I doubt this is news to most folks on the Fediverse, but don’t trust Twitter, Facebook, or any company whose business model is advertising to secure your private conversations.
Even if they aren’t up to no good today, it is only a matter of time until they come for your messages.
As it happens, you shouldn’t trust Lemmy DMs either, as they’re not encrypted and can be read by instance administrators. So don’t use them to say anything that you wouldn’t be okay making public.
There was an exploit in version 0.17.0 through 0.19.0 (fixed in 0.19.1) that, from what I understand, allowed people to view DMs of anyone by reporting them, but as you can’t know the ID of a given DM you’re not part of, they couldn’t really target a specific user, but rather would just send reports to a range of potential IDs and see what comes back.
I doubt this is news to most folks on the Fediverse, but don’t trust Twitter, Facebook, or any company whose business model is advertising to secure your private conversations.
Even if they aren’t up to no good today, it is only a matter of time until they come for your messages.
As it happens, you shouldn’t trust Lemmy DMs either, as they’re not encrypted and can be read by instance administrators. So don’t use them to say anything that you wouldn’t be okay making public.
this should be the default stance when using any built in encryption. always separate the mode of encryption from the mode of transmission.
Someone told me they are public some months ago? Like if someone wanted to look up your lemmy DMs they could.
There was an exploit in version 0.17.0 through 0.19.0 (fixed in 0.19.1) that, from what I understand, allowed people to view DMs of anyone by reporting them, but as you can’t know the ID of a given DM you’re not part of, they couldn’t really target a specific user, but rather would just send reports to a range of potential IDs and see what comes back.
I’ve been hearing a lot of straight up adverts about WhatsApp recently, which I found interesting.
I saw a WhatsApp ad on Prime. And it was focused on the encryption aspect. “WhatsApp can’t even read your messages” or whatever. Was weird.
I’m hearing a lot of that on the radio.