Have you seen this news?
-
To introduce E2EE into public‑facing SNS & simultaneously try to “solve” abuse, moderation, & legal exposure, the path of least resistance is likely to be “just verify everyone”, pushing identity‑linked, KYC‑style identity checks as a way to “anchor” trust & accountability.
The loudest voices may start demanding identity verification.
Awful for privacy, & it’s exactly why I strongly believe E2EE should be kept out of the core social layer & kept within dedicated tools instead.
-
@benpate did you hear that Mastodon’s next version implemented Activity Intents, as well? Things keep getting better!
@andypiper Activity Intents, abbreviated as AI?
-
-
@rusty__shackleford @dusk @benpate dealing with spam (and other forms of abuse) when e2ee is mixed with federated SNS seems really hard. agree 100% with your assessment
-
Have you seen this news?
#Mastodon just got funding to add end to end encryption into their software.
So, some time next year, you’ll be able to send truly private messages to the vast majority of the #Fediverse
Im so excited about this.
Because it’s an open spec, this opens the doors for every Fediverse app to join the party.
Yesterday, this project was a proof of concept. Today, Mastodon has turned it into a stampede.
https://blog.joinmastodon.org/2026/04/sovereign-tech-agency-funding/
-
@rusty__shackleford @benpate @dusk i think a good middle ground for letting people to have private discussions on fediverse is just allowing people to do PGP themselves or in 3rd party clients, with a "buyer beware" kind of scenario
building it into servers puts a lot more responsibility in the hands of server admins. and risk for abuse. i don't want my admin holding onto my private keys and i don't necessarily trust my server to generate keys for me either ...
people with the know-how to generate and manage their own keys can deal with the potential negatives and headaches associated with it. just running servers as they already exist is plenty of work for mastodon admins i would imagine -
Interesting times ahead. I wonder if they will go for the Signal Protocol Post-Quantum Ratchets or similar?
Not Signal, MLS, which is similar but run by a group of industry organizations.
Post-quantum is possible in MlS, depending on the crypto algorithms you choose.
There’s more info about the project in general on https://emissary.dev/e2ee — though Mastodons announcement is a big new development I haven’t covered yet.
-
@rusty__shackleford @benpate @dusk i think a good middle ground for letting people to have private discussions on fediverse is just allowing people to do PGP themselves or in 3rd party clients, with a "buyer beware" kind of scenario
building it into servers puts a lot more responsibility in the hands of server admins. and risk for abuse. i don't want my admin holding onto my private keys and i don't necessarily trust my server to generate keys for me either ...
people with the know-how to generate and manage their own keys can deal with the potential negatives and headaches associated with it. just running servers as they already exist is plenty of work for mastodon admins i would imagine@sampler @rusty__shackleford @dusk
A) that excludes 99% of the population, who deserve the same level of privacy as you do.
B) since it’s E2EE, most of the work is on your client. The updates to the server are minimal (C2S API + publish public key packages). So EVERY Fediverse server could support this. You’d just need a client that can send/receive encrypted messages.
C) Don’t let “perfect” be the enemy of “good” - giving people easy, modern tools is a win, even if the NSA can hack it.
-
@rusty__shackleford @dusk @benpate dealing with spam (and other forms of abuse) when e2ee is mixed with federated SNS seems really hard. agree 100% with your assessment
-
@benpate I'm wondering what the advantage of e2ee private messages on Mastodon is when we have Signal, Matrix and other robust encrypted messaging tools that you could invite a friend to if you want to have a private conversation.
Is anyone worried about this creating moderation issues?
Generally I'm in favor of privacy and security, but I'm just not sure what the value of this feature is on Mastodon. Maybe you or others can provide your perspective on this.
-
M monkee@chaos.social shared this topic
