Nice introduction by Per Axbom who also just rejoined the Fediverse.

  • Tryp
    link
    fedilink
    72 years ago

    There is a rumor that admins can read your direct messages. This is essentially true. In essence, if someone hosts their own instance they can always look in their own database. But the general working of the software is that admins can only read if someone reports content to them. Anyway, this is a good reminder to never use direct messages for sensitive information, on any social media system. And yes, dishonest people can also start Mastodon communities. Awareness is good for making informed choices.

    Glad he called it out (although quite mildly) because this is something the general public won’t be ready for in social media. I say this is mild because at the worst end of the scale a malicious/racist/violent person who hates certain types of people could setup a server just for that and let it run as a paradise while collecting data on all the people who join. Email addresses, IP, local groups/meetups and if they were really motivated could probably turn off metadata stripping, literal goldmine of data if you run an instance

    I’m not too keen on this whole SPREAD OUT AND JOIN THE INSTANCE THAT’S RIGHT FOR YOU because that sounds like a great way to force people into the hands of shitty (or as mentioned malicious) admins who don’t care if they shut down their instance one day without warning.

    I think it’s more prudent to advise people to organize with their group and start their own instance which gives them more protections. Know your admins, a big benefit of the fediverse.

    • smallcirclesOP
      link
      fedilink
      02 years ago

      Yes, this is a very good point. I haven’t heard of cases like this yet, but it is something that’s just waiting to happen. I am all for trusting people, being trust-first in a society that promotes distrust before trust. But in this case consequences of doing so can be dire, and it is quite a risk you take. Besides for the purposes trolling, someone could also silently monetize collected data by selling it to shady harvesting companies.

      Currently various research is underway for going towards a peer-to-peer fediverse. Well actually a hybrid decentralization with a combination of p2p and federated services. In those p2p clients you don’t need to self-host a server, just install an app.

      Other than that currently we have to go from reputation of the admins. If they have a proven track record and many people vouching for their trustworthiness, then we can be reasonably confident in choosing their instance.