Mastodon desperately needs end-to-end encryption for DMs. It's going to be ugly when Mastodon servers start getting hacked
| Blog | https://www.chosenplaintext.ca/blog/ |
| https://twitter.com/McLean0 | |
| Location | Waterloo / Toronto |
Tim McLean
- 56 Followers
- 75 Following
- 14 Posts
Cryptography, Rust, etc.
If the fediverse succeeds, then its users will be fractured across many smaller servers instead of clustered in 1 large server. This makes security much harder.
A large server (like Twitter!) can be defended by large security teams, perform internal audits, and be held accountable by regulatory bodies. Their executives can be hauled before Congress or thrown in jail for failing to report a breach.
Small servers will mostly lack the resources to fund a security person, let alone a security team. They may not even have access logs. And small server admins are unlikely to face the same level of scrutiny from regulators. This makes cryptographic assurances like E2E encryption that much more important for federated platforms like Mastodon.
If the community wants it, we could probably do a lot to improve the current state of Mastodon servers and trust (where the server owner is effectively God of all users on their server). E.g. enforce cryptographic transparency for moderation actions.
I haven't read too much about Mastodon/ActivityPub yet, but I'm guessing server admins can impersonate anybody on their server and change the text of anyone's posts (toots?). That could also be fixed once the key distribution infrastructure is in place for e2e encryption.
hanno