#mastondon Friends!
Technical Discussion
156
Posts
65
Posters
35
Views
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson Any UX improvement would be great.
Maybe it is possible to integrate something like XMPP or MLS later for encrypted DMs? They could both federate too.
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson I think all of these ideas stem from how, on every other platform, DMs are a fundamentally different "thing" than posts. I worry that a dedicated interface and separate notifications reinforce that expectation away from the technical reality. They make private mentions look more like DMs, but they still don't act like it. So then when those posts aren't encrypted, or you tag someone and they get a notification about it, you're even more surprised.
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson A UI change first would go a long way in alerting you if you break your intended private mention by including more than 1 at sign or any hashtags. This can be a source of great angst.
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson I think that every message not meant as a public broadcast should be end-to-end encrypted, regardless of the app or service that people use to send it. People shouldn’t have to worry if the information they’re exchanging is private and secure or not. It should be table-stakes these days, just like HTTPS is for websites. When you create a website, you don’t ask yourself if it’s sensitive enough to need it, it’s just common practice to generate an HTTPS certificate for everything.
-
@scottjenson I think that every message not meant as a public broadcast should be end-to-end encrypted, regardless of the app or service that people use to send it. People shouldn’t have to worry if the information they’re exchanging is private and secure or not. It should be table-stakes these days, just like HTTPS is for websites. When you create a website, you don’t ask yourself if it’s sensitive enough to need it, it’s just common practice to generate an HTTPS certificate for everything.
@scottjenson That said, if it’s much easier to make the other improvements, it might be worth it to ship them without waiting on E2EE to be ready (but it should still be worked on).
Also, some Fediverse services do support E2EE, like @HolosSocial.
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
My two cents: (sorry, long text)
A revamp would help a lot, I don't think it needs to be encrypted but it could be good if it were.
Since anyone can set up an instance, any admin can look into people's DMs if they're really motivated to do so, and normal users don't know that. For example, my family wouldn't like knowing that I have access to their DMs if they're in my instance. We may not like the idea that our friend that has an instance have the possibility to look into our messages. Also criminals can be admins of instances, as well as states, the police, and secret agents may create popular, appealing instances to gain access to people's private messages and posts. We don't see many women exposing themselves in the Fediverse but we can guess what could happen if some decide to do so in an instance where an unethical admin falls in love with her and start reading her private messages.
Another reason for encryption is to protect administrators in certain situations, but it's a double-edged sword. Without access to private messages, admins can't hand them over to law enforcement as plain text. This means they won't be able to provide data on real criminals, which some may dislike because they want to help put criminals in jail. On the other hand, in jurisdictions where minorities (e.g., LGBT+) are persecuted, admins who support their communities may be required to provide private information, such as direct messages, about their members to the police. If the texts are not encrypted, this could be a difficult situation because admins would release information about their friends and allies. These communities should, of course, be taught to use other means of private communication. However, the potential dilemma some admins could face may cause them to prefer enabling encryption.
Another reason may be that admins want to protect members from the admin's own weak cybersecurity skills. For example, imagine a family community where someone creates an instance for the Smith family or a group of parents creates an instance for their teenagers. This allows teens to post photos and other content in a less wild environment than Meta or TikTok. As it becomes easier for non-tech people to create a #Mastodon instance, they may prefer an encrypted messaging solution in case something bad happens (such as a hacker gaining access to the database), since most of them aren't cybersecurity experts and use default configurations. At least if DMs leak, they're encrypted.
These are just the first examples that came to my mind.
If Mastodon choose not to offer encryption, it could at least explain to people what to expect from DMs. It could also provide icons or links directing them to information on how to communicate safely, maybe even actively suggest a solution, such as XMPP, if it would like to promote the development of certain protocols or messengers.
Or maybe if users indicate in their profiles which private messaging apps they use, people who try to DM them may see a QR code or an icon/link to join them on a specific app?
Another thing, I'm currently using Friendica and Friendica allows us to install add-ons (web version). There is a pluggable add-on called "Converse.js" that allows people to use encrypted #XMPP chat inside Friendica's interface to communicate securely instead of using normal DMs. Mastodon could integrate a similar plugin so interested users could activate end-to-end #encryption for sending messages, if they want. Maybe if it uses existing third-party solutions like Friendica does, the Mastodon team won't have to do everything from scratch.
One last thing: other Fediverse platforms face the same demands. If projects decide to develop an encrypted messaging solutions, it would be good if it could be implemented across the entire #Fediverse. Since that would take a lot of time, just a revamp of Mastodon's DMs in the meantime could be enough.
-
@benpate Could not agree with you more! Do you have any ideas on how to improve threads? Any products that do it well for example? Branching threads are a bit like merging PRs, the dependency tree can get crazy complex!
Yeah, it’s a sticky problem, and better designers than I have struggled with it. I did a tour of different solutions, but didn’t come away with any slam dunk answers.
It probably depends on the use cases you anticipate most. 😟
I settled on something close to Reddit, showing nested replies + a “focus” widget that follows a single thread “up” to the original post.
I can share some screenshots/drawings if you think it would help to visualize.
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson For me it's the expectation of privacy for private messages that makes encryption a requirement, not an option. Depending on the jurisdiction of the instance, authorities might be trivially able to get all content, including private messages. Also, instance admins might snoop around for whatever reason they think is valid. Encryption by default is the only way to guarantee privacy expectations. 1/2
-
@scottjenson For me it's the expectation of privacy for private messages that makes encryption a requirement, not an option. Depending on the jurisdiction of the instance, authorities might be trivially able to get all content, including private messages. Also, instance admins might snoop around for whatever reason they think is valid. Encryption by default is the only way to guarantee privacy expectations. 1/2
@scottjenson Yes, this makes automated scanning for spam and harassment impossible. Here's how to fix it: when a user reports "bad" private messages, a warning box pops up, informing the user that the unencrypted content will be sent to the admins. After user OKs that, that is exactly what happens. It's an acceptble compromise, in my opinion. 2/2
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson Hi Scott, I believe the option is complex, honestly.
Encryption is tricky but I also think it provides layers on top of the communication that might make it feel larger than a quick "dm"? I can't speak to others obviously but Mastodon should consider what solutions you are providing and if they make sense for the platform.
Encryption is useful, but does it make sense for Mastodon? Is that the direction the social media tool is moving? Encryption-focused 1:1 communication?
-
@neal OOOOOh, that's a cool point! Thank you. What are you suggesting, that PMs are ONLY 1:1?
As a related issue: replies to "followers only posts" being "my followers only" is a strange behavior.
I think if there was a "replies can only restrict the audience compared to the audience of the replied post, not expand it" constraint, that would solve both issues
-
@benpate Could not agree with you more! Do you have any ideas on how to improve threads? Any products that do it well for example? Branching threads are a bit like merging PRs, the dependency tree can get crazy complex!
@scottjenson @benpate is there a reason private messages need to support threading? Most DMs on other platforms are flattened to a single thread for simplicity.
If threading is still necessary, iOS’s design for replies to specific messages in iMessage feels easy to follow for me
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson I'm not against interface improvements, or even doing that first, but I'm all in on encryption.
Mastodon is all about privacy and putting users first. When I DM someone the whole point is that the message is only for them. I prefer that administrators not be able to see.
-
@scottjenson I think just knowing that the DMs are not encrypted is enough IMHO. If you want something encrypted use Signal.
@phillycodehound @scottjenson I love Signal, but there is something to be said for being about to communicate with fediverse people directly in the fediverse.
-
@scottjenson Hi Scott, I believe the option is complex, honestly.
Encryption is tricky but I also think it provides layers on top of the communication that might make it feel larger than a quick "dm"? I can't speak to others obviously but Mastodon should consider what solutions you are providing and if they make sense for the platform.
Encryption is useful, but does it make sense for Mastodon? Is that the direction the social media tool is moving? Encryption-focused 1:1 communication?
@jackryder all fair questions! All I can say is that there are many within the community that are quite adamant that DMs must be encrypted. The most common reason is that they don't want admins to spy on their posts.
My concern is just that setting up E2EE is rarely a simple process. I expect it to be a ux challenge to make it easy.
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson Encription should be an option, not a must.
Not everything should be hidden, and by reducing the cpu time you'll reduce the carbon footprint, too.(I'm talking about end-to-end encryption here, not about user's AAA or inter-server comms).
Personally, I hate this modern trend of hosting public blogs via HTTPS. Not everything should be encrypted!
-
@jackryder all fair questions! All I can say is that there are many within the community that are quite adamant that DMs must be encrypted. The most common reason is that they don't want admins to spy on their posts.
My concern is just that setting up E2EE is rarely a simple process. I expect it to be a ux challenge to make it easy.
@scottjenson I appreciate the response and transparency.
I believe I understand the fear for concern and secrecy. I don't believe there will be a simple & straight forward solution. As you said, "just setting up..." is often a lot trickier than we anticipate.
I'm not familiar enough with the stack to know what would need to change. I imagine there are quite a few underlying systems that would need at least partial rework and that alone would cause for a trickle down effect on literally everything. Ouch. I wouldn't envy sitting in on those prioritization calls.
Personally, though I don't mean to sound diminishing to the population I would do exactly what it looks like you guys are doing. Checking the temperature and prioritizing the needs. Kind of glad to see people actually asking.
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson
Signal is my go-to when I feel there's a need for #Encryption. If it was available in Mastodon for private messages, I'd probably use it.I don't think the Fediverse is on the radar of the current administration here in the US yet, but they might be someday. What happens when law enforcement types show up at a Masto admin's doorstep? Do they give up all the data willingly? Even without a subpoena or judge's order?
-
@scottjenson
Signal is my go-to when I feel there's a need for #Encryption. If it was available in Mastodon for private messages, I'd probably use it.I don't think the Fediverse is on the radar of the current administration here in the US yet, but they might be someday. What happens when law enforcement types show up at a Masto admin's doorstep? Do they give up all the data willingly? Even without a subpoena or judge's order?
@scottjenson
It would be nice to know my private conversations really are private, regardless of the legality of a search.Until then, all my Private Mention conversations here are benign, boring stuff kept away from the public eye. Knowing it's not truly private, I carefully consider what information I share.
*My apologies if my responses have done nothing more than regurgitate common knowledge. Hopefully this is the type of input you're seeking.
-
@scottjenson @benpate is there a reason private messages need to support threading? Most DMs on other platforms are flattened to a single thread for simplicity.
If threading is still necessary, iOS’s design for replies to specific messages in iMessage feels easy to follow for me
Hey Jesse ~ great point. It would probably depend on how people use it. And private/direct messages are probably different from comment threads on public posts.
For public messages (like this one) it feels like people have the expectation of real threads.
For private messages, I agree with you & have been considering iMessage's method: showing everything chronologically, with 1) a note if something is a direct reply and 2) the ability to "zoom" in on replies.
Feed RSS
Gli ultimi otto messaggi ricevuti dalla Federazione
-
Might bee a bug, I need to touch things regarding that
-
-
@julian @mario Yes, it supports both Add and Announce. However, wrapped activities are simply added to a conversation, there is no concept of "group" yet.
-
Is this what Mitra does now for 171b/1b12 cross-compatibility?
-
@julian I think Lemmy can keep sending Announce, but accept Add(Activity) as equivalent. FEP-171b implementers can do the reverse. That's easy and doesn't require any breaking changes. @nutomic @mario
Please don't use multi-typing :]
-
Hi #WAFRN @admin@app.wafrn.net
I see messages coming in, that provide in context just the following:
https://app.wafrn.net/contexts/litepub-0.1.jsonld
So i miss the following:
https://www.w3.org/ns/activitystreams
As an AS context is missing, i currently don't process such messages.
Is this by purpose?
-
@scottjenson In my opinion, encryption is moot as long as the behaviour of not having a distinction between “recipients” and “mentioned accounts” persists.
@gracjan
-
> @silverpill@mitra.social said:
>
> Alternatively, they can start using Add instead of Announce, like we do. @julian Does that sound feasible?I personally have no problem with it (after all, I advocated in OP to just send both activities)
But I know @nutomic@lemmy.ml will absolutely veto the discussion because it is a breaking change for the entire threadiverse, and he is not wrong.
There is a third option... and that is to send a single multi-typed activity 🤣 maybe this is the turning point for adoption of multi type activities! (Of course I'm only half joking because I'm sure that'll be ruled breaking and unfeasible too.)
