HEY GUYS:
Adrienne Leigh has a truly excellent and very important run down on the SEVERE AND PERVASIVE PRIVACY ISSUES ON THIS SERVICE. i'm not taking about OPSEC, I'm talking about BASIC PRIVACY SAFETY AND IMPERSONATION ISSUES.
PLEASE READ AND SHARE, Y'ALL
@ohtazer She apparently doesn't know that this sort of content capture is possible on Twitter and the impersonation issue is a non-issue.
PLEASE DON'T ALL-CAPS ENGAGEMENT SOLICITATION FOR FUD ON TWITTER, Y'ALL
@pete what is FUD?
from my admittedly limited understanding, i thought admins of instances end up having access to your private messages if you engage with a person hosted in their instance
and just to clarify do you mean impersonation has not been a problem or does not have the capacity to become a problem?
@ohtazer "Fear, Uncertainty, and Doubt", coined by an ex-IBM employee to describe their marketing strategy.
Admins have access to PMs you send to their server. All PMs you send through Twitter are potentially accessible to anyone they hire as an SRE or DBA, and you've got zero control over that. You trust the admins or you don't. (You shouldn't, I don't.)
Her impersonation argument is anyone can register her username and "it's like email". That's a non-issue. Impersonation in general:
@ohtazer Impersonation in general is another issue. It's an issue on Twitter with the "ETH Giveaway" problem. Their SMS-based 2FA is an issue, because the cell networks are not secure. https://www.wired.com/2016/06/hey-stop-using-texts-two-factor-authentication/ . Impersonation is not a bigger problem here than there.
The only way to solve the problems she brings up is a decentralized platform like Twister ( http://twister.net.co ). Mastodon is not less secure than Twitter, and is in several ways better.
Happy to elaborate. Will stop textwall.
half-aspirational
Pete