#mastondon Friends!
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
-
P Seth of the Fediverse shared this topic
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson I think just knowing that the DMs are not encrypted is enough IMHO. If you want something encrypted use Signal.
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson
As critical as encrypted email.
(I realize this doesn't answer your question, but it's a very similar situation) -
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson I was actually just thinking about why private mentions are even needed when there are other options like email for private and sensitive discussions between folks. I guess I never truly understand why they are needed in a public social network in the first place? Just leftover from Twitter precedent?
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson If messages were encrypted, I think it would be really important that there is a very clear distinction between encrypted and unencrypted posts. Using the same part of the UI for both encrypted and unencrypted messages with the only distinction being a hard to understand setting behind a button I think invites confusion as to what the precise security guarantees are.
-
@scottjenson I think just knowing that the DMs are not encrypted is enough IMHO. If you want something encrypted use Signal.
@phillycodehound @scottjenson I was going to say that I pretty much feel the same, but on the other hand, Bluesky *kind of* has this feature now already?
A startup called Germ becomes the first private messenger that launches directly from Bluesky's app | TechCrunch
Social network Bluesky now offers private messaging by integrating the startup Germ's E2E encrypted messenger natively in its app.
TechCrunch (techcrunch.com)
Maybe something like this would work here as well rather than built-in?
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
Deliver UX improvements first, technical improvements later. The law of low-hanging fruit.
Encrypted messaging would be nice to make this a place for social organising as the US and other countries become more authoritarian.
-
@scottjenson I was actually just thinking about why private mentions are even needed when there are other options like email for private and sensitive discussions between folks. I guess I never truly understand why they are needed in a public social network in the first place? Just leftover from Twitter precedent?
@blainsmith It's a catch-22. I know I use DMs to exchange email addresses (or other messaging options) to take it elsewhere. So you're not wrong that microblogging shouldn't be a private messaging service, but it's difficult to take it elsewhere without that small first step existing where you already are. -
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson I'm a fan of prioritizing the DM experience first.
wrt encryption, part of the challenge is how to interpret "private." Instead of the, "Who can see this?" default posture of Mastodon, this starts to ask something like, "Who cannot see this (beyond the addressed person/people)?"
-
@blainsmith It's a catch-22. I know I use DMs to exchange email addresses (or other messaging options) to take it elsewhere. So you're not wrong that microblogging shouldn't be a private messaging service, but it's difficult to take it elsewhere without that small first step existing where you already are.
@gabek Yeah I definitely understand that. I guess I'm not so private about my email address so I don't mind exchanging it publicly, but then I definitely don't need fully encrypted private messages. Way better options to use for that.
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson I think it would be fine, but I guess you'd still need to solve some design and architectural questions up front if you *know* you're going to do encryption in the end.
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson it probably should, lord knows what people would send; passwords, identity materials, tokens, etc.
im okay with it as a future thing if there is sufficient warning about what it means for it to not be encrypted. Maybe an option to.
-
@scottjenson I'm a fan of prioritizing the DM experience first.
wrt encryption, part of the challenge is how to interpret "private." Instead of the, "Who can see this?" default posture of Mastodon, this starts to ask something like, "Who cannot see this (beyond the addressed person/people)?"
@earth2marsh I'm not sure I follow, can you explain this default posture a bit more and what you'd like to see a bit more?
-
@scottjenson I was actually just thinking about why private mentions are even needed when there are other options like email for private and sensitive discussions between folks. I guess I never truly understand why they are needed in a public social network in the first place? Just leftover from Twitter precedent?
@blainsmith @scottjenson Most probably. Thereβs been an effort from sites (now apps) back from the portals days to integrate several services into one, and create a walled garden to retain users. First it was AOL, then Yahoo, then Facebook and Twitter. In modern days, they copy features to achieve the same thing, like short videos/stories (Vine, Snapchat, TikTok, but also YouTube and Instagram). Itβs not needed. Do one thing, do it well. Happy users.
-
#mastondon Friends!
There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)
If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.
@scottjenson it's great that you've shared this question. It's a good example of feature prioritization tradeoffs.
For me, encrypted DMs wouldn't matter in Mastodon. As a rule, I don't share things here privately that I wouldn't want to be made public.
... and that's mainly because (as you point out) DMs appear in the public timeline. It's such a confusing UI choice that I'm VERY careful about what I write in DMs here.

-
@scottjenson I think it would be fine, but I guess you'd still need to solve some design and architectural questions up front if you *know* you're going to do encryption in the end.
@neal yes! Good point. We already do PMs however so we'd start with fixing these
-
@blainsmith @scottjenson Most probably. Thereβs been an effort from sites (now apps) back from the portals days to integrate several services into one, and create a walled garden to retain users. First it was AOL, then Yahoo, then Facebook and Twitter. In modern days, they copy features to achieve the same thing, like short videos/stories (Vine, Snapchat, TikTok, but also YouTube and Instagram). Itβs not needed. Do one thing, do it well. Happy users.
@dmian @scottjenson Yes, and this is only top of mind because now Spotify just added DMs. It's just a path to exactly what you explained. AP and Mastodon should stick to just micro blogging and leave private conversations to other options.
Instead, I'd prefer Mastodon add more options to the "Links" section instead of just 4 so I can offer folks a few ways to get in touch with me privately.
-
@scottjenson it's great that you've shared this question. It's a good example of feature prioritization tradeoffs.
For me, encrypted DMs wouldn't matter in Mastodon. As a rule, I don't share things here privately that I wouldn't want to be made public.
... and that's mainly because (as you point out) DMs appear in the public timeline. It's such a confusing UI choice that I'm VERY careful about what I write in DMs here.

@jarango exactly! For me PMs are a convenience. I don't personally need it. But there are folks working on it in a FEP but my understanding is that it is fediverse wide not just Mastodon (as it should be!)
Given how hard it'll be to do this I'll like to clean things up and not wait for the more secure option (especially if most use cases don't require it)
-
@blainsmith @scottjenson Most probably. Thereβs been an effort from sites (now apps) back from the portals days to integrate several services into one, and create a walled garden to retain users. First it was AOL, then Yahoo, then Facebook and Twitter. In modern days, they copy features to achieve the same thing, like short videos/stories (Vine, Snapchat, TikTok, but also YouTube and Instagram). Itβs not needed. Do one thing, do it well. Happy users.
@blainsmith @scottjenson I feel similarly about comments. Not everything merits having comments. They were added to every service back in the day, but there should be a specific place for conversations, or it becomes degraded. Reactions (thumbs up/up vote, thumbs down/down vote, or more recently emojis) are ok, and sufficient in some cases. There are many patterns that were created solely to attract or retain users. We need to rethink many thingsβ¦
-
@jarango exactly! For me PMs are a convenience. I don't personally need it. But there are folks working on it in a FEP but my understanding is that it is fediverse wide not just Mastodon (as it should be!)
Given how hard it'll be to do this I'll like to clean things up and not wait for the more secure option (especially if most use cases don't require it)
@scottjenson here's another way to put it: for me, unless DMs are shown separately from the public timeline, the fact they're encrypted wouldn't make a difference. The dedicated DM space is the critical feature, encryption can follow.
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better π
Register LoginWelcome To Podcasting.Chat!
This forum is for podcasters, podcast guests, and podcast enthusiasts alike to share tips, tricks, and their love of the medium.
This forum is fully federated, so you are able to contribute to any discussion here through your own software of choice (e.g. Mastodon, Misskey, Lemmy, Piefed, etc.). So you can sign up for an account here and it federates around the Fediverse. You can also follow feeds and topics from your other Fedi-enabled accounts.
