Mastodon cannot be securely used with Tor since it cannot run as a native hidden service. If you do not use mastodon with a hosted vpn (such as mullvad) then both the server and @nvk can log your IP address. The server is a honeypot of personal info on bitcoiners including DMs. Be aware!

@mattodell @nvk
it's definitely possible to allow users to connect to the mastodon site through an onion service, for example i have x0f.org available at bvrgrzu5awjacohape5s6s3j2loclt

Follow

@orionwl @mattodell @nvk also, that the server holds DMs is presumably orthogonal to this. E2E encryption would be nice, requiring key infrastructure though. I treat DMs here as quasi-public, but I also do that for other platforms.

· · Web · 1 · 4 · 18

@waxwing @mattodell @nvk
right i wouldn't hold my breath for mastodon supporting E2E encryption; i'm not sure it's even good if every software develops its own E2E encrypted private communication because spreads out cryptography review so much
it's a publication protocol mainly

FWIW x0f also runs a matrix server, a chat protocol that supports E2E (even for group chats), if you're on this server and interested in an account let me know

@orionwl @waxwing @mattodell @nvk I wouldn't be surprised if the Mastodon devs actually think E2E encryption on chats would be a negative. Mastodon is designed around a community model, with moderation, in a context of being worried about abuse and toxic behavior. If that's your design goal, is E2E encryption on DM's actually a feature you want? _I_ would say yes. But I can imagine those devs saying no.

@pete @orionwl @waxwing @mattodell @nvk

Don't know about mastodon, but the pleroma dev (@lain) actually wrote an interesting and complete article about E2EE on the fediverse and in for instant messaging in general

blog.soykaf.com/post/encryptio

Sign in to participate in the conversation
unidentified instance

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!