There’s a big difference between “theoretically this could become public” and “everything posted here should be considered public knowledge because the services don’t implement any boundaries”.
Theoretically, any message you send over SMS can become public, because it’s unencrypted and your carrier and the recipient’s carrier can read it and do whatever they want. That doesn’t mean SMS is as public as a Mastodon post where everyone can see and interact with it if they just know the URL.
With normal social media, like Facebook or Twitter or Tumblr, you can expect messages between people to only be readable by admins and the people interacting with conversations. The same is true for “follower only” content; centralised services can easily hide this stuff from random anonymous people.
Most of the Fediverse is incapable of applying these filters effectively because of design decisions on the server implementation. It could be done, but it isn’t, because implementing it is a pain and maintaining the guarantees requires effort from instance administrators.
Even encrypted messages can easily become public if the other end is malicious or gets hacked. There’s no true private messaging between different people.
The threat model relevant here is “I want a service that lets me do social media in my in-group where trolls and other dickheads can’t enter our safe space without repurcussions”, not “Twitter can read my DMs” or “the government will prosecute me for being gay”. In that category, current Fediverse implementations fail, but Facebook and Twitter perform perfectly fine.
If you’re afraid someone may read your messages, use Signal, or maybe Matrix/XMPP, but that’s not really the point here. The closest thing I can think of that implements social media in a federated yet encrypted fashion is Circles, but I don’t think that’s popular enough for daily use.
There’s a big difference between “theoretically this could become public” and “everything posted here should be considered public knowledge because the services don’t implement any boundaries”.
Theoretically, any message you send over SMS can become public, because it’s unencrypted and your carrier and the recipient’s carrier can read it and do whatever they want. That doesn’t mean SMS is as public as a Mastodon post where everyone can see and interact with it if they just know the URL.
With normal social media, like Facebook or Twitter or Tumblr, you can expect messages between people to only be readable by admins and the people interacting with conversations. The same is true for “follower only” content; centralised services can easily hide this stuff from random anonymous people.
Most of the Fediverse is incapable of applying these filters effectively because of design decisions on the server implementation. It could be done, but it isn’t, because implementing it is a pain and maintaining the guarantees requires effort from instance administrators.
Even encrypted messages can easily become public if the other end is malicious or gets hacked. There’s no true private messaging between different people.
The threat model relevant here is “I want a service that lets me do social media in my in-group where trolls and other dickheads can’t enter our safe space without repurcussions”, not “Twitter can read my DMs” or “the government will prosecute me for being gay”. In that category, current Fediverse implementations fail, but Facebook and Twitter perform perfectly fine.
If you’re afraid someone may read your messages, use Signal, or maybe Matrix/XMPP, but that’s not really the point here. The closest thing I can think of that implements social media in a federated yet encrypted fashion is Circles, but I don’t think that’s popular enough for daily use.