Matt BlazeI will admit I still don't understand what's so offensive about my pointing out the unsafe, confusing semantics of the Mastodon PM mechanism, or why this topic seems to provoke so much anger.
Basically, I have learned nothing from your yelling.
Dan McGuireAnyway, while I don't understand why this pisses some people off so much, or why they take my critique of the Mastodon PM semantics so personally, it's now very clear that it does piss some people off quite a bit.
But I'm not going to let that stop me. I'm an expert on security and privacy. And my job is, in large part, to act as a public intellectual. Warning people of dangerous designs that could cause them harm is what I do. If doing so makes me an asshole, so be it.
It's sometimes difficult to remember that communications platforms, including social media platforms like this one, attract a very wide variety of users with a wide range of circumstances. The same systems we might use only for trivial chitchat are likely also being used by political dissidents, labor organizers, and others for whom mistakes can have very serious consequences.
Making social media platforms reliably usable is important, even if it might not seem so to us personally.
Twitter was, of course, a repeated example of this. It was never *intended* to be a tool for dissidents or for organizing protests. But within a few years of its introduction, that became a major secondary function of the platform, in the US as well as in some very repressive regimes. It happened to meet the needs of these communities, and they just started using it in ways its designers never specifically anticipated.
Design as if your users' lives might depend on your choices.
Richard W. Woodley ELBOWS UP 🇨🇦🌹🚴♂️📷 🗺️@mattblaze
perhaps that is why it had to be destroyed and who better to do it than the man at the top of the billionaire class
perhaps that is why it had to be destroyed and who better to do it than the man at the top of the billionaire class
JZP@the5thColumnist @mattblaze no "perhaps" about it. The Saudi $ was to prevent another "Arab Spring"
Chris Bohn@mattblaze
> Design as if your users'
> lives might depend on
> your choices.
Thank you -- you've just made the case that software that isn't traditionally thought of as safety-critical software can indirectly become so.
This is something that's been bouncing around in my head for months, but it never coalesced into an example quite so plain and graspable as what you've described here.
Douglas Patriarche@mattblaze Years ago when I worked at RIM, my dev team was responsible for (among other things) the “find my lost phone” feature. Out of the gate we got an unexpectedly large amount of traction in Venezuela. Looking into why, we found that people were buying BlackBerries to give to their children, so that if they were kidnapped they could geolocate them. We developed the feature to find lost phones, but discovered we were saving kids’ lives.
Clive Thompson
PeaceNick🇨🇦Hello @dpatriarche
Ex-RIM/BB (I still expect that to autocorrect).
Debora Weber-Wulff@dpatriarche @mattblaze
Of course the technology has led to things like airtags that are used to control people and stalk them. It has led to people getting killed because they were found. Technology has at least two sides to it and not all are purely positive. It is important to think through how new technology could be used not only for good, but also for evil and build it so the bad stuff is dammed and the good stuff can flow.
Of course the technology has led to things like airtags that are used to control people and stalk them. It has led to people getting killed because they were found. Technology has at least two sides to it and not all are purely positive. It is important to think through how new technology could be used not only for good, but also for evil and build it so the bad stuff is dammed and the good stuff can flow.
ketchup71@WiseWoman @dpatriarche @mattblaze It will never cease to amaze me why this AirTag thing backfired as it did. Americans are ok with gun for everyone, even if this implies the possibility of using guns in crimes, but when someone comes up with a technology to find your stuff (and, as far as I know, Tile was there before Apple), everyone tells me you can do bad things with it, therefore the tech is evil.
(Not your words, I know.)
But I agree: 2+ sides…
(Not your words, I know.)
But I agree: 2+ sides…
@ketchup71 @dpatriarche @mattblaze
Tech is not either good or evil! We need, however to not just look at the good, but to understand the evil and find ways of lessening or blocking it. If the evil is too bad, then maybe it is not worth the good.
Tech is not either good or evil! We need, however to not just look at the good, but to understand the evil and find ways of lessening or blocking it. If the evil is too bad, then maybe it is not worth the good.
@WiseWoman @dpatriarche @mattblaze I agree.
However, the problem is to decide when the bad outweighs the good.
Example: I’m an old white guy in Europe. I have no problem with stalking. More to the point: it’s not probable that I would be stalked. But I forget my keys (the old in owg). Now I can’t find them, because stalking is a thing in the US.
(Yes, it’s a thing globally, but to different extends.)
Frustrating. Mostly, because I agree with you.
@WiseWoman @dpatriarche @mattblaze In a perfect world, we would have numbers to decide. We would help victims, mostly by rooting out the underlying social problems (which is the way to go, in my eyes).
It is not feasible in our world. But it’s frustrating that the way we present incidents steers our decisions. There are stalkers, car thieves, a guy who murders car thieves. All enabled by AirTags. (We say.)
And we blame AirTags.
Better story, I guess. 😢
It is not feasible in our world. But it’s frustrating that the way we present incidents steers our decisions. There are stalkers, car thieves, a guy who murders car thieves. All enabled by AirTags. (We say.)
And we blame AirTags.
Better story, I guess. 😢
K-ZO da Snowman
mutual@mattblaze hate to Well Actually you but Twitter actually has its origins in TextMob which was used to coordinate protests and early twitter engineers came out of Indymedia spaces https://dl.acm.org/doi/abs/10.1145/3485447.3512282
@mutual_ayyde interesting history!
Knut Morå@mattblaze
How much of this was due to technical features of Twitter vs the company deciding to not cooperate with governments? Their dms were not encrypted either
How much of this was due to technical features of Twitter vs the company deciding to not cooperate with governments? Their dms were not encrypted either
Steve Bellovin@mattblaze Yes. Not only is it important to obey the principle of least astonishment, it's important to realize that security lapses are not due to user error, they're due to a system that was designed improperly for normal people. What matters is not so much the absolute security properties (or the lack thereof), it's what users *think* will happen.
Jon (now at neuromatch.social)@SteveBellovin the only good thing about Mastodon's PM behavior is that it creates the opportunity to introduce many people to the "principle of least astonishmen"t who haven't previously heard the term. Winning!!!!!
@mattblaze
@mattblaze
James M.@mattblaze I agree 100%. 👍
synlogic@mattblaze I also have impression most social media platforms are designed and built by 20-somethings. whereas most of humanity will be in that age 30 to 90 span. soooooo many UIs are optimized for people with perfect eyesight, giant screens, no glare, high ISP bandwith with low latency and seemless avail. if any one of those is NOT tru for an enduser theyre going to have a shitty UX
tiny fonts, low contrast, tiny buttons, destructive action buttons adjacent to innocent common ones etc
Darren du Nord@mattblaze We're all going to need public keys, aren't we.
Prentiss Riddle 🎛@darren @mattblaze Naive question: how hard would it be to add an "end-to-end encrypted DM" button to a Mastodon client? The idea being to avoid the messiness of non-tech users knowing how to use public key software.
End-to-end is the client's job anyway, right? So the servers need not know or care.
emberquill 
End-to-end is the client's job anyway, right? So the servers need not know or care.
I use Mastodon mostly via web browsers so I have no idea how that would even work for me. My "client" is just Firefox. This would work if the client was always the same for everyone, but there are far too many different browsers and apps for accessing the Fediverse.
Mastodon isn't really built for private communication so redesigning it to be capable of that would not be a simple task. And then you have all the other kinds of sites on the Fediverse to contend with.
tl;dr if any Mastodon app added E2EE DMs I guarantee a significant portion of people you follow wouldn't be able to receive them due to using a different server or app.
@emberquill @darren @mattblaze All good questions. WhatsApp claims to do end-to-end encryption in a web browser, so that part is at least theoretically possible even without a dedicated client app.
Elena ``of Valhalla''@pzriddle @darren @mattblaze would that button work when the receiver is not on mastodon? and if not, how would it fail?
there are many more platforms that aren't mastodon on the fediverse, and they aren't necessarily tailored to the same set of expectations.
On the other hand, in my profile on friendica there is a field for an xmpp account: if I wanted to receive e2e communications from strangers I could fill that in, and it would work with no need to add anything to a protocol, AP, that is not really designed for that.
Improving the interface of that protocol switch sounds to me a much more promising avenue.
@valhalla @darren @mattblaze The starting point for this thread was that Mastodon offers zero privacy for DMs, but users are likely not to understand that and so may put themselves in harm's way - particularly the most vulnerable.
I wonder whether one solution could be to take your suggestion of putting communication handles in the profile, and then remove the DM feature from Mastodon entirely.
@pzriddle @darren @mattblaze I think that solution could work better than adding e2e to mastodon DMs
Mark@mattblaze I think I might be more inclined to normalise the idea that social networks are completely unsafe and compromised rather than trying to secure mastodon, which is so inherently insecure.
Posting on mastodon is more like publishing a blog post than sending a message to targeted individuals, securely or otherwise.
Steve Portigal@mattblaze nothing asshole about it!
standev@mattblaze thank you. you know, I had almost forgotten that was why I followed you in the first place. I do appreciate the black & white photography posts too though!
@jacquiharper@standev @mattblaze Came here to say this
Jeff C. 🇺🇦🇬🇱@mattblaze For what it’s worth, I know you’re right on this and there is nothing wrong with acknowledging it.
A lot of people don’t know the risk they’re incurring and it helps to let them know.
I love Mastodon — it is my new online “home” — but it’s not perfect, and the actual enemy of perfection is pretending otherwise.
@mattblaze FWIW, I get the sense that @Gargron is far more reasonable than the actual Mastodon fundamentalists. Hopefully he can be swayed to revisit the private messaging model.
rlb@mattblaze thanks, asshole.
Sincerely,
Somebody who used to think the P in PMs stood for "Private"
Jason Woodward@mattblaze some folks, inexplicably, regard any form of criticism as “nonproductive” and “hostile”. Reference the “don’t bring me problems without solutions” crowd.
Thanks for not being one of them, and thanks for your perseverance in the presence of that behavior. I don’t look forward to the seemingly inevitable day it becomes too much to bear.
Adam Shostack 
@mattblaze I don’t think you’re an ass.
I do think people get invested in/identify with the software they use and so take things personally. As a YouTuber I don’t understand
@mattblaze Also I got some of the same for pointing out that posts were public by design when there was the whole misguided publicity around search features built into the default clients.
@adamshostack @mattblaze Matt has implied that there is a misfeature in the One True Social Network. That's a serious sin. And if the design should change to be the way that Matt (or I) would prefer it, all of the folks now criticizing Matt would not only applaud the new feature, they'd deny they ever opposed it.
@SteveBellovin @mattblaze Steve, just because your social network lasted longer than Twitter doesn’t … ok I suppose it does make you qualified to comment. 😀
@SteveBellovin @adamshostack We've always been at war with Eastasia
Chris Petrilli@mattblaze @SteveBellovin @adamshostack I somehow read this as … We have always been at war with Emacs.
Dan Cross@mattblaze @petrillic @SteveBellovin @adamshostack don't you mean Ctl-Meta-X q Esc surrender-without-saving-buffer ?
Gabriel Viso Carrera@cross @mattblaze @petrillic @SteveBellovin @adamshostack that's a shortcut for carpal tunnel syndrome.
Artemesia@petrillic @mattblaze @SteveBellovin @adamshostack
vivivi, the editor of the beast
@mattblaze @adamshostack Funny, that's that example I was thinking of, too.
Norman Wilson
Steven Lipton@mattblaze may you continue to do so. I learn a lot from you in many domains.
@mattblaze
Perhaps people should RTFM more and learn more about what they are using but the fact is today people expect stuff to be intuitive so designers of stuff need to try to meet that need as much as possible.
Perhaps people should RTFM more and learn more about what they are using but the fact is today people expect stuff to be intuitive so designers of stuff need to try to meet that need as much as possible.
zl2tod@mattblaze
Bro, you have 28,000 followers.
A proportion of them, perhaps thousands, are going to be objectively nuts.
Ignore them.
Bro, you have 28,000 followers.
A proportion of them, perhaps thousands, are going to be objectively nuts.
Ignore them.
Dan Turner@mattblaze My guess: for some folks, using Mastodon is a statement about one's identity. Therefore, critiques of Mastodon are critiques about individuals' identities and provoke similarly strong reactions.
Matt Sicker@mattblaze you’ve been in security for long enough to know that a lot of people don’t like hearing about vulnerabilities or architectural problems because they distract from the fun parts of porting from framework X to framework Y
Iacopo Spalletti 🐍🍻😷 🇺🇦@mattblaze I guess you're not the asshole in this discourse. I really think you're one of the most valuable voices here (and thanks for the great photography threads too!)
Ben Rosengart@mattblaze I think it’s very kind and public-spirited of you.
NosirrahSec 🏴☠️ guillotine enthusiast@mattblaze I fully agree with you on this one.
The way private messaging works here is stupid. Full stop.
Thomas Reed@mattblaze I don’t understand it either, but you do an excellent job of chasing trolls and scolds out of the tall grass so I can block them, so thanks for that! 😄
cohomology is FUN!1) you are right about this (design issue with PMs)
2) even if you were wrong, it’s not your fault that people get bent out of shape for you expressing a fairly benign opinion (it’s not like you are being a bigot or something)
3) if anyone is being assholes, it’s the people going ballistic because someone they follow boosted a post of yours on photography they found uninteresting and think somehow that’s your fault