Mastodon cannot be securely used with Tor since it cannot run as a native hidden service. If you do not use mastodon with a hosted vpn (such as mullvad) then both the server and @nvk can log your IP address. The server is a honeypot of personal info on bitcoiners including DMs. Be aware!

@mattodell @nvk
it's definitely possible to allow users to connect to the mastodon site through an onion service, for example i have available at bvrgrzu5awjacohape5s6s3j2loclt


@orionwl @mattodell @nvk also, that the server holds DMs is presumably orthogonal to this. E2E encryption would be nice, requiring key infrastructure though. I treat DMs here as quasi-public, but I also do that for other platforms.

· · Web · 1 · 4 · 18

@waxwing @mattodell @nvk
right i wouldn't hold my breath for mastodon supporting E2E encryption; i'm not sure it's even good if every software develops its own E2E encrypted private communication because spreads out cryptography review so much
it's a publication protocol mainly

FWIW x0f also runs a matrix server, a chat protocol that supports E2E (even for group chats), if you're on this server and interested in an account let me know

@orionwl @waxwing @mattodell @nvk I wouldn't be surprised if the Mastodon devs actually think E2E encryption on chats would be a negative. Mastodon is designed around a community model, with moderation, in a context of being worried about abuse and toxic behavior. If that's your design goal, is E2E encryption on DM's actually a feature you want? _I_ would say yes. But I can imagine those devs saying no.

@pete @orionwl @waxwing @mattodell @nvk

Don't know about mastodon, but the pleroma dev (@lain) actually wrote an interesting and complete article about E2EE on the fediverse and in for instant messaging in general

Sign in to participate in the conversation
unidentified instance

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!