1036
FBI Seizure of Mastodon Server is a Wakeup Call to Fediverse Users and Hosts to Protect their Users
(www.eff.org)
Synopsis: The article discusses the FBI's seizure of the Mastodon server and emphasizes the need for privacy protection in decentralized platforms like the Fediverse. It calls for hosts to implement basic security measures, adopt policies to protect users, and notify them of law enforcement actions. Users are encouraged to evaluate server precautions and voice concerns. Developers should prioritize end-to-end encryption for direct messages. Overall, the Fediverse community must prioritize user privacy and security to create a safer environment for all.
Summary:
Introduction
- We are in an exciting time for users wanting to regain control from major platforms like Twitter and Facebook.
- However, decentralized platforms like the Fediverse and Bluesky must be mindful of user privacy challenges and risks.
- Last May, the Mastodon server Kolektiva.social was compromised when the FBI seized all electronics, including a backup of the instance database, during an unrelated raid on one of the server's admins.
- This incident serves as a reminder to protect user privacy on decentralized platforms.
A Fediverse Wake-up Call
- The story of equipment seizure echoes past digital rights cases like Steve Jackson Games v. Secret Service, emphasizing the need for more focused seizures.
- Law enforcement must improve its approach to seizing equipment and should only do so when relevant to an investigation.
- Decentralized web hosts need to have their users' backs and protect their privacy.
Why Protecting the Fediverse Matters
- The Fediverse serves marginalized communities targeted by law enforcement, making user privacy protection crucial.
- The FBI's seizure of Kolektiva's database compromised personal information, posts, and interactions from thousands of users, affecting other instances as well.
- Users' data collected by the government can be used for unrelated investigations, highlighting the importance of strong privacy measures.
What is a decentralized server host to do?
- Basic security practices, such as firewalls and limited user access, should be implemented for servers exposed to the internet.
- Limit data collection and storage to what is necessary and stay informed about security threats in the platform's code.
- Adopt policies and practices to protect users, including transparency reports about law enforcement attempts and notification to users about any access to their information.
What can users do?
- Evaluate a server's precautions before joining the Fediverse and raise privacy concerns with admins and users on the instance.
- Encourage servers to include privacy commitments in their terms of service to resist law enforcement demands.
- Users have the freedom to move to another instance if they are dissatisfied with the privacy measures.
What can developers do?
- Implement end-to-end encryption of direct messages to protect sensitive content.
- The Kolektiva raid highlights the need for all decentralized content hosts to prioritize privacy and follow EFF's recommendations.
Conclusion
- Decentralized platforms offer opportunities for user control, but user privacy protection is vital.
- Hosts, users, and developers must work together to build a more secure and privacy-focused Fediverse.
I actually have a question about this - can’t anyone already see the posts and users’ data? Even a simple user account/script can query most stuff, like posts and comments, and you can indirectly query less easily available things like upvotes by compromising any connected server
Disclaimer: I've never run a Mastodon or similar server, so the software may have more privacy built in, but potentially the issue would be account setup information that could be associated with public posts. Email addresses, IP address logs, etc. Those would be critical in matching public "anonymous" speech with real-world identifiable information.
The article also mentions that DM's were available to the admin.
However it should be assumed that DM's on lemmy or others are not secure in the first place. If you want secure chat, move to Matrix.
Why should such a thing be assumed????
The site tells you that its not secure when you go to send a message.
If there's no way to verify that they aren't. You should assume that they are. Basic security 101.
Click a persons account name... then click "send message"
Read the bright yellow notice at the top of the screen.
Because admin can inherently see it and, as this post proves, sometimes law enforcement can gain access as well.
Or simply running their own server.
Yes
One way to look at this is to separate the information available into what's available locally and what's available across the Lemmyverse (I am not familiar with others). The information that you mentioned probably are available on all the servers that pull the posts/comments from the community in question.
Info that is local only: IP address, email, password, usage information. Info available to the two participants' servers: DM
I think the mitigations that the EFF article mention mostly protect the locally available information.
BTW passwords shouldn't be stored anywhere. Best practice since forever is to only store a cryptographic hash of a user's password.
Passwords also shouldn't be re-used, in which case if they are stolen it doesn't matter as much - since whoever stole your password likely doesn't need it to access your stuff.