#mastondon Friends!
Uncategorized
105
Posts
41
Posters
10
Views
-
@scottjenson broadly, encryption for DMs on a social network isn't something I'd expect.
Would any of the proposed changes to DMs trigger age-verification requirements in the UK, Australia, etc?
@mia Honestly I hadn't even thought of that, thank you for bringing it up!
-
Yes, I need it.
Because I do not trust you, the admin.
I also don't trust those who will seize servers.@katzenberger Fair enough, but can you tell me when you'd use it on Mastodon vs when you'd use it for Signal? I'm trying to understand if Mastodon, by implementing this is likely to replace Signal usage for many people? I don't think it will so I'm trying to understand WHY you'd need it in Mastodon when you just use an app that specializes in this.
-
@scottjenson as often happens in UX, it comes down to ontology.
Is this a place for publishing or communicating? Are DMs in service primarily to facilitating the former or exclusively for the latter?
Someone has to decide. I can't imagine that's easy in a volunteer-driven org.
@jarango :-) Now you know what we're moving towards this more pubic way of discussing things. It's not enough to make a decision, we have to bring the community along with us.
-
@scottjenson I think that PMs should lock to who they are initiated with. That means the people tagged for that conversation when the PM is initialized are the only people who can be in the conversation. Further mentions *must not* expand the group.
I don't know if that means you should break the ability to do a private reply to a public message, but UX wise it might make sense to do so.
@neal I will be thinking ALOT about this comment. Thank you for explaining it. Very much appreciated.
-
@jarango bingo, now you know what I'm kind of making a strong point to get a feeling about how strongly people actually feel about this.
My point is that encrypted communication is very valuable, but it's usage is quite distinct from microblogging. I'm trying to understand who needs it WITHIN Mastodon (vs just switching to an app that specializes in and likely will do a better job if I'm honest)
@scottjenson @jarango it feels like there is an overlap between microblogging and private messages.
Sometimes the microblog topic opens up a conversation that you would like to follow up in private.
At the moment you need to switch service which adds friction.
But I get your point in not wanting to build another messaging app when there are good ones like Jami.net, Signal, XMPP, etc.
Have you thought about linking messaging accounts to reduce friction?
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
As long as there's a "hey, this isn't encrypted!" Kind of Disclaimer, I'm fine. If we wanted encryption, there's other apps or services. But, I don't want people to mistakingly share sensitive info on this platform.
That said, encryption in the future would be amazing, but I prefer other improvements not be blocked by that for the moment.
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson some of these are in the Mastodon roadmap!
https://blog.joinmastodon.org/2026/02/our-technical-direction/
-
@katzenberger Fair enough, but can you tell me when you'd use it on Mastodon vs when you'd use it for Signal? I'm trying to understand if Mastodon, by implementing this is likely to replace Signal usage for many people? I don't think it will so I'm trying to understand WHY you'd need it in Mastodon when you just use an app that specializes in this.
Because "private" means "private", on whatever platform.
Platforms have different purposes. I'm not seeking for a Signal replacement, I just want the promise of "private" conversations to be kept. Like I'd expect it from any other platform that is speaking of "private" messages.
Like I expect every car to have functional safety belts.
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson I think, given today's climate, encryption should be a priority over UX changes. My thought is not whether microblogging DMs should be encrypted or not, but simply if *any* kind of messaging exists that is not public, on any service, it should be encrypted. It's the sad world we live in now where services can't be trusted. Non-public messaging that isn't encrypted shouldn't exist. Should microblogging services be Signal? Not at all. But DMs already exist, so now it has to be dealt with. Simply telling users "it's not for private discussions" isn't enough. -
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson My take (which seems to fly in the face of the zeitgeist) is that Mastodon is not meant foremost as a private messaging app. It is at its core, an *open, social* microposting platform. There are apps that are radically better suited for private and safe comms, and I am a huge proponent of letting things be true to themselves. When you try to shoehorn stuff into a system not intended to do that stuff, it ends poorly.
So, sure, DMs out of the timeline, but no Signal-like hardening.
-
@scottjenson some of these are in the Mastodon roadmap!
https://blog.joinmastodon.org/2026/02/our-technical-direction/
@mapache Yes, I know! ;-) I'm not saying no I'm exploring when (as encryption will take longer than UX improvements
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson Don't really need encryption just for the DM edge-case. I only need to know where/for who exactly my message will pop up automatically, though.
Suggesting "encryption" exists in mastodon, how can one make sure it is interoperable with ActivityPub AND nobody gets it wrong and falsely assumes encryption is omnipresent, when it is absolutely not.
-
Because "private" means "private", on whatever platform.
Platforms have different purposes. I'm not seeking for a Signal replacement, I just want the promise of "private" conversations to be kept. Like I'd expect it from any other platform that is speaking of "private" messages.
Like I expect every car to have functional safety belts.
@katzenberger Fair enough, I'm not arguing against that. It's just that encryption isn't easy and will take a long time. I'm using this as a 'research foil' to understand why people use Signal vs encrypted Mastodon PMs.
I totally get that people just want safety baked into everything, I'm not against that in any way. But it is very hard to do well.
-
@scottjenson Don't really need encryption just for the DM edge-case. I only need to know where/for who exactly my message will pop up automatically, though.
Suggesting "encryption" exists in mastodon, how can one make sure it is interoperable with ActivityPub AND nobody gets it wrong and falsely assumes encryption is omnipresent, when it is absolutely not.
@mray Encryption is being explored by a FEP
-
undefined andypiper@macaw.social shared this topic
-
@katzenberger Fair enough, I'm not arguing against that. It's just that encryption isn't easy and will take a long time. I'm using this as a 'research foil' to understand why people use Signal vs encrypted Mastodon PMs.
I totally get that people just want safety baked into everything, I'm not against that in any way. But it is very hard to do well.
I understand that, and if there is a roadmap that leads to having it, I'm happy with that.
It may also be worth considering a collaboration with those who have the expertise and are working on related ideas for the Fediverse already, like @soatok
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson Not critical, as I wouldn’t expect it because of the current implementation.
If a future iteration of PMs would change that implicit feeling, it might as well be a good idea to communicate it explicitly in the UI, e.g. at the beginning of a new conversation. Basically the opposite of what WhatsApp does (see screenshot).
Also, if encryption means it’ll harder for third party apps, services,… to adopt PMs, then I feel like it’s definitely not worth the effort.
-
@mray Encryption is being explored by a FEP
@scottjenson Interesting, seeing how other protocols got burned by adding encryption as an afterthought (XMPP, MAIL) I think we are still very very far away from having something comprehensive, reliable and usable. Unless that's a reality I'd shy away from promoting it unnecessarily loud. 🤷♂️
Encryption rocks though. I hope that FEP has lots of traction.
-
@scottjenson My take (which seems to fly in the face of the zeitgeist) is that Mastodon is not meant foremost as a private messaging app. It is at its core, an *open, social* microposting platform. There are apps that are radically better suited for private and safe comms, and I am a huge proponent of letting things be true to themselves. When you try to shoehorn stuff into a system not intended to do that stuff, it ends poorly.
So, sure, DMs out of the timeline, but no Signal-like hardening.
@octothorpe Thank you! To be clear, I'm not against adding encryption to Mastodon but it would be rather different than what you get with Signal. Here is a simple example. Many people are quite public with their real name here on mastodon, that makes sense. But if you REALLY wanted to use an encrypted message you ikely wouldn't want to use your public name. So in many ways, encrypted messages by you very little (well,in some situations)
That's kind of my point, I don't think people really see the FULL JOURNEY necessary for encryption.
However, many have said "I just don't want to have to trust my admin. I just need it for privacy" and you know, that's a perfectly good reason and to be fair, has NOTHING to do with competing with Signal.
That's all I'm trying to do here, understand how and why it would be used.
-
@earth2marsh I'm not sure I follow, can you explain this default posture a bit more and what you'd like to see a bit more?
@scottjenson for sure! I mean that when I'm writing a post, I have control over the audience. IIUC, that's a kind of control over the group of people who might see it in their timeline. It is open-ended, so for example if I shared something with followers, and then I got a new follower later, I could expect they could see it.
OTOH, a message I addressed to a specific user feels more like I'm saying this is for that user only and forever. If that message were encrypted, then it would also be private, as I could expect that even a server admin couldn't read it.
(nb: I've made a bunch of assumptions based on how I think the system works, so some of my points may be due to a flawed mental model!)
-
@scottjenson @jarango it feels like there is an overlap between microblogging and private messages.
Sometimes the microblog topic opens up a conversation that you would like to follow up in private.
At the moment you need to switch service which adds friction.
But I get your point in not wanting to build another messaging app when there are good ones like Jami.net, Signal, XMPP, etc.
Have you thought about linking messaging accounts to reduce friction?
@themipper @scottjenson we've been through this before. In the early days, Twitter DMs were specified by typing `d username` and then the text. As you may imagine, this led to several spectacular privacy fails.
IMO we know enough at this point to say private messages should be completely separate from the public timeline. They are different contexts that should be kept separate because the consequences of a mix up could be disastrous.
Feed RSS
Gli ultimi otto messaggi ricevuti dalla Federazione
-
-
@macfranc @astronomia ricordate di acquistare solo costosissime auto elettriche per combattere l'inquinamento.
-
-
@virtuous_sloth @scottjenson actually, it doesn't separate the composition of private mentions from other types of posts. It's an option on the drop down. If you forget to change the option, your PM goes out with the default visibility -- often public!
-
@evan @scottjenson
phanpy does a great job
-
I think some people were using PMs for potentially sensitive info (addresses, Venmo, etc.), and having them slightly more secure puts people at ease.
What about standard public-key stuff, dropping a short public key in a metadata field, keeping the private key on the endpoint or in the client?
-
@scottjenson not at all critical.
Hint: you could re-run this as a poll, for the question.
-
@evan the already improved UX looks good, to me.
When drafting a reply to a public toot, the word 'Public' is prominent (first screenshot).
When drafting a mention, the separation is clear (second shot).
Without being blasé about privacy: if a person accidentally publishes in either of those contexts, it's human error.
