Ruud

Reminder (or maybe eye-opener) to Mastodon users:

Direct Messages on Mastodon are NOT encrypted.

What does this mean: The message is in the database un-encrypted. Anyone with access to the database could potentially read the messages.

For mastodon.world, only the admins have database access (@jeroen, @spaceriker and myself).

If you have really sensitive info, don't share it on Mastodon. There are secure messaging apps for that.

1+
apinae
Follow

@ruud Who has access on our server @freemo ?

· · 1 · 0 · 1
🎓 Doc Freemo :jpf: 🇳🇱

@apinae

Yes I am the only one who has access to the database. It is true the DM is unencrypted (though your password is hashed and cant be stolen).

There is no way that anyone has figured out to encrypt it without the admin having the decryption key, and thus defeating the purpose.

We do encrypt our data at rest though so if anyone got into the sserver and had access to the raw hard drive they wouldnt be able to access it.

@ruud

0
Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.

Trending now

Resources

Developers

What is Mastodon?

qoto.org

More…