End-to-end encrypted messages

[shleeable]

Would be lovely to have the DM crypto in use in the primary client, then the third party clients can follow suit?

As an administrator, I don't want to be able to read the DMs!

[Gargron]

This is planned!

[ShadowJonathan]

Just for the record, where is some more information for encrypted DMs? How do they work?

[ClearlyClaire]

@ShadowJonathan encrypted messages haven't been fully implemented in any client yet, and we're still missing some specifications on the format of the messages themselves, but the encryption protocol is mostly Matrix's one-on-one protocol, with Facebook's message franking (which allow the recipient of a message to report it to their instance without disclosing other parts of the conversation or compromising the key material). The server-side groundwork and discussion about the feature is available here: https://github.com/mastodon/mastodon/pull/13820

[schober]

Some motivation to prioritize this work: the kolektiva.social raid, during which the FBI took and imaged their servers as part of an unrelated investigation. If you think about that, that means the US intelligence community has a copy of every DM sent to Kolektiva users up until March of this year.

This is something beyond the old "subpoenaing Meta for your Messenger messages" concern; they have the historical DMs of every Kolektiva user, presumably for all time, without ever having to get a warrant for those DMs. The FBI essentially cannot collect all of Meta's servers in one raid; but they can easily do that for a Masto instance of up to 1M users. That means that you enjoy considerably more privacy in DMs on Meta Messenger than you do on Mastodon.

DMing is probably not the killer feature of Mastodon, but knowing all this, would you still send DMs on this platform, knowing they have possibly the lowest degree of privacy of any social network?