this post was submitted on 07 Jul 2023
512 points (100.0% liked)

Technology

34551 readers
47 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.

Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.

Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
MinutePhrase@lemmy.ml
512
Admin of an anarchist Mastodon server raided by FBI, insecure user data gets seized (www.neowin.net)
submitted 1 year ago by ezmack@lemmy.ml to c/technology@lemmy.ml
102 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] maegul@lemmy.ml 168 points 1 year ago (19 children)

Ok ... so I think false preconceptions are polluting this topic. Apart from the passwords, nothing serious has happened here for your data. As for the DMs ... yea there aren't DMs with any real privacy on the fediverse, they don't exist ... you should presume DMs are public.

Because the fediverse is not in any way private. See for a good treatment of this: https://blog.bloonface.com/2023/07/04/the-fediverse-is-a-privacy-nightmare/

The basic story is that the fediverse is all about duplicating what we post all over the place ... essentially to anyone who decides to run a server on the fediverse. The FBI could (and probably do?) have a server scooping up all sorts of stuff onto their server and you wouldn't know about and probably couldn't do much about it. Google is scraping mastodon (and probably lemmy?) ... try a google search for mastoodn content.

This is all public internet stuff, you're basically running a public blog that happens to be well connected to lots of other public blogs.

As nice as the fediverse is as a nice anti-capitalist-big-corp monopolisation of our social online lives ... it is very much born out of the web2.0 era and doesn't have any of the privacy concerns many of us would now hope for from technologies.

I've argued this elsewhere ... I like the fediverse and am here out of principle ... but in many ways it highlights some of the failings of our world at this time ... because it's about 10 years too late and the future is coming in hot and fast ... in retrospect I wouldn't be surprised if it will make a lot of sense to look back on the fediverse and think that it was effectively redundant at just about the time it gained popularity. An AI dominated internet with massive privacy concerns is here very soon, and the fediverse isn't ready IMO, it's still trying to catch up to web2.0 big social circa 2010.

[–] joelthelion@lemmy.world 15 points 1 year ago (2 children)

Wouldn't it be possible to add end to end encryption for DMs?

[–] Dioxy@programming.dev 27 points 1 year ago (2 children)

We could turn to good ol’ PGP

[–] Mikina@programming.dev 13 points 1 year ago

That's the only way. I don't think there's any other solution that would allow for you being able to be sure that the instance you are on doesn't have a way to acess your data - any other e2e encryption integrated into Lemmy UI would not and cannot be reliable, because an admin can just rewrite the code as he sees fit.

Only solution to this is to just encrypt the message manually before it touches anything Lemmy UI.

[–] RyeBread@feddit.de 1 points 1 year ago

This is the way

[–] maegul@lemmy.ml 19 points 1 year ago (2 children)

Possible doesn't mean easily doable, unfortunately. Technically speaking, I don't know how hard it would be for the fediverse. I get the sense that overall it's been a mismanaged aspect of the ecosystem for a long time.

It touches on a broader issue of to what extent the software ecosystem enables users to exist on the fediverse at large as a single user or through a single interface. At the moment, it's basically not really a thing. Arguably, if the fediverse wants to make any claim to being an actual "federated universe" rather than just separate FOSS decentralised platforms (there is a big difference IMO) ... then it should definitely be a thing.

In relation to DMs, then, in a "true fediverse" the answer would be simply something like integrating matrix into your interface such that you and I could easily start a space on matrix and start chatting there if we wanted to.

I've come to the conclusion that for this to happen it needs to happen at the UI/client/app level. In fact, I wouldn't be surprised if that happens in not too long a time. An app that understand and works well with all of the major platforms and gives you a single and well designed interface for working with all of them from a single space. This way the platform developers can focus on their specific funcionality and backend while the app/client developers can focus on the UI and the challenge of bringing things together. I see it as similar to the way we all have email apps that easily bring together multiple email clients.

[–] fruitywelsh@lemmy.ml 7 points 1 year ago

Matrix integration really is the move to make imhol

[–] jimmy90@lemmy.world 5 points 1 year ago (1 children)

oddly enough i presumed this was how mastodon did DMs, i hope they can get E2E in the apps ASAP

[–] maegul@lemmy.ml 6 points 1 year ago

And that's part of the problem, they're easily mistaken for something better. Either they shouldn't be there or done at least semi-properly.

load more comments (16 replies)