Clarify privacy warning for direct messages #934
Conversation
|
Ideally, this notice would be under the sections for the other toot privacy levels as well, since the same warning applies. |
|
@n0toose is attempting to deploy a commit to the Mastodon Team on Vercel. A member of the Team first needs to authorize it. |
Co-authored-by: Michael Stanclift <[email protected]>
| @@ -121,7 +121,7 @@ Send your post only to mentioned users. | |||
| * Your post cannot be boosted. | |||
|
|
|||
| {{< hint style="warning" >}} | |||
| **Do not share dangerous and sensitive information over direct messages**. Mastodon is not an encrypted messaging app like Signal or Wire, the database administrators of the sender’s and recipient’s servers have access to the text. Use them with the same caution as you would use forum PMs, Discord PMs and Twitter DMs. | |||
| **Do not share dangerous and sensitive information over private mentions**. Mastodon is not an encrypted messaging app like Signal, Matrix or Wire. By accessing the Mastodon database directly the administrators of your server, and any recipient’s servers, can read your messages. | |||
There was a problem hiding this comment.
By accessing the Mastodon database directly the administrators of your server, and any recipient’s servers, can read your messages. -> The administrators of your server and any receiving servers can theoretically read your posts by directly accessing their Mastodon server's database.
There was a problem hiding this comment.
agreed that this is a better phrasing (and avoids starting a sentence with a preposition "By", which is grammatically fine, but I personally would try to avoid in technical writing)
There was a problem hiding this comment.
I agree that this phrasing is more direct, honest and doesn't cause as much fear as the previous phrasing does.
| @@ -121,7 +121,7 @@ Send your post only to mentioned users. | |||
| * Your post cannot be boosted. | |||
|
|
|||
| {{< hint style="warning" >}} | |||
| **Do not share dangerous and sensitive information over direct messages**. Mastodon is not an encrypted messaging app like Signal or Wire, the database administrators of the sender’s and recipient’s servers have access to the text. Use them with the same caution as you would use forum PMs, Discord PMs and Twitter DMs. | |||
| **Do not share dangerous and sensitive information over private mentions**. Mastodon is not an encrypted messaging app like Signal, Matrix or Wire. By accessing the Mastodon database directly the administrators of your server, and any recipient’s servers, can read your messages. | |||
There was a problem hiding this comment.
agreed that this is a better phrasing (and avoids starting a sentence with a preposition "By", which is grammatically fine, but I personally would try to avoid in technical writing)
Relevant links: