Mastodon cannot be securely used with Tor since it cannot run as a native hidden service. If you do not use mastodon with a hosted vpn (such as mullvad) then both the server and @nvk can log your IP address. The server is a honeypot of personal info on bitcoiners including DMs. Be aware!
@mattodell @nvk
it's definitely possible to allow users to connect to the mastodon site through an onion service, for example i have x0f.org available at https://bvrgrzu5awjacohape5s6s3j2locltcu5c7azzzuufqznknus5ll5fid.onion
@orionwl @mattodell @nvk also, that the server holds DMs is presumably orthogonal to this. E2E encryption would be nice, requiring key infrastructure though. I treat DMs here as quasi-public, but I also do that for other platforms.
@waxwing @mattodell @nvk
right i wouldn't hold my breath for mastodon supporting E2E encryption; i'm not sure it's even good if every software develops its own E2E encrypted private communication because spreads out cryptography review so much
it's a publication protocol mainly
FWIW x0f also runs a matrix server, a chat protocol that supports E2E (even for group chats), if you're on this server and interested in an account let me know
@orionwl @waxwing @mattodell @nvk I wouldn't be surprised if the Mastodon devs actually think E2E encryption on chats would be a negative. Mastodon is designed around a community model, with moderation, in a context of being worried about abuse and toxic behavior. If that's your design goal, is E2E encryption on DM's actually a feature you want? _I_ would say yes. But I can imagine those devs saying no.
