-
-
Notifications
You must be signed in to change notification settings - Fork 966
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clarify privacy warning for direct messages #934
base: main
Are you sure you want to change the base?
Conversation
Ideally, this notice would be under the sections for the other toot privacy levels as well, since the same warning applies. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updating documentation with an updated warning about how Mastodon is not an encrypted service for messaging.
@n0toose is attempting to deploy a commit to the Mastodon Team on Vercel. A member of the Team first needs to authorize it. |
Co-authored-by: Michael Stanclift <[email protected]>
@@ -121,7 +121,7 @@ Send your post only to mentioned users. | |||
* Your post cannot be boosted. | |||
|
|||
{{< hint style="warning" >}} | |||
**Do not share dangerous and sensitive information over direct messages**. Mastodon is not an encrypted messaging app like Signal or Wire, the database administrators of the sender’s and recipient’s servers have access to the text. Use them with the same caution as you would use forum PMs, Discord PMs and Twitter DMs. | |||
**Do not share dangerous and sensitive information over private mentions**. Mastodon is not an encrypted messaging app like Signal, Matrix or Wire. By accessing the Mastodon database directly the administrators of your server, and any recipient’s servers, can read your messages. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
By accessing the Mastodon database directly the administrators of your server, and any recipient’s servers, can read your messages.
-> The administrators of your server and any receiving servers can theoretically read your posts by directly accessing their Mastodon server's database.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
agreed that this is a better phrasing (and avoids starting a sentence with a preposition "By", which is grammatically fine, but I personally would try to avoid in technical writing)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree that this phrasing is more direct, honest and doesn't cause as much fear as the previous phrasing does.
@@ -121,7 +121,7 @@ Send your post only to mentioned users. | |||
* Your post cannot be boosted. | |||
|
|||
{{< hint style="warning" >}} | |||
**Do not share dangerous and sensitive information over direct messages**. Mastodon is not an encrypted messaging app like Signal or Wire, the database administrators of the sender’s and recipient’s servers have access to the text. Use them with the same caution as you would use forum PMs, Discord PMs and Twitter DMs. | |||
**Do not share dangerous and sensitive information over private mentions**. Mastodon is not an encrypted messaging app like Signal, Matrix or Wire. By accessing the Mastodon database directly the administrators of your server, and any recipient’s servers, can read your messages. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
agreed that this is a better phrasing (and avoids starting a sentence with a preposition "By", which is grammatically fine, but I personally would try to avoid in technical writing)
Relevant links: