Email or username:

Password:

Forgot your password?
All posts Johannes's posts Post Back to profile
Top-level
xyhhx :PunkFelix:

@J12t mastodon is terrible for activism. it's public, or not encrypted, and not heavily scrutinized for security requirements.

use something encrypted, not federated (or restrict federation to trusted servers/instances), or peer to perr

briar, cwtch, matrix, xmpp, or signal are all better options.

bear in mind that activism is risky, and can be dangerous. your server admin is actually not likely to be competent to harden a server adequately to defend against a prepared adversary, and even if they were they might just cooperate with law enforcement anyway. they should be tantamount to an adversary themselves if they aren't a collaborator

27 May at 2:19 | Wall-to-wall | Open on 438punk.house
2 comments
Johannes Ernst

@xyhhx the context of this post was that Threads is apparently used quite a bit for organizing in Taiwan. It’s not obvious to me that mastodon or other fediverse apps are any worse than Threads for that purpose, and may even be better?

27 May at 2:45 | Open on social.coop
xyhhx :PunkFelix:

@J12t i wasn't suggesting that fedi is worse than threads. i'm saying they're both terrible for this

there are two main ways protesters can be compromised like this:
- server admins (including threads) cooperating with authorities, possibly by supplying personal messages or other activity
- servers themselves being compromised and information exfiltrated which can lead to arrests
- user accounts being compromised, leading to similar consequences

with threads, they're likely to cooperate with authorities, but unlikely to be compromised (hacked)

with fedi, they may or may not cooperate with authorities, but are much more likely to get hacked (fedi sys admins are probably woefully less competent than meta's)

as for users' security, meta/threads probably has stronger protections against suspicious activity

now, if we consider e2ee comms, then server admins cooperating or getting compromised is no big deal, since the comms are encrypted. if we consider p2p, there's no server/admin whatsoever

@J12t i wasn't suggesting that fedi is worse than threads. i'm saying they're both terrible for this

there are two main ways protesters can be compromised like this:
- server admins (including threads) cooperating with authorities, possibly by supplying personal messages or other activity
- servers themselves being compromised and information exfiltrated which can lead to arrests
- user accounts being compromised, leading to similar consequences

27 May at 4:18 | Open on 438punk.house
Go Up