𝖆𝖉𝖗𝖎𝖊𝖓𝖓𝖊

...possibly INCLUDING private/friends-only posts. And ANYONE CAN SET UP AN INSTANCE.

There is no TECHNICAL barrier to ANY instance maintainer modifying the code so it doesn't respect blocks or privacy on federated posts.

That instance will probably get blacklisted, but that'll be AFTER they do damage to someone?

Which leads us to: anyone on any GNUsocial/Mastodon instance can reserve your username if you haven't already registered it ON THAT INSTANCE

It's like email; i'm adrienne@ a bunch of email domains, but anyone in the world could be adrienne@ ALL the domains i'm NOT on?

NOTHING TECHNICAL prevents a hostile user on a malicious instance from impersonating you to become friends with someone on another instance.

So, take me, for instance. I don't have an account on any GNUSocial instance (that includes Mastodon instances). I did, but i deleted it. ->

Someone, ANYONE, could set up adrienne@mastodon.cloud, adrienne@mastodon.xyz, whatever, & impersonate me. Different people, even!

But WORSE, someone could set up a new instance, call it mastodon.lolz, and set up adrienne@ that instance. Then they could find YOU, on YOUR

...instance, and convince you that they're me. (Remember, the username seems legit, there's no Twitter tricks like special chars or 0 for O)

If you friend that person, thinking they're me, then THEIR INSTANCE now has access to ALL the posts in their access level. It can store them

...indefinitely, even if you delete them ("deleting" just sends a signal to other instances to remove local copies, which they MIGHT NOT DO)

Look, federation is neat as hell. It's what email uses. But email has had nearly FIFTY YEARS to work out bugs, & it's still kinda fucked up.

People make VERY DIFFERENT ASSUMPTIONS about "Twitter-type" things than about "email-type" things, and that's REALLY DANGEROUS HERE.

Early adopoters for this sort of tech have typically been white techbros. They're in A LOT LESS DANGER than the rest of us from this shit.

I see really vulnerable people flocking to Mastodon right now and i don't think some of this stuff is well-understood AT ALL.

If you want to join, do. But be extremely careful about federated instances, and about allowing reposting (a repost can share your post to

...other instances). And there's basically nothing you can do about the possibility of impersonation, because ANYONE CAN CREATE AN INSTANCE.

So even if you combed through and got your username on ALL the current instances, there could be 100 new ones tomorrow.

Now. Mastodon is FOSS, and the devs ARE listening and actively taking code contributions. SOME of this shit can be improved. Some, though,

...is implicit in the nature of federation, and you are ALWAYS going to have to be aware of it if you're using the platform.

People, i KNOOOOWW that official Mastodon instances warn you about mentioning someone on a new instance. a) Alert fatigue is a thing! And b)

...i think that shit lulls people into a false sense of security.

Like, none of this shit has to be a dealbreaker FOR YOU. But i think there are serious issues that folks are kinda glossing over, and A LOT

...of nontechnical folks are talking about switching and i do not think everyone understands what they're getting into!

Also, i want to make clear that i am NOT an Infosec Expert. I work in tech but not infosec, and i don't want anyone to misrepresent me.

ALSO also, to folks helpfully poolinting out that Twitter has copies of all your Twitter PMs, etc - yes, users understand that, i promise.

Here's the thing: Twitter is untrustworthy but THERE'S ONLY ONE OF IT. And if it changes management, WE'LL KNOW. GNUsocial instances are

...myriad, ANYONE can run them, & they can be handed off silently to new admins. Instead of trusting ONE shady entity you are trusting MANY.