undefined | Better HN

0 pointssmoldesu3y ago0 comments

If this is a concern of yours, don't migrate your account. All instance admins play the role of Twitter CEO on Mastodon, which means (much like Amazon, Apple, Google, Facebook, Microsoft, Netflix, et. al) they can access all data you've trusted them with. The point of Mastodon is that it broke down these data silos, and give people more sane ownership models for social media. Your privacy concern is valid, but Mastodon doesn't advertise itself as a private protocol. A glorified microblogging platform doesn't really have a whole lot of data to leak besides maybe your DMs.

> We should have the expectation for private data that the operator cannot read it

That's called heterogenous encryption, and it's the technological equivalent of Mythril. End-to-end encryption doesn't stop the operator from decrypting your data. In fact, pretty much everyone has to, since raw encrypted TLS data can't just get slotted into your OneDrive/iCloud account. These operators literally need to read your data to operate on it. I genuinely don't know how you would engineer a more secure architecture here.

If you want to talk about architectures designed for malicious actors, you probably shouldn't start with distributed systems. Monolithic, profit-driven corporations like Twitter are much easier to tempt with salacious "data brokers, political shadow companies and "the feds""

0 comments

klabb33y ago

> End-to-end encryption doesn't stop the operator from decrypting your data.

It's literally the opposite. E2EE means only the participating parties can decrypt the messages.

> In fact, pretty much everyone has to, since raw encrypted TLS data can't just get slotted into your OneDrive/iCloud account.

TLS is not designed for e2ee, it's designed to protect traffic in the client server model. This is referred to as in-transit encryption. SSL got traction mostly due to e-commerce.

> I genuinely don't know how you would engineer a more secure architecture here.

Prior to computers, people pre-shared their symmetric secret keys only with those they trusted, precisely to make their messages secure from spies, couriers etc. This is e2ee.

You are right that "you have to trust our almighty server" is commonplace, but they absolutely do not have to. In 1991 came PGP which let you have e2ee over email (even if your peer is offline). Signal, Matrix etc use more advanced protocols to provide even more security and useful features. Even whatsapp and telegram have e2ee in most ways, although they have been criticized for not satisfying all criteria.

mattdesl3y ago

You might be misunderstanding E2EE. In double ratchet system, not even the operator or host can decrypt DMs.

Fully homomorphic encryption is also possible to operate _on encrypted data_ albeit computationally impractical still for a couple years.

1 more reply

masukomi3y ago

to build on that, a mastodon instance's "federated" feed is the feed of stuff that everyone on the server is receiving.

Having publicly readable posts is core to the whole idea, just like Twitter.

Note: there are some interesting forks like Hometown[1] that have interesting privacy variants. The big feature I'm envious of in Hometown is the ability to send a message _just_ to people on your server that will never leave it. BUT overall mastodon is 100% about publicly readable information (like Twitter). If someone isn't comfortable with that they shouldn't use Mastodon.

[1]: https://github.com/hometown-fork/hometown

j / k navigate · click thread line to collapse