Post APH7jaMqlhx08M9ZWS by Moon@shitposter.club
(DIR) More posts by Moon@shitposter.club
(DIR) Post #APH7S3eJA52TjixfJw by dielan@shitposter.club
2022-11-04T23:18:44.392422Z
41 likes, 20 repeats
Twitter refugees flooding Mastodon are discovering their DMs aren't private and are mad the UI makes it unclearSays the users of the only frontend that is actually unclear about this :pensive_cowboy:
(DIR) Post #APH7avHHehQENaQ2nA by sapphire@shortstackran.ch
2022-11-04T23:20:25.945776Z
3 likes, 0 repeats
@dielan eh, pleromafe isn't either but its common sense that admins can read your DMs
(DIR) Post #APH7c6z5cGq0yaTYhs by mint@ryona.agency
2022-11-04T23:20:00.766824Z
10 likes, 0 repeats
@dielan >implying twatter encrypts them as well
(DIR) Post #APH7dJJXGBA7VQbvqi by thatbrickster@shitposter.club
2022-11-04T23:20:39.002026Z
0 likes, 0 repeats
@dielan If they can't see it, they can't complain. It's security through obscurity. :npc:
(DIR) Post #APH7gcoTDgiMqjf21o by dielan@shitposter.club
2022-11-04T23:21:26.215811Z
3 likes, 0 repeats
@s8n I hope he archived those :kekw:
(DIR) Post #APH7jaMqlhx08M9ZWS by Moon@shitposter.club
2022-11-04T23:21:56.706525Z
2 likes, 0 repeats
@eris @dielan not really since the endpoint delivers the application so any interception could just send you a bugged frontend.
(DIR) Post #APH7l0uDaMvijKRSka by mistermonster@freespeechextremist.com
2022-11-04T23:22:19.762687Z
0 likes, 0 repeats
@dielan shut up and give me frideynight.com
(DIR) Post #APH7mBcLFH0QF1diWO by dielan@shitposter.club
2022-11-04T23:22:24.260194Z
3 likes, 0 repeats
@eris you could trade PGP keys and send cyphertext to your friend on the other endIve seen people do it but it sounds like a pain in the ass lol
(DIR) Post #APH7n2LrBIJLnFKngW by alex@ak.kawen.space
2022-11-04T23:21:34.643486Z
11 likes, 3 repeats
@dielan >Come to a decentralised network>Recommend Signal over Matrix or XMPP for encrypted chatNormiepilled
(DIR) Post #APH7nhqQuW8ATwxIXI by animeirl@shitposter.club
2022-11-04T23:22:47.263255Z
0 likes, 0 repeats
probably could be possible but would impact usability and im also not exactly sure how you would verify other instances dont share all the keys with their admin
(DIR) Post #APH7oeaAWdB4eandsO by dielan@shitposter.club
2022-11-04T23:22:54.314069Z
1 likes, 0 repeats
@mistermonster its 4pm
(DIR) Post #APH7skEfRstvLSh3cu by lanodan@queer.hacktivis.me
2022-11-04T23:23:18.174777Z
8 likes, 1 repeats
@dielan And it's always a bit funny because Twitter DMs, discord messages, … are also left in the clear.And it's not all admins, only ones of instances mentioned.
(DIR) Post #APH7tT8AWtROaL00FE by mistermonster@freespeechextremist.com
2022-11-04T23:23:51.078000Z
0 likes, 0 repeats
@dielan ugh. Alright.Yeah doesn't Pleroma have encrypted messages in the pipe? And if you're trying to have ongoing dialogue with someone there's always xmpp.
(DIR) Post #APH8IaNaiRv4J3Bnwu by mistermonster@freespeechextremist.com
2022-11-04T23:28:23.799948Z
0 likes, 0 repeats
@animeirl @eris @dielan e2ee has to be implemented in the client. Servers handle key exchange and message transport. There are ways to provably exchange keys between parties, people demanding it though are going to give up if they're required to know or do anything to make it happen.
(DIR) Post #APH8PlrmPFTjxXjhHk by xianc78@gameliberty.club
2022-11-04T23:29:40Z
1 likes, 0 repeats
@dielan Email isn't encrypted either.
(DIR) Post #APH8UsRrMW6Jox2yOW by ned@noagendasocial.com
2022-11-04T23:30:36Z
2 likes, 0 repeats
@dielan why are people surprised by this? STOP POSTING PRIVATE INFORMATION ON A SOCIAL NETWORK!
(DIR) Post #APH8gHr9EjPro7JeT2 by itzpaquet@novo-atlantis.null.media
2022-11-04T23:24:40.194173Z
2 likes, 0 repeats
@eris @dielan mastodon does us a huge disservice by saying things like "privacy" in the marketing materials. idk if they've changed that, but you don't have privacy. not here or on twitter!
(DIR) Post #APH8rmyvqwILWjRR5c by echo@stereophonic.space
2022-11-04T23:34:42.531079Z
0 likes, 0 repeats
@dielan Well, yeah, you should probably be using something else for private messages.But Signal? Don't they still require a mobile number?
(DIR) Post #APH99WC30inCff1vc0 by matrix@gameliberty.club
2022-11-04T23:37:53Z
0 likes, 0 repeats
@dielan Somebody tell them their Twitter DMs weren't private either
(DIR) Post #APH9EjGTq3G8ewaWrg by ins0mniak@freespeechextremist.com
2022-11-04T23:38:54.286610Z
1 likes, 0 repeats
@dielan :peperly:Screenshot 2022-11-02 1.56.04 PM.png
(DIR) Post #APH9Hax9CLYjkWubRY by idiot@shitposter.club
2022-11-04T23:39:24.840089Z
5 likes, 0 repeats
@dielan >You should all be using Signal anyway
(DIR) Post #APH9Lkm4cm05MtiP0C by matrix@gameliberty.club
2022-11-04T23:40:06Z
0 likes, 0 repeats
@echo @dielan Signal is normie friendly by being actually usable and it's private enough
(DIR) Post #APH9MLc5er01ceKS4u by balrog_booger@kabuki.club
2022-11-04T23:40:16.349292Z
2 likes, 1 repeats
Apparently none of these people realize there are scripts for making XMPP servers automatically use Pleroma for account authentication. On my instance, users can easily communicate without me seeing it if they wish
(DIR) Post #APH9NTrmSV8vVaCyFk by neo@pl.comfysnug.space
2022-11-04T23:40:28.768764Z
0 likes, 0 repeats
@dielan @eris it is a real pain in the ass
(DIR) Post #APH9TGgAOyAGLWXGUa by idiot@shitposter.club
2022-11-04T23:41:31.743790Z
4 likes, 5 repeats
@balrog_booger @dielan The authentication integration is neat. However,
(DIR) Post #APH9VH2o0zx63e55zk by balrog_booger@kabuki.club
2022-11-04T23:41:53.128717Z
3 likes, 1 repeats
I like XMPP, but the normalfag resists it at all costs, unfortunately
(DIR) Post #APH9lcsEcZzuOUvyIS by hayley@social.xenofem.me
2022-11-04T23:44:50.436543Z
0 likes, 0 repeats
@mint @dielan nooooo but Twitter employees would get fired, the law makes them get fired for doing bad things!!!
(DIR) Post #APHAZ42UPSMypsIwJE by seanking@freespeechextremist.com
2022-11-04T23:53:47.092521Z
0 likes, 0 repeats
@lanodan @dielan Another thing to note about regular ol' DMs in software like Mastodon, mentioning someone in such can cause a DM to become a non-DM given the way it's set up. I don't know if this will or has changed or not. https://docs.pleroma.social/backend/development/API/chats/
(DIR) Post #APHAqx1nDRlEIrVXgu by itzzenxx@plma.plus.st
2022-11-04T23:54:29.721991Z
0 likes, 0 repeats
@idiot @balrog_booger @dielan I wish there was a client that just didn’t fucking suck
(DIR) Post #APHB282ScP3zdc9MRc by LordMordred@poa.st
2022-11-04T23:59:01.666001Z
2 likes, 1 repeats
@dielan Hope both sides get fucking shitted on
(DIR) Post #APHB8jpX1WKuaFFpDM by thatguyoverthere@shitposter.club
2022-11-05T00:00:07.600781Z
1 likes, 0 repeats
@roboneko @dielan probably
(DIR) Post #APHBKEeAmtu1LUQK00 by pwm@crlf.ninja
2022-11-05T00:02:18.300107Z
5 likes, 1 repeats
@roboneko @eris @dielan the cloud a server is just someone else’s computer
(DIR) Post #APHC9BmvB0vHFPoPiK by dushman@shitposter.club
2022-11-05T00:11:13.835076Z
1 likes, 0 repeats
@dielan What were they expecting? Twitter dms aren't private either.
(DIR) Post #APHCE2TVELEroM2ejg by dushman@shitposter.club
2022-11-05T00:12:10.583181Z
0 likes, 0 repeats
@dielan This shouldn't be any kind of revelation.
(DIR) Post #APHCVm5msXryDLPFUO by idiot@shitposter.club
2022-11-05T00:15:35.606901Z
0 likes, 0 repeats
@balrog_booger @dielan These days XMPP can do anything you want it to, but if anything you want it to is beyond the scope of "AIM but $CURRENT_YEAR," navigating through which clients and servers can and can't do what things becomes a nightmare. People gravitate towards discord (and matrix et. al. to a lesser extent) because they like one giant clusterfuck server for most things and DMs for everything else, not DMs for most things and trying to glue a group chat together for everything else.Unless there's a baby steps handholding guide for setting up client and server just fucking right to work the way aforementioned, nobody WANTS to use XMPP, and that's a solid fact. I know it's technically superior because it's all XML and there's a bunch of addendum to the protocol, it's still easier to twist arms to get people to use matrix than XMPP, for obvious reasons.
(DIR) Post #APHCe35rYJkHG8O3KS by EdBoatConnoisseur@varishangout.net
2022-11-05T00:16:44.826082Z
0 likes, 0 repeats
@balrog_booger @dielan @idiot what is your favourite xmpp client?
(DIR) Post #APHChkgzuQW9LcWRVI by balrog_booger@kabuki.club
2022-11-05T00:17:44.821895Z
1 likes, 0 repeats
Ejabberd comes out of the box with most things people want, but XMPP’s less unified and hardly anybody has any idea what’s going on with it. I barely had to do anything to get direct messaging, public/private group chats, audio/video calls to work. The main hurdle is finding anyone who even knows XMPP exists
(DIR) Post #APHCmBTMHe0XYxFvvM by balrog_booger@kabuki.club
2022-11-05T00:18:30.118873Z
1 likes, 0 repeats
The ones I’ve found work the best for me are Dino for desktop and Snikket for Android. There are others with interfaces I like more, but sometimes they have issues with encrypting the messages properly. Dino and Snikket have never failed me yet
(DIR) Post #APHCra4SFs8dIjBH7I by Giganova8@varishangout.net
2022-11-05T00:19:30.325252Z
5 likes, 0 repeats
@dielan I mean, did they think their Twitter DMs were private? Anyone at Twitter with access to the hardware could read DMs, to say nothing of the five billion government backdoors in the damn thing. I thought it was common sense that the owner of the hardware could access anything on that hardware. :asui_what:
(DIR) Post #APHE5Sg0dxDGNOvgjQ by dielan@shitposter.club
2022-11-05T00:33:10.943419Z
1 likes, 0 repeats
@balrog_booger @idiot @EdBoatConnoisseur ive not heard if Snikket I just use Conversations lol
(DIR) Post #APHEAqC6dHkYlNVWUa by internetfreak@poa.st
2022-11-05T00:34:13.318551Z
1 likes, 0 repeats
@dielan If i am not mistaken, any admin can access messages. Law enforcement certainty does.
(DIR) Post #APHEK0j2qZas21Hqgy by Dan_Hulson@poa.st
2022-11-05T00:35:52.707672Z
2 likes, 0 repeats
@internetfreak @dielan Any Admin on Fedi can access your messages on their Instance. that's why it's important to have a trustworthy Admin
(DIR) Post #APHEa925jF0mQftBDM by Dan_Hulson@poa.st
2022-11-05T00:38:47.557663Z
0 likes, 0 repeats
@Omega_Variant @internetfreak @dielan What do you expect with Shitter refugees
(DIR) Post #APHEbdRo8IFN34d14S by balrog_booger@kabuki.club
2022-11-05T00:39:03.499564Z
1 likes, 0 repeats
I prefer Conversations, generally, but there are times when it just won’t let me use encryption. I’m not really sure why. I’ve tested other servers to make sure it wasn’t a problem with mine (and I do have problems with my SSL certificates I’m trying to iron out). For whatever reason it just wouldn’t let me
(DIR) Post #APHF3xXX1WD5TKoNmq by internetfreak@poa.st
2022-11-05T00:44:11.014893Z
1 likes, 0 repeats
@Dan_Hulson @dielan Makes sense, part of being an admin. I've managed email servers and from time to time gaining access to a users mailbox is simething i had to do. If musk had to he could most likely access anyone's DMs, especially if law enforcement requires it.Uhhh... Who were they.. the McMichaels feds used private messages from facebag to slap them with bullshit charges. So I sont see the problem tbh... Maybe other platforms have to go through extra steps but its there. If anything i feel more comfortable with a fedi admin having access than whats left of the staff at twitter.So in a cynnical (maybe not the right word) way, its similar to saying "this product connects to the internet, be careful"
(DIR) Post #APHFCyeGGsk1W5G9Nw by dielan@shitposter.club
2022-11-05T00:45:33.486775Z
1 likes, 0 repeats
@internetfreak any post federated to your instance is just a SQL query away
(DIR) Post #APHFIRXwFy6yaduO5w by dielan@shitposter.club
2022-11-05T00:46:44.386470Z
6 likes, 0 repeats
@balrog_booger @idiot start at the homeI use XMPP everyday to talk to @ironee212 When are kids are older I'll use XMPP to send them text messages too :cacolaugh:
(DIR) Post #APHFOrgtxrlXPhAAK0 by tk@bbs.kawa-kun.com
2022-11-05T00:47:36.594343Z
3 likes, 0 repeats
@dielan @balrog_booger @idiot @ironee212 I use XMPP to talk to @glitter every day, too.
(DIR) Post #APHFTKBxwMbmxxos3k by balrog_booger@kabuki.club
2022-11-05T00:48:45.779484Z
2 likes, 0 repeats
@dielan @idiot Unironically I’m making another XMPP server so I can give accounts to relatives without doxing my Fediverse identity. No more Signal or Telegram crap
(DIR) Post #APHFZZT23nD04xmStE by opal@ap.maladaptive.art
2022-11-05T00:49:52.405060Z
4 likes, 0 repeats
@tk @glitter @balrog_booger @dielan @idiot @ironee212 my last few exes used xmpp, most of my friends use it, ive gotten people to make an account on a server (or mine if they cant find one) to talk to me. xmpp works
(DIR) Post #APHFf0v1QKpyfMT4nw by SuperDicq@minidisc.tokyo
2022-11-05T00:50:48.849Z
0 likes, 0 repeats
@dielan@shitposter.club I always reply that email isn't private either unless you use external programs to encrypt your messages, same applies to the fediverse.
(DIR) Post #APHFjmJh8orCpJHRia by ryo@social.076.ne.jp
2022-11-05T00:51:42.425316Z
4 likes, 0 repeats
@dielan I'm rather surprised they didn't seem to realize that there's no encryption on a forum-like system that's designed to be moderatable.If DMs were encrypted, then why the fuck is there an option to report DMs to moderators!?
(DIR) Post #APHG0Sg7PRB8qHixE0 by ryo@social.076.ne.jp
2022-11-05T00:54:42.856715Z
2 likes, 0 repeats
@balrog_booger @dielan @idiot Make it your only option, and explain them how to use it in an as idiot-proof way possible.I managed to get some of my friends to use XMPP after getting banned from LINE, and it really took me having literally no other option for them to finally give it a try.
(DIR) Post #APHGA3TxwTzpatc9OC by hakui@tuusin.misono-ya.info
2022-11-05T00:56:28.566266Z
2 likes, 0 repeats
@dielanimage.png
(DIR) Post #APHGAlfVevNGdRLzUW by Relected@shitposter.club
2022-11-05T00:56:31.350040Z
1 likes, 0 repeats
@dielan but thats the same situation with twitter as well though right
(DIR) Post #APHGDMWXbQrbWFObMe by nenetl@seal.cafe
2022-11-05T00:57:04.814541Z
0 likes, 0 repeats
lmfao so they assume it isn’t the same shit on any social media app they use 💀
(DIR) Post #APHGEGiAhNRPmXGgGe by dielan@shitposter.club
2022-11-05T00:57:09.778161Z
3 likes, 1 repeats
@ryo they dont think, they just execute programming
(DIR) Post #APHGJ2priTTQC790M4 by sneedweedandmead@chudbuds.lol
2022-11-05T00:58:06.925861Z
0 likes, 0 repeats
Stay in your containment zone normals.
(DIR) Post #APHGWQjACLHg3gON8q by chuculate@pleroma.skyshanty.xyz
2022-11-05T01:00:29.732816Z
2 likes, 0 repeats
@dielan They are in for a rude awakening that closed source doesn't mean privacy, but blissful ignorance.
(DIR) Post #APHH3aGBmDkLBCeGQK by chuculate@pleroma.skyshanty.xyz
2022-11-05T01:06:29.631270Z
2 likes, 0 repeats
@Dan_Hulson that's not the kind of trust you have to place on your admin e.ePick availability, moderation, but not privacy.@internetfreak @dielan
(DIR) Post #APHHCplBWA0TrGYbmy by Dan_Hulson@poa.st
2022-11-05T01:08:11.786739Z
2 likes, 0 repeats
@chuculate @internetfreak @dielan I trust Graf to not got looking through random messages. Who has time for that anyway
(DIR) Post #APHHK0QKGkjUxRDjYe by Chuckie_ar_la@poa.st
2022-11-05T01:09:16.861478Z
1 likes, 0 repeats
@Dan_Hulson @chuculate @internetfreak @dielan Just don't talk about anything you shouldn't be. Send nudes through an encrypted app like an adult.
(DIR) Post #APHHSG6rpfOBvM3QJM by Dan_Hulson@poa.st
2022-11-05T01:10:58.995371Z
0 likes, 0 repeats
@Chuckie_ar_la @chuculate @internetfreak @dielan Mick are you trying to flirt with me cuz I like to get to know somebody a bit better before doing stuff like that😂
(DIR) Post #APHHUuvD476X4yrwY4 by RedTechEngineer@fedi.lowpassfilter.link
2022-11-05T01:11:00.224076Z
0 likes, 0 repeats
@dielan cant read them if you PGP them. and then goes on to promote signal. which also suffers from the same problem.
(DIR) Post #APHHW55ekEF2uEJIpM by chuculate@pleroma.skyshanty.xyz
2022-11-05T01:11:39.303175Z
1 likes, 0 repeats
@ryo if it's E2EE, how about one of these ends doing a client-side revelation for check up?@dielan
(DIR) Post #APHHZcPlInRz80Ox4S by RedTechEngineer@fedi.lowpassfilter.link
2022-11-05T01:11:51.620903Z
0 likes, 0 repeats
@dielan nvm about signal. was thinking of telegram. signal is fine.
(DIR) Post #APHHnN6535XpfykmJs by ryo@social.076.ne.jp
2022-11-05T01:14:45.590254Z
1 likes, 0 repeats
@chuculate @dielan That would require SoyScript to be enabled, which is already a security issue by itself (while being enabled by default by 99% of all the browsers).
(DIR) Post #APHHpw81m2Zqu3t4vg by Chuckie_ar_la@poa.st
2022-11-05T01:14:47.690807Z
1 likes, 0 repeats
@Dan_Hulson @chuculate @internetfreak @dielan I'm well-known for my ability to get people to drop their guard (I'm not)
(DIR) Post #APHI9g8ivgPh6fcuwq by Innsmouth_Mayor@poa.st
2022-11-05T01:18:34.263878Z
1 likes, 0 repeats
@Dan_Hulson @Chuckie_ar_la @chuculate @internetfreak @dielan Is this the orgy thread?
(DIR) Post #APHIjsxKkwF5HSZ1NY by dielan@shitposter.club
2022-11-05T01:25:13.546961Z
3 likes, 1 repeats
@RedTechEngineer Signal is still badFor a long time (idk if they even fixed this yet actually) you have to give a phone number for your account. Its also running thru a centralized, closed source server (while the message is thankfully e2ee)This is a problem of leaking metadata. Say you text a cancer doctor, or a divorce lawyer, or whatever. We dont know what you discussed but when still can tell when and who you are talking to. So feds, who look at this kind of data for a living, can still piece together what your up to
(DIR) Post #APHIp0kZCmyotx2Jd2 by opal@ap.maladaptive.art
2022-11-05T01:26:17.207265Z
0 likes, 0 repeats
@dielan @RedTechEngineer signal leaks less metadata than xmpp but the problem is that the servers can go down.
(DIR) Post #APHIrJd3z6wi25cqHo by balrog_booger@kabuki.club
2022-11-05T01:26:42.932603Z
3 likes, 0 repeats
I was just talking about this in another thread. The fact that your identity is tied to a phone number makes it so easy to brute force compared with alphanumeric characters.
(DIR) Post #APHJhaLl3tqgwxSHmC by alex@ak.kawen.space
2022-11-05T01:27:29.499604Z
1 likes, 0 repeats
@dielan @RedTechEngineer This, you can never be too careful when it comes to glowies. I mean there are feds out there who will try to piece together which TOR users are the same person by browser resolution (which is why you should always browse TOR maximised)
(DIR) Post #APHNFOiJ8DPCZKoixs by animeirl@shitposter.club
2022-11-05T02:15:52.555707Z
0 likes, 0 repeats
all the people fleeing twitter based on basically nothing changing so far are not going to last long on fedi
(DIR) Post #APHNOrGcL92bjRNOng by vixn@noagendasocial.com
2022-11-05T02:17:35Z
0 likes, 0 repeats
@dielan yo u cant see passwords though, right? Idgaf if you can read my messages.. can you see my nudes?
(DIR) Post #APHOOc8AiSPUk3sDjc by dielan@shitposter.club
2022-11-05T02:28:37.677520Z
1 likes, 0 repeats
@vixn I assume the passwords aren't stored in plaintext but any image you upload should be accessible to your admin yeah. The NAS admin prob doesn't want to see your nudes tho
(DIR) Post #APHjfQ3MyGUlFETwDQ by Leyonhjelm@social.lovingexpressions.net
2022-11-05T06:26:55.457351Z
0 likes, 0 repeats
@dielan I don't want to see any nudes that aren't intended to be seen. I don't like giving that power to the leaker.@vixn