James Ferguson Nov 7, 2022

Hey everyone. Just making sure everyone knows that direct messages on here are not end-to-end encrypted. They work more like a post, with visibility set to the person/people you tag.

This means an admin (like me), can read these by looking at the database/in backups.

I promise never to do this.

If that's not good enough (which is fine, obviously), please use something like signal for DMs

p.s. Twitter DMs are also not encrypted and anyone there can read them too.

Show threadJames Ferguson Nov 7, 2022
Also, I read up on the work by the devs over the last few years on this issue. It is coming, but crypto stuff can take a bit of time to get right. And they want to get it right.
From github:
"the encryption protocol is mostly Matrix's one-on-one protocol, with Facebook's message franking (which allow the recipient of a message to report it to their instance without disclosing other parts of the conversation or compromising the key material)"
Show threadNeilNov 9, 2022
@Psy_Fer_ Nice. In the meantime, I'd recommend something like Matrix over Signal, especially here on the fediverse (as Signal is just another walled garden which most have just moved away from).
Show threadJames Ferguson 
@neil Yea that's a good suggestion. Thanks for mentioning it.
Nov 9, 2022 at 1:27pmWeb