Anyway, while I don't understand why this pisses some people off so much, or why they take my critique of the Mastodon PM semantics so personally, it's now very clear that it does piss some people off quite a bit.

But I'm not going to let that stop me. I'm an expert on security and privacy. And my job is, in large part, to act as a public intellectual. Warning people of dangerous designs that could cause them harm is what I do. If doing so makes me an asshole, so be it.

It's sometimes difficult to remember that communications platforms, including social media platforms like this one, attract a very wide variety of users with a wide range of circumstances. The same systems we might use only for trivial chitchat are likely also being used by political dissidents, labor organizers, and others for whom mistakes can have very serious consequences.

Making social media platforms reliably usable is important, even if it might not seem so to us personally.

@darren @mattblaze Naive question: how hard would it be to add an "end-to-end encrypted DM" button to a Mastodon client? The idea being to avoid the messiness of non-tech users knowing how to use public key software.

End-to-end is the client's job anyway, right? So the servers need not know or care.

@pzriddle @darren @mattblaze

End-to-end is the client's job anyway, right? So the servers need not know or care.

I use Mastodon mostly via web browsers so I have no idea how that would even work for me. My "client" is just Firefox. This would work if the client was always the same for everyone, but there are far too many different browsers and apps for accessing the Fediverse.

Mastodon isn't really built for private communication so redesigning it to be capable of that would not be a simple task. And then you have all the other kinds of sites on the Fediverse to contend with.

tl;dr if any Mastodon app added E2EE DMs I guarantee a significant portion of people you follow wouldn't be able to receive them due to using a different server or app.