Found this via Aurynn Shaw:
When following someone on a different server on the Fediverse, the remote server decides whether you are allowed to do so. This enables features like private accounts. Due to an implementation mistake, Pixelfed ignores this and allows anyone to follow even private accounts on other servers. When a legitimate user from a Pixelfed instance follows you on your locked fediverse account, anyone on that Pixelfed instance can read your private posts. You don’t need to be a Pixelfed user to be affected.
Pixelfed admins should update to v1.12.5 ASAP, but upgrading can be a major hurdle.
Importantly, your Mastodon or GoToSocial instance isn’t handing your private posts to any random server, just because it asks. The problem only becomes apparent when you have at least one legit accepted follower from a Pixelfed server. Now that server is allowed to fetch all your private posts. And when it knows the posts, it has to decide who to show them. When you accept a follower, you not only place your trust to keep a secret on them, but also on their admin and the software they are running.
Edited to add the last block quote.
Yeah. One of the very few design feature of AP that I like is that actors have their very own keys, which means that in theory you could have the keys stay in the browser unlocked by a passphrase or something, and make it so no one could forge a message by a user except that user.
It would be pretty easy to extend that, so that Lemmy DMs get encrypted with the key of the actor meant to receive them, private posts get multi-encrypted with the public keys of any approved followers, et cetera. But yeah it seems like the amount of attention this stuff gets is very minimal.
That would also key in (no pun intended) with the nomadic identity FEPs.