Masto meta; urgent 

The Direct Messages on Masto are broken in a way that is potentially dangerous

It has happened more than once that someone has tried to contact me in my admin persona about another user using a "Direct" privacy toot

And they try to talk *about* the other person

But Masto helpfully auto-fills their name, so now they're *in* the conversation

And suddenly someone who absolutely should NOT be in a private conversation is added by accident

Masto meta; urgent 

@bgcarlisle Well, to be fair, since this was repeated over and over: Mastodon is not and will never be a communication tool. It is a publication platform, where content is mostly meant to be public.

For secure and private communication, proper tools exist that offer fine grain recipient filtering, e2ee, etc. for instance: email, Matrix, XMPP.


Masto meta; urgent 

@kaiyou @bgcarlisle Security and transparency should be part and parcel of EVERY platform. Behavior like this which is unintended and unexpected is hostile to the people most vulnerable to damage by the platform via cyberbullying, abuse, and doxxing.

Masto meta; urgent 

@sandrockcstm @bgcarlisle Indeed. I would advocate for more transparency about the actual feature, like clearly branding it "mentioned users" instead of private or direct message, then stop using icons that suggest security or privacy like closed envelopes or locks. Haven't got much traction so far though.

Sign in to participate in the conversation
Elekk: Gameing and Other Delightful Pursuits

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!