Post AIxMBiXtsPN5sOE2zY by atomicpoet@mastodon.social
(DIR) More posts by atomicpoet@mastodon.social
(DIR) Post #AIxFUQf3ta5aEPYCR6 by atomicpoet@mastodon.social
2022-04-29T21:30:36Z
0 likes, 0 repeats
HOW TO SEND A PRIVATE MESSAGE ON MASTODONFor everyone coming from Twitter, private messages (DMs) on Mastodon might seem confusing. So here's a brief tutorial:Step 1: In compose box, include recipients address, write your message, then click the "globe" icon.Step 2: After clicking globe icon, set permission level to "Only people I mention".Step 3: Ensure globe icon is changed to "@" icon so that privacy level is as desired.Step 4: Toot!Voila! Private message has been sent!
(DIR) Post #AIxFURGzcYQk83IUYi by Sandra@idiomdrottning.org
2022-04-29T21:38:23.419248Z
0 likes, 0 repeats
@atomicpoet Very good! I've seen some Qs around this today so thank you for this!People should also note that instance admins can read 'em so don't send passwords and stuff in there! ♥
(DIR) Post #AIxFURqRUkmptzsnoW by greeneyes@mastodon.online
2022-04-29T21:53:18Z
0 likes, 0 repeats
@Sandra @atomicpoet I find a little weird that admins can read private messages between two people?
(DIR) Post #AIxFUSOTSE0bbXnyrI by AIaYYAle4i1uKmKpqy.gme@bofh.social
2022-04-29T22:02:01.165826Z
0 likes, 0 repeats
The admin of any system can read private messages between two people unless the messages are E2EE.
(DIR) Post #AIxFUSS1F2qPmXSoNs by atomicpoet@mastodon.social
2022-04-29T21:48:34Z
0 likes, 0 repeats
HOW TO VIEW A PRIVATE MESSAGE ON MASTODONViewing private messages is also quite different from Twitter. Here's another brief tutorial.Step 1. Click the menu button (a.k.a "hamburger") It's located at the top far left of your screen.Step 2: You'll now see a menu that says "Getting started". Click the menu item that says "Conversations".Step 3: The "Conversations" column is where you see your private messages. This is where you can see private messages that have been sent and received.
(DIR) Post #AIxFxwjbj74y6Rkfaa by greeneyes@mastodon.online
2022-04-29T22:06:36Z
1 likes, 0 repeats
@gme @atomicpoet @Sandra that’s why I use E2EE communication apps to talk private to someone.
(DIR) Post #AIxG13zDDnErSjXMCu by AIaYYAle4i1uKmKpqy.gme@bofh.social
2022-04-29T22:07:57.900385Z
0 likes, 0 repeats
As you should. ;-)
(DIR) Post #AIxGBp74rMqkWHLYZM by topaz@meow.social
2022-04-29T21:44:12Z
0 likes, 0 repeats
@atomicpoet Weird! It's called "Direct" and has a mail icon here.
(DIR) Post #AIxGBqN4BPEYQ9pq88 by evelyn@misskey.bubbletea.dev
2022-04-29T22:09:53.428Z
0 likes, 0 repeats
actual e2e DMs are a terrible idea, where once users had a false sense of security, once again they'll have a false sense of security
(DIR) Post #AIxGBqrCNNKvvbvu64 by topaz@meow.social
2022-04-29T21:45:05Z
0 likes, 0 repeats
@atomicpoet Also huh, what are Twitter DMs like? Masto DMs seem perfectly logical to us, but we've never tried Twitter.
(DIR) Post #AIxK1xIZyGYopMHDFo by ocdtrekkie@mastodon.social
2022-04-29T22:31:50Z
0 likes, 0 repeats
@gme @atomicpoet @Sandra @greeneyes Sure, but with Mastodon (as with smaller forums back in the day), the likelihood your admin knows you individually is much much higher. And large corporate platforms have controls and auditing to prevent employees from abusing their access this way.
(DIR) Post #AIxK1yHYJZKjsSnuIC by ocdtrekkie@mastodon.social
2022-04-29T22:33:10Z
1 likes, 0 repeats
@gme @atomicpoet @Sandra @greeneyes But in general I think private messages on a federated platform is mostly silly anyways, I wouldn't use them for anything sensitive.
(DIR) Post #AIxK33X8HAbeSBbnNY by atomicpoet@mastodon.social
2022-04-29T22:36:23Z
1 likes, 0 repeats
@ocdtrekkie Uh, that's not true. When I was working for a major social media company, people who made CLIENTS could see private messages from Twitter. @gme @Sandra @greeneyes
(DIR) Post #AIxK35cWW66gvU983k by atomicpoet@mastodon.social
2022-04-29T22:39:59Z
1 likes, 0 repeats
@ocdtrekkie It's crazy that more damage hasn't been done due to lack of E2EE. @gme @Sandra @greeneyes
(DIR) Post #AIxKAnqYTzLm7QO5IG by AIaYYAle4i1uKmKpqy.gme@bofh.social
2022-04-29T22:54:32.164080Z
0 likes, 0 repeats
Wasn't there a scandal with FB a while ago where employees were reading the private messages of celebrities? Bottom line is you have no expectation of privacy on the Internet if your message is not encrypted at-rest and in-motion.
(DIR) Post #AIxKaAjAY75iK21tfU by ocdtrekkie@mastodon.social
2022-04-29T22:57:38Z
0 likes, 0 repeats
@gme @atomicpoet @Sandra @greeneyes There have been such incidents at Google, Facebook, and I'm sure Twitter... but people got fired for it, and that's why those controls are in place. Arguably your Mastodon admin can do whatever they want for whyever they want.
(DIR) Post #AIxKaBKkIP9ICZbuEq by AIaYYAle4i1uKmKpqy.gme@bofh.social
2022-04-29T22:59:07.087577Z
0 likes, 0 repeats
Which changes nothing. ;-)> You have no expectation of privacy on the Internet if your communication is not encrypted at-rest and in-motion.
(DIR) Post #AIxLgtM7dRT2QT19ou by evelyn@misskey.bubbletea.dev
2022-04-29T23:11:34.583Z
1 likes, 1 repeats
@ocdtrekkie@mastodon.social @gme@bofh.social @atomicpoet@mastodon.social @Sandra@idiomdrottning.org @greeneyes@mastodon.online So if we talk about Facebook for example, employees abusing access to creep on people was apparently rampant, I assume it still is, in the space of 2014 and 2015, 52 employees were fired for doing exactly that. It raises a lot of questions - were they the only ones who got caught? Clearly they didn't expect to be anyway.
(DIR) Post #AIxM4DHrhHFYu09AwK by ocdtrekkie@mastodon.social
2022-04-29T23:01:09Z
0 likes, 0 repeats
@gme @atomicpoet @Sandra @greeneyes I wouldn't really agree, because that also places a drastically higher bar on encryption that... may or may not actually do you any good in practice. For instance: Most people pwn their own web browser with extensions that render basically all that encryption useless. ;)
(DIR) Post #AIxM4DqxanK4eqZCds by ocdtrekkie@mastodon.social
2022-04-29T23:03:28Z
0 likes, 0 repeats
@gme @atomicpoet @Sandra @greeneyes In reality, the likelihood someone read your private messages on a major platform is infintestimally low, and at some difficulty or expense. A Mastodon admin doing it wouldn't even be legally wrong.I think we had to admit that as a real difference. When I was an admin of a small forum I dealt with a big drama over reading a PM and it was with the absolute best of intentions.
(DIR) Post #AIxM4EYuxMU6rB8J9s by ocdtrekkie@mastodon.social
2022-04-29T23:04:21Z
0 likes, 0 repeats
@gme @atomicpoet @Sandra @greeneyes I think it's much more likely your private messages get read on someone's Mastodon server than Twitter. I don't think it's really constructive to claim otherwise.
(DIR) Post #AIxM4FHEIbvj4brhE8 by AIaYYAle4i1uKmKpqy.gme@bofh.social
2022-04-29T23:15:45.174117Z
0 likes, 0 repeats
As someone that has run several instances and before that community websites and forums, and before that BBSes over the span of 29+ years all I can tell you is who has time for that shit? Most instance admins (if they're an adult) don't have time to be reading users' private messages.
(DIR) Post #AIxMBdSOnR045sc5Ds by clov@travelpandas.fr
2022-04-29T21:40:38Z
0 likes, 0 repeats
@atomicpoet They're not *Private Messages*, but *Direct Messages*.
(DIR) Post #AIxMBeA0BJsWH70uBc by clov@travelpandas.fr
2022-04-29T21:50:45Z
0 likes, 0 repeats
@atomicpoet You also use *privacy level* instead of *visibility level*.I'm really sorry to jump on you like that, but newcomers really need to understand the subtle differences between visibility and privacy. Because on a decentralized/federated network, privacy can only be achieved with end-to-end encryption — which is not the case actually.
(DIR) Post #AIxMBelDwveW8YQdCi by atomicpoet@mastodon.social
2022-04-29T21:57:05Z
0 likes, 0 repeats
@clov I understand the technical differences. However, we have to also understand:1. Many Twitter users don't understand what "direct message" means whereas "private message" gets to the fundamental point.2. Likewise, many Twitter users understand that private messages are not entirely private. Instead what concerns them is that they're at a privacy level between two parties.3. You socialize with many people who commonly know what end-to-end encryption means. This isn't the case for most.
(DIR) Post #AIxMBfRPQ5OeFOAJxQ by atomicpoet@mastodon.social
2022-04-29T21:58:39Z
0 likes, 0 repeats
@clov By all means, educate people about the nuance of privacy, encryption, so on and so forth. However, the tutorial's purpose is to simply help people send private/direct messages. If they don't think they can do that, they will leave Mastodon -- possibly forever.
(DIR) Post #AIxMBg1DGy2K2QuulU by clov@travelpandas.fr
2022-04-29T22:46:57Z
0 likes, 0 repeats
@atomicpoet Isn't this marketing?Because for me, tutorials are made to help people **understand** what they're doing. Not lying to them. Not taking them for idiots, unable to make the link and the differences between "direct" and "private", or "visibility" and "privacy".
(DIR) Post #AIxMBgb17qfzpTfVZY by clov@travelpandas.fr
2022-04-29T22:56:06Z
0 likes, 0 repeats
@atomicpoet If your only concern is "people gonna leave if they understand so called *private messages* are in fact NOT private.", you doing it the **wrong way**.They have the right to known. They have the right to choose how to deal with this kind of information. Now, better than too late.Anyway, I really don't understand why it's so hard for you to use "Direct Message", "Visibility settings" and the disclaimer "but remember they're not really private"…
(DIR) Post #AIxMBh6ZEXuhPKQhkW by atomicpoet@mastodon.social
2022-04-29T23:04:39Z
0 likes, 0 repeats
@clov I think 99% of users don't care about E2EE. Further, they don't think about privacy the way you do.
(DIR) Post #AIxMBhs4NvuXmeedn6 by clov@travelpandas.fr
2022-04-29T23:06:52Z
0 likes, 0 repeats
@atomicpoet it's not the point.And please stop takinq people for fools, including me.If you don't understand the problem is NOT word meanings or E2EE, this is the end of this conversation.
(DIR) Post #AIxMBiXtsPN5sOE2zY by atomicpoet@mastodon.social
2022-04-29T23:10:52Z
0 likes, 0 repeats
@clov Dude, you're literally arguing with me about the meaning of a word. Clearly, this is the field you want to die on. Hint: Twitter users just want to do what they could do on Twitter. And what they were doing wasn't encrypted 🙂
(DIR) Post #AIxMBj5ZrCJHYpywU4 by clov@travelpandas.fr
2022-04-29T23:13:35Z
0 likes, 0 repeats
@atomicpoet I'm arguing about not fucking lying to people.
(DIR) Post #AIxMBjbpvG79At4hlY by atomicpoet@mastodon.social
2022-04-29T23:16:34Z
1 likes, 0 repeats
@clov Everybody knows there's no encryption. It says so when you send the damn direct message. If you're not aware there's different levels to privacy, then I don't know what to say to you. Most people don't care when nerds argue over minutiae which is what you're doing now.
(DIR) Post #AIxMbFzydXQArsXK1w by evelyn@misskey.bubbletea.dev
2022-04-29T23:21:47.104Z
1 likes, 0 repeats
@ocdtrekkie@mastodon.social @gme@bofh.social @atomicpoet@mastodon.social @Sandra@idiomdrottning.org @greeneyes@mastodon.online so from my perspective in this, I've attended infosec cons previously where there's been Facebook employees attending, and I'm sadly not unaccustomed to people acting creepy around me, even at supposedly semi-professional events. So, for me, something like this is maybe not the most likely thing in the world but it's also definitely somewhere in the threat model (or would be, if I had a facebook account, at any rate!). I actually consider it to be more likely than my instance admin, a friend, creeping on me, anyway.
(DIR) Post #AIxN4t4mQVmCSjub3Y by shibao@misskey.bubbletea.dev
2022-04-29T23:27:06.933Z
0 likes, 0 repeats
@evelyn @ocdtrekkie@mastodon.social @gme@bofh.social @atomicpoet@mastodon.social @Sandra@idiomdrottning.org @greeneyes@mastodon.online creep creep creep
(DIR) Post #AIxNP1mBn02VElosz2 by ocdtrekkie@mastodon.social
2022-04-29T23:29:26Z
0 likes, 0 repeats
@evelyn @Sandra @atomicpoet @gme @greeneyes Well, bear in mind, if I knew Facebook employees, I'd find the likelihood one has read my messages much higher than if I didn't know any Facebook employees (aka, if they have no reason to know who I am or care about my messages).If your Mastodon admin knows who you are, you're in the same boat as friends/enemies of Facebook employees. But with less security controls in place.
(DIR) Post #AIxNP2MLcYxl2ujlLM by evelyn@misskey.bubbletea.dev
2022-04-29T23:30:45.787Z
1 likes, 0 repeats
@ocdtrekkie@mastodon.social @Sandra@idiomdrottning.org @atomicpoet@mastodon.social @gme@bofh.social @greeneyes@mastodon.online i mean for one I don't have a mastodon admin, for another the question is whether i trust someone I know actually has some moral integrity vs someone who clearly inherently does not
(DIR) Post #AIxOJ52Ir8iHZ35K3E by evelyn@misskey.bubbletea.dev
2022-04-29T23:40:55.538Z
0 likes, 0 repeats
@shibao @ocdtrekkie@mastodon.social @gme@bofh.social @atomicpoet@mastodon.social @Sandra@idiomdrottning.org @greeneyes@mastodon.online o no
(DIR) Post #AIxORO3W1egerwc3wO by n8chz@queer.party
2022-04-29T23:41:24Z
1 likes, 0 repeats
@gme @ocdtrekkie @atomicpoet @Sandra @greeneyes Rick Falkvinge unfortunately has been showing signs of going IDW, but I think his advice re. information hygiene is worth following:"Information hygiene means that you’re aware not of what somebody claims to do with your data, but that you understand what they are able to do."https://falkvinge.net/2017/05/03/unroll-selling-your-inbox-to-uber-information-hygiene/
(DIR) Post #AIxOqenOvJsg1k7osS by ocdtrekkie@mastodon.social
2022-04-29T23:43:47Z
1 likes, 0 repeats
@n8chz @gme @atomicpoet @Sandra @greeneyes IDW? New acronym for me I think.I agree, in fact, I just do think the real world likelihood your PMs get read by someone on Mastodon is higher than a major corporate network, and it's okay to admit that while encouraging people to communicate privately on other mediums.