@mray But now you know why I'm asking. There is lots of energy around encryption but it's a very tricky thing to be done right. My point was simply that we start with some simple UX improvements and not wait for the encryption (given we already have private messages)
Post
Replies:
0
@scottjenson I think all of these ideas are addressing the fundamental disconnect that DMs are a fundamentally different "thing" than posts. I worry that a dedicated interface, separate notifications, etc. strengthen that disconnect.
So then when those posts aren't encrypted, or you tag someone and they get a notification about it, you're even more surprised.
Encryption itself isn't a critical feature, but helping new users grasp that private mentions are not DMs is a very difficult Ux problem
@scottjenson Any UX improvement would be great.
Maybe it is possible to integrate something like XMPP or MLS later for encrypted DMs? They could both federate too.
@scottjenson@social.coop
There’s a deadly footgun embedded in Mastodon’s “private mentions”—any account that is @ mentioned receives the message, even when they are not the intended recipient. For an example of how this plays out, check out the “Direct messaging does not work” section in this April 2025 blog post.
Referring to someone using @ mentions is part of the muscle memory of Mastodon users. (Convenience plays a major part, @ mentions provide autocomplete options once you type in a few characters.)
In the past, Eugen Rochko had defended this as behaviour that a user should expect. In other words, he considers this behaviour a sane default. Maybe. (A completely different UI paradigm only for “private mentions” will be tricky, it will go against user expectations—I understand that.)
But in that case, I think enabling end-to-end encryption for “private mentions” is kinda pointless.
@dialecticalmusings Thank you. This has been mentioned by others as well. I can see how this behavior could be problematic.
@scottjenson
I'm not here for encrypted messaging.
@scottjenson I think encryptef messages are important, but I also think that lower-hanging fruit (e.g. improved UX) should be done first
@scottjenson encryption is not trivial. Focus on the basics and get them nice and convenient. Then try to solve the encryption puzzle :)
@scottjenson Please make UX improvements first. Adding complex encryption won't make a difference when people accidentally send a public toot thinking it's private.
@scottjenson
Seems like another way to ask what you're getting at is "would you consider improvements to private mentions useless without encryption?"
My answer to that would be no. There are plenty of other options for encrypted messaging.
@scottjenson without encryption, what is the point of calling it a "private mention" ?
@scottjenson I would love to see UX improvements. Make it clear the limitations of "Private" Mentions. Make it hard to send a PM publicly. Users are misusing PMs now. The UX doesn't help the user. It would be nice to help them as soon as possible.
E2E would be fantastic, but encryption is going to take a while. And like another reply wrote: I'm not convinced it is possible on a federated system given email and xmpp still have only bad solutions to encrypted messaging.
I think some people were using PMs for potentially sensitive info (addresses, Venmo, etc.), and having them slightly more secure puts people at ease.
What about standard public-key stuff, dropping a short public key in a metadata field, keeping the private key on the endpoint or in the client?
@knapjack
How can the sender validate the public key hasn't been tampered with by the instance or server admin?
It is a hard problem. There are solutions but it will be complicated.
#TedUnangst seems to be off the Fediverse (and maybe the web) but linking this here for posterity: https://github.com/timkuijsten/honk/blob/fork/encrypt.go
For sure. Mainly I'm thinking about "Pretty Good Obfuscation" than a good solution. Something better than in the clear.
Really, delivery isn't guaranteed, so there are already potential issues about tampering that encryption won't necessarily fix, just maybe make abusing it harder.
@scottjenson not at all critical.
Hint: you could re-run this as a poll, for the question.
@grahamperrin Oh I plan to! But it helps to have a conversation first so I know WHAT to put into the poll...
@scottjenson I rarely use them due to the UX fears, encryption would be a cherry on top
@scottjenson And on encryption, I think you could probably launch with UX improvements only, and leave encryption as a "fast follow". E2EE might not be *critical* but it's a *super-nice-to-have* ~ especially on today's internet.
The fact that we call them "direct messages" isn't enough; people have a natural expectation of privacy when they send DMs, and the Fediverse doesn't really honor that right now.
The more systems we can make "secure by default" the better.
And.. you probably know, but just in case:
We have a solid spec for E2EE on the Fediverse now (https://swicg.github.io/activitypub-e2ee/mls) with #Emissary and #Bonfire launching later this year.
As you'd expect with end-to-end-encryption, *most* of the work is on the browser/client. The AP server changes are minimal: a new KeyPackage object to store, a new collection, & other small stuff.
When we have working JS code, it'll be AGPL, and you could use it as a baseline for Mastodon 😎
@scottjenson And on encryption, I think you could probably launch with UX improvements only, and leave encryption as a "fast follow". E2EE might not be *critical* but it's a *super-nice-to-have* ~ especially on today's internet.
The fact that we call them "direct messages" isn't enough; people have a natural expectation of privacy when they send DMs, and the Fediverse doesn't really honor that right now.
The more systems we can make "secure by default" the better.
@scottjenson Hey Scott! I'm so glad you're tackling this issue. I have lots of trouble with DMs on Mastodon. I think you're addressing, these, but here goes:
The biggest one is how easily they're confused with regular messages. I routinely mess this up, and make private messages public, or vice versa.
The next is how hard it is to visualize threads - especially in the existing notification section. I often lose my place in complex discussions
@benpate Could not agree with you more! Do you have any ideas on how to improve threads? Any products that do it well for example? Branching threads are a bit like merging PRs, the dependency tree can get crazy complex!
@scottjenson I think making UX improvements to DMs is a great idea.
One of the biggest privacy problems with Mastodon DMs now is that people accidentally make them public.
Separating the private mention UI from the public posting UI will probably avoid a huge percentage of those user errors.
It'd be a big win for privacy.
@evan @scottjenson
phanpy does a great job
@virtuous_sloth @scottjenson actually, it doesn't separate the composition of private mentions from other types of posts. It's an option on the drop down. If you forget to change the option, your PM goes out with the default visibility -- often public!
@evan @scottjenson
But if you forget to set it to PM, there are no stripes, which should be a jarring visual clue.
I suppose adding a second compose button would make you choose sooner, but ultimately you have to always click on the right buttons in the right order.
They could change the default when you are viewing your PM list. That would make sense.
This is what I meant that there are lots of things to look at here. As Evan points out, let's make PMs actually something distinct and clearly not a message. Too many people either think something is a PM and it isn't or it is, and it shows up in your feed which makes people panic!
So many simple things to clean up here.
@evan the already improved UX looks good, to me.
When drafting a reply to a public toot, the word 'Public' is prominent (first screenshot).
When drafting a mention, the separation is clear (second shot).
Without being blasé about privacy: if a person accidentally publishes in either of those contexts, it's human error.
2 media
@scottjenson encryption that still works if one of the parties changes fediverse servers seems like it maybe technically challenging
I also would note that a lot of my interactions on the Fediverse are not very “microblogging” focused. Ie this response isn’t a blog post.
I largely use DMs here for private but non sensitive content (like “hey your url is broken” or “you have a typo on that post”
@Rycaut Exactly. My hypothese is that most PMs are scoping outisde of the public discourse and are not in need to encryption. This doesn't mean it's not a good long term goal! Just saying lots of usage does not require it
@scottjenson Thanks for asking! I'm a big fan of Encrypting All The Things, but my impression here is that the dangers of PMs on Mastodon have more to do with the potentially confusing UX, so I think addressing the UX issues would help the most in the short term.
Ultimately, I want users to be able to assume "private" means encrypted, so I'm very glad that's part of the plan. Yes, people can use Signal, but there's still a need to privately transmit one's Signal username at a minimum. Also, private threads can stem from public threads, so it's natural to have some facility for privacy here. Finally, I'm a huge Signal fan, but its centralization means a single point of failure, and makes it a huge target for authoritarian state actors, and I worry about it going down or being compromised.
I would like to see more visual distinction between public and private posts, like different coloring, so fewer people confuse them.
@scottjenson I must request encryption, because even though I don't need it right now. ...
A - you never know when you might need it
B- if I did, I might feel really uncomfortable telling you the reason, so I'm gonna assume that I'm piping up for some of those folks.
@morst No one is saying encryption is off the table. Just that I wanted to start with low hanging fruit (bucause the improvements are so much easier. Others are working on the encryption (it's a VERY hard problem)
@scottjenson My take is encryption is important, but not important enough that you shouldn't make UX improvements before having it
I particularly would like to see the list of mentions decoupled from the list of recipients, though I wonder if that might cause problems with replies from some software... but still
@jfred You're not the only person asking for this. It's a resonable suggestion (but I can't comment on the implementation complexity)
@scottjenson I know @soatok is working on E2E DMs for the fediverse.
But I already kinda use the existing DM feature but it is very clunky depending on the client you use. Having some sort of prominent tab that has it's own set of notification so I don't miss it in the flood of "normal" notifications would already go a long way.
@scottjenson I think any service with an implication of privacy should be encrypted, but that encryption needs to be done right. And the UI needs to convey the level of encryption clearly so people don't make incorrect assumptions about the security of their communications.
So I'm okay with the UX coming first, if it's designed with future encrypted messaging in mind.
I get DMs are not the focus of the app, so probably not a big priority, but they are still useful and important to many users.
@aaron Completely agree and why I'm asking. We can do both: improve the backend (adding encrypting) AND improve the UX. This is especially true as the frontend improvements are far easier to implement so people can benefit from this WHILE working on the backend.
Signal makes it easy to create a revocable "message me" link. I have one in my profile. If anyone wants to send me an encrypted message they can click on it and send one pretty easily.
I think reply controls and UX improvements should come first, maybe with, as others suggested, a note that the message is not encrypted (yet)
@gbargoud makes sense, thank you
As an aside, I'm surprised there isn't an instance at a link like staff.joinmastodon.org with an official account for each member of the core mastodon team.
I had to check your profile to see that you were someone asking for feedback who could do something about it rather than someone who was asking out of curiosity
@scottjenson imo that’s totally fine. Just need to make it known straight up that the messages are not encrypted, which is more or less just an alert that hard blocks interaction until acknowledgement…
@scottjenson I am kind of surprised that no one has mentioned that "oh the admins of the servers shouldnt see my DMs!" Creates a moderation nightmare and a harassment loophole that really shouldnt be considered worth the hassle. I am on team "just use signal" because if you need to have a really private conversation with someone who didnt give you their private contact information, no you dont.
@Montaagge There is a lot of traffic on this thread and that point has been made by the way. It's a reasonable request. I just appreciate that it's not a simple ask and I'm hoping we can tackle some UX improvements WHILE the background work is going on.
@scottjenson one huge problem with private mentions is that they actually aren't equivalent to DMs... because if you try to talk about another person and link to their profile, you effectively "mention" them and they can see the message. I don't know of any other DM that works this way and the UX is extremely confusing to users and just wrong IMO.
I think private mentions should be scrapped entirely and reworked as a different AP object type than Note so that they are treated differently.
