They are no more safe than sending a message like this :). Except you would be the only person it's targeted for. besides the admins of both instances can read them as well.
Which is why I'm the web interface it says it's not safe/e2e encrypted.
Worried about it? Add a matrix handle to your profile and then it enables a "send a secure message" button in the UI. And redirects people to use matrix to send messages to you
Oh shit that matrix feature is real cool. Thanks for sharing.
- It is not unsafe.
- It is not 100% private. Admins can read your messages if they choose to investigate your messages.
- It will not get blasted out to the whole fediverse; just to the recipient you indicated. (Unless an admin from the previous point reads your message and publishes it publicly on the fediverse)
- You do not get to do anything naughty with it; expect to be caught if you break the rules.
It is not unsafe.
It is not 100% private. Admins can read your messages if they choose to investigate your messages.These points contradict one another.
How so? The message is safely delivered solely to the intended recipient, albeit in plain text (not private).
If there's anywhere that the commonly used email analogy fits, I think it would be here
Unless I run a Lemmy instance myself (which is possible), I have zero reason to trust an instance's admins.
Even if my instance's admin happens to be the founder of privacyguides.org, that doesn't mean he will never read any "private" messages (or be forced by someone else to hand them over).
Even if I did fully trust my instance, I also would have to trust any instance I message with.
I personally just use Lemmy for public comments.
What definition of safe are you using which makes a private messaging system without privacy safe? What would have to occur for it to become unsafe, if not being private does not make it unsafe in your eyes?
They absolutely do. A private messaging system which is not private is the definition of unsafe. Especially in the context of a post on !privacy@lemmy.ml
It does what it claims to do, it's just that what it claims to do is clearly not complete privacy.
If something claims to be unsafe and delivers, that doesn't make it any more safe.
Anyone remember the days when they were called PMs? They are least used the word Private in the acronym.
Direct Message. As opposed to Private Message.
Services at least acknowledge that the messages aren't private, which is an improvement I guess.
I don't know any of the technical details, but my understanding is they're very unsafe. Our instance has a warning recommending that you take conversations involving sensitive information to Matrix
Not safe at all because it was not designed to be, it even tells you as much. Use them to exchange e2ee contacts and then use that.
I dont think they’re supposed to be any safe at all. As part of our board culture we’re to expect that DMs offer no security, and to use other platforms if it’s a concern.
