As people have started experimenting with Mastodon in the wake of the news that Elon Musk would be buying Twitter, some on the Fediverse have begun discussing how and whether Mastodon instance admins can “read your DMs.”
Without getting into all the reasons that “direct messages” on Mastodon differ from direct messages on Twitter (or indeed most other social platforms), suffice it to say that the content of any one-to-one messages you send on either Twitter or Mastodon is not end-to-end encrypted. This means that at any point during their storage and transmission, they could theoretically be read by anybody with access to the database on which they’re stored.
(I’m no security/cryptography expert, so forgive me if these details are broad and perhaps not entirely accurate; I think the point I’m about to make is not dependent on all the nuances here.)
Setting aside for a moment why one might think a Mastodon admin would be interested in one’s personal messages, given that it is technically possible, is this something one should worry or care about?
Continue reading