I think people will assume their data is safer with Mastadon. But in a way, your data might even be more insecure, as you have no idea what and who the Instance owner is, and what they will do with the data.
Also, now the responsibility of securing the platform is in the hands of the instance owner, whom you have no idea how they have their platform setup.
FYI, an open source project called Drupal, was recently affected with a a bug where millions of sites could be hacked.
Now I'd like to know how Mastadon will combat these issues.
I think that fundamentally misses the point. No one is using a social network for "data security", the whole value add of twitter (and by extension mastodon) is the public nature.
The value add of something like mastodon is you get to choose your instance owner (and it could be yourself) which means choosing your moderation scheme. As well as offering a more transparent social experience (ie no algorithmically generated timelines to push adds or "engagement").
Comparing Mastodon to a php CMS seems like an apples to oranges comparison in every sense.
I get that. I haven't fully read the in and outs of Mastadon but from a glance, it reminds me of Wordpress with Pingbacks. Or quite simply RSS feeds, where user you follow is essentially subscribing to their feeds.
But all that aside, at the end of the day, if you "are" a user in one of the instances, you are still at the mercy of the owner's technical skills to make sure your data is safe.
If the owner one day decides he can't afford to pay his bills, or gets hacked and wipes out data, what would happen to all your posts? I believe it'd just disappear, but please do correct me if I'm wrong.
There is a lot of overlap with RSS and Pingbacks, indeed.
Mastodon today provides a tool to get data backups of your account's own data, at least, so in the case of a lost instance there may be some options.
Plus, as with blogs there is the option to be your own instance owner on a custom domain you control. So the assumed risk level can vary to what you are comfortable with.
As I am the instance owner, I am pretty sure my data is secure, both against prying eyes as well as against data rot.
> FYI, an open source project called Drupal, was recently affected with a a bug where millions of sites could be hacked.
Goiven that Drupal is a CMS, something completely different from a social network, this is like asking that you have seen an airship burn, so how are fish avoiding being eaten.
Perhaps we are talking two different things here, I was merely talking about securing your server to protect you and your users' data.
For example, can I ask you how you secure your server? Would your server be able to pass an Openvas/Nessus penetration test, have you even performed one? What are your server update policies like? Do you have any external logging server? If not, how do you know someone malicious didn't login to your server and stole your data and erased his tracks?
There are a lot more variables when it comes to security and data.
Also, now the responsibility of securing the platform is in the hands of the instance owner, whom you have no idea how they have their platform setup.
FYI, an open source project called Drupal, was recently affected with a a bug where millions of sites could be hacked.
Now I'd like to know how Mastadon will combat these issues.