My least favorite part about new folks logging in is the DM panic.
“Oh no, my DMs are unencrypted and can be read by the instance moderators and admins.”
“... just like every other social platform you’ve ever used, plus most email platforms.”
“Well, yeah, but on those other platforms the admins are a team of underpaid entry level employees at a faceless company, not a single person or small group of individuals that’s I can get to know”
My favorite part about new folks joining is all the new frens.
Hi new frens.
@elomatreb plus, thanks to bad 80s privacy laws, law enforcement is also reading your DMs and emails, as long as they are six months old, without a warrant.
@ajroach42 I'm getting better at diffusing this. The hot take you can use to deflate this baloon is: "Because unlike Twitter (or even IRC) you can *make your own instance with your own rules* and give that the same importance as any other instance."
This is fundamentally different, but as blogging was fundamentally different from legacy publishing, I think it'll take a decade for it to really set in for folks
@ajroach42 if they're that concerned about it, they should probably use PGP :)
@ajroach42 honestly I'd be more scared by the underpaid entry level employees that probably all have a big neon glowing "leak data" button on their desk at all times.
@Pandentia right. That's my point.
This rings of
"Mastodon isn't perfect so I'm going back to twitter"
@ajroach42 speaking of (but not officially FOR) Google, access to user data is heavily logged AND actually audited for misuse.
I know many people disagree with what Google and others consider valid uses, of course, which is a perfectly good reason to move to "more free" services. But I, for one, feel comfortable that no one at Google is reading my personal mail (or could, without it being noticed).
My opinions and experiences, I do not speak for Google officially.
@ajroach42 (and to be clear because 500 chars isn't enough, my "perfectly good reason" should not be taken as a judgment or insinuation that anyone owes me or anyone else a reason for a choice to change platforms or anything else they do)
@ajroach42 I mean, I shared it as an FYI to new users as an IT auditor, but I'm sure accurately describing how a platform works counts as a "panic."
@ajroach42 yeah! Who the fuck would use this DM feature for confidential communication. Encrypt yourself!!
@ajroach42 also like, as an admin, I have not the spoons to try and figure out how to read someone’s DMs and no interest in doing it anyway?
I don’t see the point.
I get people being worried but also I feel like it’s being blown out of proportion tbh
@ajroach42 the other side of that coin is instance admins are more likely to have some personal interest in their users.
@rook Sure, I can see that. It makes sense to me.
That's a good reason to pick an admin you can trust, and know the limits of the security of your platform.
It's not a good reason to leave mastodon.
@ajroach42 I'd say that's a personal decision. Especially since it hinges on trusting *two* admins in probably most cases, one of which you can't choose.
I trust mine, but there are still things I wouldn't DM locally because the risk is too great.
If Mastodon never gets some kind of useful E2E I will certainly leave, at the very least for platform network that supports it.
@rook Is there a platform that supports E2E?
Is it possible to trust E2E running in a web browser?
@ajroach42 the safe bet has it there will be.
@rook I won't trust e2e encryption in a browser, unless it's running in a plugin that I can audit.
IMO, end to end encryption in a pure web app is a fantasy.
@ajroach42 I think this gets away from the point somewhat. I can reasonably expect my DMs to be read much less often by Twitter staff than by instance admins on multiple statistical bases.
Excuses against demands improved security sound too much like arguments for backdoored encryption to me in this instance. Trust us, we're the government. Find an absolutely trustworthy admin (none exist), and assume your correspondent has done the same.
I'm not really sure what you're trying to say.
My point was and remains "don't send sensitive information in a DM on any platform"
You mentioned e2e encryption for DMs, which would be a half measure at best. It would be easy to hack, and a sense of false security at worst, without a major overhaul of how DMs work.
I'm all for increased security.
I'm not a fan of a feeling of increased security, without a measurable impact on security.
@rook If you want e2e encrypted DMs, they are possible now.
Just encrypt your DMs before you send them in an external tool. The tools we have for this aren't great, and the character limit on DMs makes it harder. This should be improved.
But it has to use an external tool, IMO.
Don't rely on software that can be altered without your knowledge for encryption.
and it's not on your machine, it's on someone else's machine, so you have to trust that.
If law enforcement orders google, for example, to back door their chat OTR implementation, you'd have no way to know it or to stop it.
@ajroach42 "don't send sensitive information in a DM on any platform"
That rules out all of internet commerce, and a lot besides.
I know, you mean only social networks. But other protocols can manage it, what's so wrong with social networks? I don't buy it.
DMs already provide a false sense of security for the uninitiated. Somewhat less false security would a) be better, and b) observable in a way that could reveal bad actors.
"Other protocols can manage it" Explain what you mean by this, please?
@ajroach42 surely you've heard of PGP and the like?
You can use PGP to encrypt DMs on mastodon right now.
You just don't do it in the mastodon web interface.
That's the bit you can't trust.
I'm not sure where I'm failing to communicate this clearly.
PGP is fine. Doing PGP encoding and decoding in a web app is untrustworthy, because you don't control the code that makes up the web app, and you have no way to reliably audit it, or be certain that it hasn't been changed.
@ajroach42 my point is I don't have to use PGP externally to... PGP. Or any other secure messaging platform, like say HTTPS.
@rook HTTPS encrypts the data between your browser and the server. It doesn't hide the data from the server.
e2e encryption requires the data to be en/decrypted outside of the server.
If you're trusting code from the server to do this, that means that anyone who has compromised the server (technically or legally) can render that encryption useless in a way that would be very difficult for you to discover.
Doing PGP in a web app is as insecure as full disk encryption on cloud servers.
@ajroach42 yeah, if you ignore the infrastructure. But then DMs are already secure.
@rook What does this mean?
I have no idea what you're trying to say here.
@ajroach42 you assume there is no way to trust the code you receive from the instance without auditing it more than once, or to run code locally hosted without a browser plugin or something to that effect.
But my example gives you one payload to audit, which will then reside in local storage. Going forward, *any* exfil yields a network observable, which is a huge step up. No plugin, no ongoing audits.
@rook sure, that could be a first step.
But then how do you prevent things like this: https://community.spiceworks.com/topic/2134735-critical-bug-found-in-pgp-and-s-mime-email-encryption ?
So long as the code that is rendering your decrypted message is mutable, it can't be trusted.
I'm not saying that this is impossible, just that it will not be easy, and that I'd hesitate to trust most implementations that rely on a browser capable of executing arbitrary code.
I'm also not sure how we got here from 'don't send private data in cleartext',
@rook But it's been an interesting chain of thought to follow, at least.
@ajroach42 sure there are other parts of the problem, but I just negated two of your assumptions on the spot. If that doesn't disrupt your thinking I really don't think there's any use saying anything more.
As for plaintext, again, I disagree that Mastodon DMs shouldn't be secured (or sent in plaintext at all.)
And I still think a person shouldn't be admonished for leaving Mastodon if they object to insecure DMs.
@ajroach42 further to that, I don't believe good e2e in the browser is that hard.
@rook I'm not saying it's hard to implement. I'm saying it's hard to trust.
@ajroach42 I mean in a trustworthy manner. That's what I meant by "good."
@rook Would you mind explaining how you would implement trustworthy end to end encryption in a web app, because I would love to be able to do this, but I can't think of a single way I would trust that doesn't rely on at least some local code.
@ajroach42 the solution is to change the assumptions. Examine them and see how to break them.
I'll give you an example: A good first step is to commit to local storage code to perform the crypto specialized to your key(s).
At that point you can at least monitor traffic to determine whether anything is being exfiltrated.
There are more problems to solve, but I hope you get the idea.
@rook I'm still not sure what point you're trying to make.
You're saying that mastodon should have some kind of magical, trustworthy, browser based asymmetric key encryption, that doesn't rely on any local code, and then saying that we need local code after all?
Either I'm being exceptionally dense today, or there's some other kind of gap between what you're saying and what I'm understanding.
A social network for the 19A0s.