Follow

The Corporation behind and the Admins of Twitter can see your “Private Messages”

The Corporation behind and the Admins of Facebook can see your “Private Messages.”

The Admins of Mastodon can see your Direct Messages. They aren’t private.

With Mastodon, you can spin up your own instance and be your own Admin.

Ultimately, don’t use any of these tools for actual private messages. Use Signal, Matrix/Riot or another end to end encrypted messaging tool.

@tinker I think the admins of both instances (the sender and the receiver) are potential threats, since the entire communication resides in the database of both instances, though the admin interface apparently only makes it easy to see the local side of the discussion.

@jerry @tinker Isn't the threat model pretty similar to email without relaying/forwarding/etc?

@jerry - Yeah. Thus a consideration of implementing END-to-END crypto in Mastodon DMs. An Admin can see the end.

There might be a way to do it where the private keys are stored on a Mastodon instance. Still accessible by a Mastodon admin, but with hidden with a strong password.

Something to look into as the platform builds out.

@jerry
This is why you need your own instance to really have your data under control.

Also: do not use third party mastodon clients, especially those that ask for your password.

... unless you checked their code or wrote it yourself

@tinker

@tinker

From instance to instance, it's end-to-end encryption on Mastodon, right?
So if you trust the admins, there's no real problem?

@LienRag @tinker I wouldn't rely on TLS alone between servers and then call that end-to-end. TLS depends on the CA system, DNS and the particular ciphers users. As seen recently with TLS 1.3 some organizations like to be able to exploit the weaknesses of earlier TLS versions, and do that as part of their business model. https://www.ietf.org/mail-archive/web/tls/current/msg21275.html

@hhardy01 - Yep!

Here’s an interesting thing. Mastodon has 500 characters. How long of a GPG message can you push on that?

@tinker @hhardy01 Depends on the length & number of the recipients & your own key if you're signing (which you should be). GPG apparently has support for ECC, which is better suited to short messages, but you'd have to convince all your recipients to generate ECC keys.

@seanl @hhardy01 - I spin up keys for one offs each time. So not terrible worried about that.

Be cool to build something natively within the Mastodon client.

@tinker @hhardy01 DM encryption would be great. Mailvelope has an open issue for ECC support, which would enable it without needing Mastodon cooperation. Looks like openpgpjs supports it already, which would allow someone to add it to the Mastodon web frontend. github.com/mailvelope/mailvelo

@tinker It would be neat to see Mastodon implement signal protocol e2e encrypted chat as their DM system instead

@facts_the_alt - It would still only be End-to-End. And the admin controls one End. They’d still be able to read DMs. (E2E only protects data in transit).

There are ways to protect data at rest against certain types of privileged user, but not for what we’re talking about here.

Mastodon’s answer is to let you be your own admin. And for many, thats exactly what they do.

@facts_the_alt - I should say, this only applies if you want to read the messages clear from the web app. If you sent an encrypted message and downloaded it to your host, then your host (not the Mastodon instance itself) becomes the endpoint.

You can address this without needing Mastodon to do it. You just need a thick client that can send the encrypted message through the Mastodon network.

@tinker
Wouldn't it be sufficient if profiles offered to enter xmpp and/or matrix ids? Instances could possibly offer a simple #xmpp server like #prosody. I don't see any other valid #e2e solution for any #federation compatible protocol except using gpg client sided like with email.

Maybe one should discuss to remove any "direct" or "private" message features from protocol in regard to the very common misunderstandings linked 2 those terms?
@facts_the_alt

@homer77

#MegOlm
the beta e2e of Riot

Why could not mastodon clients employ this for non-public toots?

@tinker

@orangecoastcollegeprivacy
First I don't know if that would work for the web end of mastodon? Would it?
Then maybe this would blow client development up a bit. But as I don't know anything about #megolm ... Maybe this can be a proper solution ...
@tinker

@b
I am still not knowing enough about these, maybe this would be a way. But this would mean to make it a definite standard for mastodon clients and blew the complexity and dependencies of such up. On the other hand any further encrypted communication improves privacy for everybody, so maybe it's worth the resources? 🤔
@tinker @facts_the_alt

@homer77 @tinker @facts_the_alt

no change to server software required

non-compliant clients would be motivated to update by other's use of crypto

@tinker
Couldn't Mastodon emplement a browser en/decryption like protectedtext.com? So not even the Admins could read the messages. 0-knowledge storage.

Or do I miss something?
@facts_the_alt

@cwcopa @tinker That was more or less my idea: run the Signal protocol in the web clients or on a mobile device. The only hangup would be syncing messages across client devices.

@facts_the_alt
Why would that be a hangup? Store the messages on the server, encrypted obviously, and decrypt it via password on the device. An other example would be standardnotes.org. It is working fine.
It could be a feature and not the standard.
@tinker

@tinker @facts_the_alt

Hmm... one could use client-side encryption of toots -- this is maybe more difficult in a web client --- but it is possible.

It could be like off-the-record for jabber.

I am just stating that it *could* be done, not that I have done it.

@tinker and/or encrypt using a local only tool before transmitting over any medium :pawy2_tup:

@tinker Yeah, I've just casually given up on the idea that privacy and secrecy exist on the internet.

@tinker
Would recommend #signal from #openwhisper if you are really looking to chat privately.
It's code will make. #privacy and #securiry guy drool.

@tinker matrix e2e is not mature enough at this point of time but I am seeing it to be a damn good tool in the few years to come.

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.