     • Pawslut420

     @sendpaws Sure, but this can't be avoided in a decentralized network where content is not end to end encrypted. The other node is always a black box.

     I was talking about how replies to followers-only posts are implemented. The reply has different audience and that may lead to information leaks. Not to mention scope widening, this is just insane (learned about it from recent Mastodon exit post).

     @blacklight447 @jonah

   • Embed this notice
     Pawslut420 (sendpaws@mitra.pawslut.party)'s status on Thursday, 17-Apr-2025 00:04:28 JST Pawslut420

     in reply to

     • Jonah Aragon
     • silverpill

     @silverpill @blacklight447 @jonah Oh not only that; but also it is 100% possible to "strip" the DM status from a private message as well. It's such a comically bad design.

     It's why Pleroma has two different DM systems (kept in the Soapbox/Rebased fork, dropped in Akkoma) where it uses websockets between Pleroma instances. It was an attempt to avoid leakage.
     https://docs.pleroma.social/backend/development/API/chats/

   • Embed this notice
      (mint@ryona.agency)'s status on Thursday, 17-Apr-2025 00:04:28 JST 

     in reply to

     • Jonah Aragon
     • silverpill
     • Pawslut420
     @sendpaws @jonah @blacklight447 @silverpill >it is 100% possible to "strip" the DM status from a private message as well
     Technically that's the opposite of stripping, you add another value to to/cc fields.
     >where it uses websockets between Pleroma instances
     It doesn't, gleasonmessages are still AP activities that go through the same federation flow, ackoma has/had an MRF that switches their activity type. Shoutbox does work over websockets, but it isn't federated in the slightest.