Good day dear Lemmy community!
When I try to use lemmy’s private messages, I get the following warning:
Warning: Private messages in Lemmy are not secure. Please create an account on Element.io for secure messaging.
It is very good to have this warning! However, can it be improved?
When I first encountered this wording, I was completely unsure whether the DMs would be totally public due to lemmy’s limitations or its open stance, or whether the messages would have a similar security to e.g. email where your trust relies on TLS and the servers involved.
My proposal would be to change the wording to something like:
Warning: Private messages in Lemmy are not End-to-End encrypted. Please create an account on Element.io for secure messaging.
Or if the team is open to it,
Warning: Private messages in Lemmy are not End-to-End encrypted. Please use a platform with E2E encryption for private messaging.
Or if the team is even more open to it,
Warning: Private messages in Lemmy are not End-to-End encrypted. Please use a platform with E2E encryption for private messaging. Lemmy recommends Element.io and XMPP.
Thoughts? I’m ready to create a PR.

I think both are bad communication. When I hear “messages are not end to end encrypted”, I think that my ISP or a hacker might be able to see them but not, like, ordinary people. In reality, whatever shitheads are administrating either your or the recipients instances.
I think “private messages are visible to both your and the recipients instance administrators” would be more clear