Evidently, there is a security flaw in Mastodon (see screenshot). It's not prudent to trust unknown admins with our .

Therefore, how do we make the admins more accountable? Or, should the fediverse be developed to be more user-friendly - so that we can connect directly to the network without having to depend on servers? (that is do-able. e.g., p2p networks)

Say no to or unjust

@Empiricism_Reloaded How is this a vulnerability? It seems more like an implicit fact that admins for any system that does not use legit end to end encryption can access your data. It's why there is a narrative on not trusting mastodon based "direct messages" for any data you actually care about.


I'm referring to the security flaw of trusting unknown parties with your data. For example, the "followers" list (that's currently baked into the system).

Unless you have your own Mastodon instance on your own local server.

I'm not saying everyone can or will want to manage their own Mastodon instance (with locally stored personal data). I'm saying that option can be coded so it's more accessible for the people that want to.

For example, a Mastodon light instance (for one owner \ user). The user-friendly way to configure a laptop to be a server (a server is a computer) running the Mastodon software (instance).

Just as not everyone wants, or has the time (due to other commitments), to learn computer coding. So, windows or Linux distributions have desktops that have been designed to be very user-friendly.

Some people will want that. Diversity is more sustainable.

@Empiricism_Reloaded What you are writing about is not really a vulnerability, a decent chunk of the barrier to entry for common folk into mastodon, and a potential privacy issue depending on an individuals threat profile and level of technical savvy.


What do you think I'm writing about?

It's a problem when instances can go offline without warning or admins can suspend accounts without warning.

At the moment - I advise people to make copies of their "followers" list (e.g., copy-paste the address into a database) and regularly download the follows data.

@Empiricism_Reloaded Ah I didn't realize you were coming at this from an availability perspective. Definitely a challenge with smaller instances, and definitely still a barrier to get folk onto the fediverse. Backing up your data is just good practice, no matter what the platform.

Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.