fsebugoutzone.org:9999

       Post APSSj0XKeCwXlInbpQ by tyil@fedi.tyil.nl
 (DIR) More posts by tyil@fedi.tyil.nl
 (DIR) Post #APRTRBVSuOYrqaYug4 by ruud@mastodon.world
       2022-11-09T20:39:57Z
       
       0 likes, 0 repeats
       
       Reminder (or maybe eye-opener) to Mastodon users:Direct Messages on Mastodon are NOT encrypted.What does this mean: The message is in the database un-encrypted. Anyone with access to the database could potentially read the messages.For mastodon.world, only the admins have database access (@jeroen, @spaceriker and myself).If you have really sensitive info, don&#39;t share it on Mastodon. There are secure messaging apps for that.
       
 (DIR) Post #APRTRBw3JXpRB3097Q by apinae@qoto.org
       2022-11-09T22:52:09Z
       
       0 likes, 0 repeats
       
       @ruud Who has access on our server @freemo ?
       
 (DIR) Post #APRTRCJntEpMMi778i by freemo@qoto.org
       2022-11-09T23:12:17Z
       
       0 likes, 0 repeats
       
       @apinae Yes I am the only one who has access to the database. It is true the DM is unencrypted (though your password is hashed and cant be stolen).There is no way that anyone has figured out to encrypt it without the admin having the decryption key, and thus defeating the purpose.We do encrypt our data at rest though so if anyone got into the sserver and had access to the raw hard drive they wouldnt be able to access it.@ruud
       
 (DIR) Post #APSSizHLKAYjrQJKGe by smhoekstra@mastodon.nl
       2022-11-10T00:37:26Z
       
       1 likes, 6 repeats
       
       @ruud @jeroen @spaceriker Don’t use Mastodon for private information, it’s a community sharing platform.- Toots are stored unencrypted incl. DM’s.- Toots are stored on a server you do not control (same as twitter)- Toots are synced to all servers where your messages and boosts of your messages are followed.- DM Toots are stored on your community server and on the server of your addressee.- DM Toots can be shared (by accident) by the addressee.
       
 (DIR) Post #APSSizizfMg3FBFPMm by ErikJonker@mastodon.social
       2022-11-10T07:49:46Z
       
       0 likes, 0 repeats
       
       @smhoekstra @ruud @jeroen @spaceriker  good to repeat, use #Signal for anything you want to keep private would be my suggestion, also opensource and not-for-profit.
       
 (DIR) Post #APSSj08A9moIVF1Vb6 by ruud@mastodon.world
       2022-11-10T07:54:14Z
       
       0 likes, 0 repeats
       
       @ErikJonker @smhoekstra @jeroen @spaceriker or Matrix 🙂
       
 (DIR) Post #APSSj0XKeCwXlInbpQ by tyil@fedi.tyil.nl
       2022-11-10T10:38:52.786Z
       
       0 likes, 0 repeats
       
       @ruud@mastodon.world @ErikJonker@mastodon.social @smhoekstra@mastodon.nl @jeroen@mastodon.world @spaceriker@mastodon.world Or #XMPP!
       
 (DIR) Post #APSfH1MXHYt9cRjbTU by yes@social.handholding.io
       2022-11-10T12:59:41.067001Z
       
       0 likes, 0 repeats
       
       @smhoekstra @ruud the fediverse is a full mesh http gossip network which blasts your posts in every possible direction (and in ways you&#39;d never expect or know). this is incompatible with privacy so do not expect it, ever.
       
 (DIR) Post #APSrYpGcBsa2lgDngu by SirPaulCouture@noagendasocial.com
       2022-11-10T15:17:22Z
       
       0 likes, 0 repeats
       
       @ruud @jeroen @spaceriker You &quot;TOTALLY&quot; aren&#39;t reading the messages... lol
       
 (DIR) Post #APSrhZo12pLRQE1808 by jann@twit.social
       2022-11-09T21:45:07Z
       
       0 likes, 0 repeats
       
       @ruud @jeroen @spaceriker I keep wondering why they&#39;re not?Makes me wonder: are our passwords hashed, etc?
       
 (DIR) Post #APSrhaXOK7dngxFMjA by SirPaulCouture@noagendasocial.com
       2022-11-10T15:18:56Z
       
       0 likes, 0 repeats
       
       @jann @ruud @jeroen @spaceriker unless they fussed with the code to change it on this server, they are. One thing that always blows my mind is how big companies can&#39;t figure out password security, while tiny, one page blog apps can and do.
       
 (DIR) Post #APSryC76NucUrgruka by SirPaulCouture@noagendasocial.com
       2022-11-10T15:21:57Z
       
       0 likes, 0 repeats
       
       @jann @ruud @jeroen @spaceriker https://discourse.joinmastodon.org/t/password-hashing-algorithm/2187/2https://github.com/heartcombo/devise
       
 (DIR) Post #APSsFhIzfRouWlmEQC by tobi@mastodon.byte23.net
       2022-11-09T23:38:27Z
       
       0 likes, 0 repeats
       
       @ruud @jeroen @spaceriker matrix would be a good choice. It’s also FOSS and federated. https://matrix.org
       
 (DIR) Post #APSsFi1J0hGWkCVcUS by SirPaulCouture@noagendasocial.com
       2022-11-10T15:25:05Z
       
       0 likes, 0 repeats
       
       @tobi @ruud @jeroen @spaceriker Element (formerly Riot) + Matrix is a nice combo.I use an instance of that + jitsi to stay in touch with close friends and family, scales well, doesn&#39;t use a ton of resources, particularly if you take the time to also set up the TURN server locallyI plan to be implementing that for collaboration on noagenda.dev
       
 (DIR) Post #AQIbs0ZopoujDw4goS by cherrysandwich@mastodon.world
       2022-12-05T14:26:29Z
       
       0 likes, 0 repeats
       
       @ruud I only trust @signalapp with my direct communication.