do the people complaining about mastodon admins being able to view your private messages realize that
twitter can do that too and they're literally partnered with a service named "dataminr"
@b But with enough followbots and resources you can have essentially the same thing.
@tn5421 and a person on twitter can't?
@b It would be easier on twitter to do so. Here you at least have to host a server to pull that data onto.
@tn5421 and also people may refuse to federate with you and itd be easier to notice what youre doing
@b This is why I send DMs by writing them down, wrapping it around a brick, and then throwing it through the person's window.
@b Wait, so you're saying root has access to the machine?! Huge if true.
doesn't gmail read your emails and target ads based on them
@b Yep, for critical emails I use proton mail. protonmail.com
@b No, it's worst!
@b that doesn't actually make it any better jsyk
@lycaon i know but like i get the feeling people legit dont realize that twitter can and will do the exact same thing
@b seriously? dataminr? thats like the .. most evil-corp cyberpunk bs ever. "iSpy" is go *man shuffles over to console connected to reel-to-reel computers and pushes big blue button with MINE on it, macnhines whir, smashcut to various govt. and corp entities smiling as data arrives on their green-screen terminals as alphanumeric matrix-bullshit*
@b On twitter, the threat is basically datamining for ads (same as gmail, facebook, tumblr, etc.)
Here, the threat model is random people having access to the full contents of what most assume is private data. my experience is that random people can be much more malicious than companies, so I assume anything I say here (even in private messages) is public.
@b It's best to treat the entire internet as public, regardless of the application or context. Don't share anything you don't want to be in public.
@b They have more to lose for acting badly -- they're a publicly traded company.
Either way, just because one neighbor craps in their lawn doesn't mean you can't complain when the other starts doing it too.
...
that was the only metaphor I could think of.
@b so, there's place for encryption on private messages ☺
@b Right?
Like, this is not a mastodon problem, it's an internet problem.
@b It's a rule. You must trust your sysadmin. Trust me. I am one.
I *COULD* read all the email and private files on any of my servers. Do I? No. I have ethics.
"And you could be fired for doing so."
Yeah, if I was caught doing it. But I RUN THE SERVER. If I was that unethical I wouldn't have problems covering up my actions.
If you don't trust the person/people running your server, don't put sensitive information on that server.
It's not a Mastodon-specific thing.
@b should be encrypted end-to-end. no excuses.
@oranj what are you suggestions for key exchange and encryption that will work easily over javascript and not be breakable by instance admins while still requiring minimal setup and working like dms currently do?
@xj9 i feel like that's just sort of "out of scoping it"
honestly mastodon is better about that because you aren't stuck on one giant datamining instance and no one instance can just eye of sauron that shit