Matt BlazeNov 25, 2023

Periodic reminder that the "Direct Message" / "Private Mention" function here is dangerously broken with confusing semantics.

- Anyone mentioned *anywhere* in the body of a PM gets a copy.

- "Disabling" PMs in your profile merely means YOU never see messages sent to you; senders can still send them, with no error indication.

- Nothing is encrypted, which means administrators on any instance that processes a message can see them.

I strongly recommend using something else for private messages.

Show threadBenjaminNov 25, 2023
@mattblaze agreed. I don’t understand why this pseudo-DM feature was even implemented in the first place. It poses serious safety and security concerns, which means if you don’t do it right, you shouldn’t do it at all. Love the mastodon devs but this isn’t okay!
Show threadJim VernonNov 25, 2023
@benjamincodes @mattblaze There is no "Direct Message" feature in Mastodon. You have the option to post something with the privacy level set to "Only mentioned people". That seems pretty straight forward. You mention people, they can see the toot. It doesn't claim to be a secure, end-to-end encrypted messaging system. In fact, Mastodon specifically warns you of this when you change the privacy setting to "Only mentioned people". The feature is just for when you want to limit who you're interacting with when posting, perhaps to continue a conversation without public visibility.
Show threadMatt BlazeNov 25, 2023
@jimvernon @benjamincodes Not everyone is as smart, well-informed, or attractive as you are, and may not find it to be as "straight forward" as you do.
Show threadJim VernonNov 25, 2023
@mattblaze @benjamincodes I'm not trying to offend. I just don't understand where the confusion comes from. The UI says what it's going to do and it says it in three words: "Only mentioned people". There doesn't seem to be a lot there to get confused about, so I'm wondering what I'm missing that's confusing some people. I assume the Mastodon devs would be wondering the same thing if they saw your post.
Show threadMatt BlazeNov 25, 2023

@jimvernon @benjamincodes Look up "principle of least surprise". It's an important usability and safety design paradigm that the PM function here quite clearly violates.

Yes, it's possible for smart people like you to understand the semantics of PMs if they study the code or documentation carefully. That doesn't make it a safe or usable design.

Show threadRaineer  🦆Nov 25, 2023

@mattblaze @jimvernon @benjamincodes you could save a lot of words with this argument by just saying “don’t use mastodon for private discussions”, which, of course, should extend to *any and all social networks*

Every time I see this argument it starts with the straw-man of Twitter DMs and pastes it on top of Mastodon, without acknowledging any of the efforts already made to mitigate the problem. So then every thread devolves into the same discussion where the straw-man is picked apart.

Show threadMatt Blaze
@raineer @jimvernon @benjamincodes Yes, I think the PM mechanism is dangerous and poorly understood. I don't understand why people take it personally when I warn people away from it, as I did here. Perhaps it would be more productive to make it work the way people expect it to.
Nov 25, 2023 at 8:03amWeb
Show threadthe hatterNov 25, 2023
@mattblaze @raineer @jimvernon @benjamincodes Even your calling it PM and possibly their choice of 'private' in the first place sows confusion; it's neither a PM as elsewhere, *personal*, nor is it very private in many of the ways people expect of the word. Safety would have been giving it a very different name - and having the masto fanboys explain to everyone 'oh masto doesn't have PMs but it has this, it's a little bit like PMs sometimes, except...'