@denschub @vkc Yep, DMs or "Private mentions" on Mastodon can be exploited using a similar vector. The client can say this message should be readable only to this/these users, but you can write a client which doesn't respect the protocol and view them anyway. It's a strong argument for why DMs should probably not exist on decentralized platforms that do not or cannot use E2EE.

@_elena Not that I approve of bsky's design choices, their decision to make blocks public is very crypto-coded. Unsurprising since the designers are basically a bunch of coiners.

But also I'd like to remind everyone that all of your posts, reposts, and likes on social media that are anti-ICE or anti-Trump are also very public. So like, be aware of your threat models, certainly. But let's also be realistic and not worry about the pennies when many of us are visibly carrying many pounds.