Seems if the messages are sent in an inherently insecure fashion, all one would need to do is set up an instance that purposefully does not filter out all the things it’s supposed to be kind/competent enough to filter out, and boom it has everything.
Comment on [deleted]
skullgiver@popplesburger.hilciferous.nl 6 months ago[deleted]
4am@lemm.ee 6 months ago
kevincox@lemmy.ml 6 months ago
It’s not “inherently insecure” at least not to that degree. (Once could argue that lack of E2EE is insecure.) If you stand up an unrelated instance you shouldn’t be able to access private messages that don’t relate to an account on your instance. So only bugs in your instance, or your conversation partner’s instance, will be able to leak those messages.
jherazob@beehaw.org 6 months ago
I recall somebody’s working on actual, E2EE Mastodon DMs, but couldn’t give you details, i guess when it’s ready we’ll know when people start using it
Peter1986C@lemmings.world 6 months ago
That would be Sup: github.com/theSupApp By the same person who started Pixelfed.
jherazob@beehaw.org 6 months ago
How the hell does he do so much? 😄