Mastodon is fundamentally broken

Recently, most of internet is celebrating mastodon as an alternative to facebook/twitter. It suffers from two fundamental problems and they are very serious.

1. Admin knows your ip address.
2. You cannot move your account across instances.

Admin knows your ip address

So does facebook/twitter, so it is not any worse right?

Consider you have an argument with an asshole stranger and things go out of hand. The asshole can bribe the admin (if that asshole is not an admin himself) and get your ip address. Ip address translates to approximate physical location. He can find your apartment building come knock your front door with a huge hammer or a knife.

Is the same scenario possible with facebook? May be. If that asshole is the govt. For most people, it is easy to annoy a random stranger than a govt.

Solution: Always use a vpn or tor when accessing mastodon.

You cannot move your account across instances

Why do people still use facebook when it has a lot of privacy issues? Because that is where their friends are. Mastodon has the same problem. Once you create an account, you get an username like @john@niceguy.com. You get a lot of followers and you follow a lot of other users. What happens if niceguy.com is no longer nice or just runs out of cash to run the servers? What happens to your followers? You can create another account but so can anybody with similar name. How does your followers know which account is you? You are effectively locked in to your account and the admin can frame whatever rules he wants, see all your private messages and even create messages faking if it is you. The same applies for facebook/twitter as well. But fundamentally there is a conflict of interest. facebook and twitter are there to make money using ads. But a mastodon admin is part of the community and will have biased opinions. You are effectively at the mercy of the admin.

Solution: mastadon has the option to move account across instances in a secure way. i.e Each user needs a public private key pair and public key has to serve as identity along with the username. So if you move your account, you can prove it is you by signing a statement. Followers should pin to public key instead of username. The same key may be used for private messages and posts. But that can be implemented later. Without a user only known secret, the admin has complete control of your account.

Conclusion

Unless the above two issue are fixed, it is good to stay away from mastodon or host your own instance with your own domain name.

Comments: https://www.reddit.com/r/privacy/comments/aici4e/mastodon_is_fundamentally_broken/

Hash signature:

b2sum: 35a75ad9ce26a37c1a84556bbff7c28436680b06b6c8ca41e2621fe1646ab0ee177bb9bf40e53d5fbd7476fd81fb4edb392f2d929dbc0e726ca7a6a8f1bab21e

sha256sum:

adb35ce43bf540b552b52fb083b57df7cd33d5537366cc53068e16482723d832

shasum:

e6f04b193207e835ee70f3265a77d1ba3c7cd25a

Timestamp certificate

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

============================================================================

  Certificate

============================================================================

In conjunction with the file(s) that produce the following SHA-2 fingerprint,

and in conjunction with the verification procedures available on

TrueTimeStamp.org (copy available below), this certifies that the following

file existed and was time-stamped on:

Time: January 21, 2019 5:04:31 pm GMT

Stored SHA-2 Fingerprint:

adb35ce43bf540b552b52fb083b57df7cd33d5537366cc53068e16482723d832

Certificate Type: submitted-hash

Constituent Files:None Provided.

============================================================================

  Certificate Information

============================================================================

Authority: True Time Stamp ( http://TrueTimeStamp.org )

Certificate Number: 21327

Sequential Validity Chain: 6d6c0ae95ef8d6cb6db1f7ba71cbb4131f2cacc765a1b88ff8964fe6b246e3f4

============================================================================

  Important Note

============================================================================

1 - Backup copy of the original unaltered file must be kept to authenticate

   this certificate.

2 - Some editing programs may inadverently alter files by including the

   "save time" in the file contents, or changing character encoding, even if

    no edits are made. Back-up using your operating system's copy function

    rather than "Save As".

============================================================================

  Verification Procedures

============================================================================

Online - Single File Certificate:

 - Supply the ORIGINAL FILE to http://TrueTimeStamp.org for verification.

Online - Multiple File Certificate:

 - Supply THIS CERTIFICATE to http://TrueTimeStamp.org for verification.

 - Additionally, for each file that you want to prove existed at the time

   point above, you must confirm that the SHA-2 of these file(s) matches

   those listed above (see instructions "Calculate SHA-2 Fingerprint of a

   file" below).

Offline Procedures:

 - Use these procedures if http://TrueTimeStamp.org ceases to exist, or if

   you would like to independently confirm the electronic signature of this

   certificate.

 - Obtain GPG software ( https://www.gnupg.org/download )   

 - Obtain the True Time Stamp Public Key, from any of the servers below, by

       searching by email:

       EMAIL: signing-department@TrueTimeStamp.org

       KEY ID: 0x6f3b2e6ab748a8f8

       KEY Fingerprint: 0x83289060f40ded088cf246b56f3b2e6ab748a8f8

       - http://truetimestamp.org/public-keys

       - https://pgp.mit.edu

       - http://keyserver.cns.vt.edu:11371

       - http://keyserver.lsuhscshreveport.edu:11371

       - http://keyserver.ubuntu.com

       - https://keyserver.pgp.com

       - http://keyserver.searchy.nl:11371

       - http://keyserver.compbiol.bio.tu-darmstadt.de:11371

 - Download the appropriate key, save as TrueTimeStamp-key4-DSA-3072.asc

 - Optionally, verify the fingerprint of the public key.

       PUBLIC KEY SHA-2 FINGERPRINT, base64 representation, UTF-8,

       UNIX-style line breaks, without headers or footers:

       16fecee8a5fd4cc39facfd1c5db36fe2eec553cf0dfa2e7496d4a3556027790e

 - Import the downloaded public-key via command-line:

      gpg --import TrueTimeStamp-key4-DSA-3072.asc

 - Verify the authenticity of this certificate via command-lines:

      gpg --import TrueTimeStamp-key4-DSA-3072.asc

      gpg --verify myCertificateFile

 - For multi-file certificates, you may also confirm that:

       Stored SHA-2 Fingerprint matches the "Constituent Files" section

         - Copy & Paste text under "Constituent Files" section into a

               separate file, and save without trailing spaces and using

               UNIX-style newlines.

         - Calculate SHA-2 of this file, and confirm that this matches the

              Stored SHA-2 fingerprint.

 - For each file that you want to confirm the time stamp, calculate its SHA-2

      fingerprint, and confirm that this is present in this certificate above.

To Calculate SHA-2 Fingerprint of a file:

  - Online at http://TrueTimeStamp.org

  - Using software such as sha256sum, or openssl, with the command-lines:

       sha256sum MyFileName

       openssl dgst -sha256 MyFileName

Sequential Validity Chain:

  - Guards against back-dating any time stamp, or removing any time stamp

        in the future.

  - Consists of SHA-2( Sequential Validity Chain of previous certificate,

        SHA-2 of current file, UNIX Time Stamp).

  - Validity Chains are intermittently submitted to other Time Stamping

        Services.

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v2.0.14 (GNU/Linux)

iF4EAREIAAYFAlxF+58ACgkQbzsuardIqPg9YQD+KLWTO7glX7RrzAS402Njctfu

qmfhQBDXmm69wtWWQJcA/jzyqmG4ZRGQqoz05BKSage2mCSRJ5kNQOJF9wtWemXY

=rVaJ

-----END PGP SIGNATURE-----