We maintain a free messaging server for many years and believe me, there are far more important and interesting things to do for a server operator than looking at some random user DMs. It is simply not interesting.
So the answer is yes, the server operators can look at our random DMs. You may not be interested in looking at them but some other server operator might. So it is a good thing to know this beforehand to know what we are getting into.
yikes. OK, then I'm definitely never using Mastodon. At least at Twitter and Facebook the employees have a strong incentive to not breach my privacy expectations other than me not being "interesting".
That was precisely the same with every single forum or email server since the beginning of time. And you know what, the capability to log in from anywhere and read your messages trumps privacy concernts for 99% of users. For the rest there are ways to exchange information without risk of it being accessed by third party.
Not sure if you're serious, or if this is some attempt at satire?
If it's the former: Okay, it's great that you don't feel the temptation to spy on your users, but even the most basic understanding of human nature should tell you that this doesn't generalize to all (or even most) people and organizations that would run a messaging server, free or not.
I'm serious and I also know many operators of public servers. Unless you are somebody important/person of interest for various three letter agencies, no one cares for your messages. If you are such person, just run your own server and use e2ee. Other than that, enjoy the convenience and easy message syncing and server side search the unencrypted messaging brings.
No, most likely we shouldn't improve on that. If you force an end-to-end encryption on all users, you'll introduce an extreme inconvenience for users so they'll have to do things like identity verification of their messaging partners, do fingerprint matching, and also lose the capability to easily sync messaging history between different devices. Or you could skip on major inconveniences like identity verification, turning your encryption into a security theater [0].
99,9% of users want convenience and a warm fuzzy feeling of being secure, they don't want to exchange keys and do other nasty stuff that real e2ee requires of the. This was proven in force by Durov, who just promised that his app is the most secure ever, while, in fact, all regular messages in Telegram are unencrypted (except so-called secret chats), and I'm yet to receive a secret chat request in telegram from anyone.
