AntoineApr 6, 2017
sungo_enothere

About risk profile:

- Mastodon is like email because you can't delete federated toots
- Mastodon is like twitter in that Google's search bots index it, unless your admins robot.txt it away
- Mastodon is like being a teenager because the people that own your instance can see all your private stuff

Have a talk with your admin about their policies.

By default, assume everyone will be able to read your toots forever.

Apr 6, 2017 at 4:31amWeb
Show threadsungo_enothereApr 6, 2017

Reactions to this are two-fold:

- This is so basic and it doesn't need to be said.
- Oh shit.

Ignoring that I was drunk when I wrote it, I think it's important to point out how the system works because non-techies just kinda crap their social graph into apps without realizing the full ramifications. Do you know who reads your data off the flappybirdsite firehose? Of course not.

Here you at least have the option of knowing and working with an admin you trust.

Show threadsungo_enothereApr 6, 2017
Also, I should mention that @Gargron let me know that deleting federated toots is possible. It's just a second protocol message that could get dropped, blocked, etc.
Show threadashleyApr 6, 2017
@sungo it's not even eventually consistent, is it? the request just might disappear?
Show threadsungo_enothereApr 6, 2017
@rabcyr In theory, sidekiq will retry the transmission a couple of times. But if the response is fine or response takes too long, sidekiq will just give up and record an error. So yeah, you cannot be really sure that any transaction actually completes.
Show threadccApr 6, 2017
@sungo Is there a list of all the Admins of all the instances somewhere that people could use for reference? In case you had to look someone up and/or verify that they are the correct admin?
Show threadsungo_enothereApr 6, 2017
@cc No and, baring a protocol addition, I'm not sure there can be. Nodes get federated in when someone follows another person. My instance was all alone in the night until I followed myself.
Show threadccApr 6, 2017
@sungo Well, I just meant a list of all the usernames of all the admins and which instance they own. Doesn't have to be part of app, just a text list posted somewhere.
Show threadsebboh🚀Apr 6, 2017
@cc @sungo Well, we could generate said list, the old-school way... Who are the admins on mastodon.club for example? Also 'cause I'd like to say hi, thanks for hosting me!
Show threadccApr 6, 2017
@sebboh @sungo That would be @thurloat
Show threadesselfortiumApr 6, 2017
@sungo if i'm understanding this correctly: when a toot is federated, does that insure it against its original instance's disappearance?
Show threadJacob Moena 🇩🇰Apr 6, 2017
@sungo and the only one - unlike email - who can't read your toots forever, is yourself :)
Show threadGrincheux 🚲Apr 6, 2017
@sungo if I don't want my toots or tweets to be public, I choose an other way to communicate 😉
Show threadlertsenemApr 6, 2017
@sungo @sungo Same as any social network, then?
Show threadAlessio Biancalana 💻Apr 6, 2017
@sungo and this is awesome.
Show threadEugen RochkoApr 6, 2017

@sungo you *can* delete federated toots, but it's a 2nd message that tells server "delete the previous one" - network delays and failures apply

but this is a good message in principle, it's true for everything that isn't e2e encrypted

Show threadmaguireja :fire:Apr 6, 2017
@sungo In all seriousness though you're right, this is a pretty big problem. I also understand there is no way to delete accounts.
Show threadsungo_enothereApr 6, 2017

@maguireja The UI is lacking in several places. As an admin, you can't grant or remove admin status from UI, nor remove domain blocks.

On the upside, the UI is getting a lot of attention from folks. Either the built-in will get fixed soon and/or new alternate UIs will fill the gap.

Show threadDNA scheduleApr 9, 2017
@sungo sounds like we might actually be able to get end-to-end encrypted DMs on this platform though?
Show threadsungo_enothereApr 9, 2017
@ryanprior Anything's possible but I'd be really wary of the implementation. Crypto is hard to get right particularly with a fediverse where instances are running all different versions of the code, some extensively customized.
Show threadBenjamin BayartMay 17, 2017
@sungo Whatever the tool, the admin can always access more than you think. The main difference is that on Mastodon, the admin is a friend I choose and trust. While on Twitter or FB, the admin is a friend the NSA/US-Government choose and trust.
Show threadJérôme Moinet 🍺 ☭May 17, 2017
@sungo @bayartb my thoughts is that the average user does not have a friend that runs a mastodon instance. So the average user will chose a random instance or will ask average users friends for a trusted instance, wich will lead to another random instance with potentially no privacy concern.
Not so different from mail, indeed.
Show threadOlivier DOSSMANNMay 17, 2017
@bayartb friends mostly are our best ennemies.
Show threadSimon EnsorMay 17, 2017
@sungo And app creators??
Show threadグレェ「grey」Dec 17, 2022

@[email protected] it is kind of funny how all sorts of peeps claimed they wanted end to end encrypted protocols.

I released "Merry Cryptmas" in 2014 as a proof of concept demonstrating it was possible to run OTR over SILC, and did so in an encrypted VM running OpenBSD with some other tools, like Tor. All sources were included.

No one seemed to care.

Show threadグレェ「grey」Dec 17, 2022

I guess we should be grateful that people are also acknowledging that surveillance capitalism is bad?

Going for full "all my data can be read by anyone all the time" doesn't seem as if it is a concession that is worthwhile.

Privacy should be a fundamental right.

Libre/free open source software doesn't mean that the output also must be plaintext.

Yet, here we are.