Lemmy Support

4966 readers

6 users here now

Support / questions about Lemmy.

Matrix Space: #lemmy-space

founded 6 years ago

MODERATORS

dessalines@lemmy.ml

Private messaging is not "secure" - can this wording be improved? (lemmy.ml)

submitted 4 days ago* (last edited 4 days ago) by vas@lemmy.ml to c/lemmy_support@lemmy.ml

7 comments fedilink hide all child comments

Good day dear Lemmy community!
When I try to use lemmy's private messages, I get the following warning:

Warning: Private messages in Lemmy are not secure. Please create an account on Element.io for secure messaging.

It is very good to have this warning! However, can it be improved?
When I first encountered this wording, I was completely unsure whether the DMs would be totally public due to lemmy's limitations or its open stance, or whether the messages would have a similar security to e.g. email where your trust relies on TLS and the servers involved.

My proposal would be to change the wording to something like:

Warning: Private messages in Lemmy are not End-to-End encrypted. Please create an account on Element.io for secure messaging.

Or if the team is open to it,

Warning: Private messages in Lemmy are not End-to-End encrypted. Please use a platform with E2E encryption for private messaging.

Or if the team is even more open to it,

Warning: Private messages in Lemmy are not End-to-End encrypted. Please use a platform with E2E encryption for private messaging. Lemmy recommends Element.io and XMPP.

Thoughts? I'm ready to create a PR.

you are viewing a single comment's thread
view the rest of the comments

[–] vas@lemmy.ml 7 points 4 days ago* (last edited 4 days ago)

Based on the comments so far, maybe something like this makes sense:

Warning: Private messages in Lemmy are not End-to-End encrypted, so the respective instance owners are technically able to read them. Please use a platform with E2E encryption for private messaging. Lemmy recommends Element.io and XMPP.