MegOct 5, 2023

So here's a fun emergent feature on Mastodon 4.2:

- you can search your own posts even if you turn off other people searching you (use `in:library` as a term).
- you can post "DM"s that have no recipient, so only you can see them. These are searchable.

So you can use your Mastodon as a searchable private note repository lol.

Show threadKevin Bonham 🚽🦠👨🏼‍🔬
@megmac
Is it still the case that DMs are unencrypted? That would mean that they are still readable to admins or anyone that gets read access to the server, no?
Oct 5, 2023 at 1:17amWeb
Show threadMegOct 5, 2023

@Kbonham you should always assume the person who runs a website(*) can read anything you do through that website if they really want to. Even if it says it's e2e, there are ways. So yes, I wouldn't put anything incriminating in it.

(*) This is less true for things that are purely native apps but even there there are caveats and you have to trust the people making and running the software you're using at least a little.

Show threadEver AftarOct 5, 2023
@megmac @Kbonham Just encrypt your data locally before base64-ing it and don't share your encryption key. And you're golden.