Found this via Aurynn Shaw:
When following someone on a different server on the Fediverse, the remote server decides whether you are allowed to do so. This enables features like private accounts. Due to an implementation mistake, Pixelfed ignores this and allows anyone to follow even private accounts on other servers. When a legitimate user from a Pixelfed instance follows you on your locked fediverse account, anyone on that Pixelfed instance can read your private posts. You don’t need to be a Pixelfed user to be affected.
Pixelfed admins should update to v1.12.5 ASAP, but upgrading can be a major hurdle.
Importantly, your Mastodon or GoToSocial instance isn’t handing your private posts to any random server, just because it asks. The problem only becomes apparent when you have at least one legit accepted follower from a Pixelfed server. Now that server is allowed to fetch all your private posts. And when it knows the posts, it has to decide who to show them. When you accept a follower, you not only place your trust to keep a secret on them, but also on their admin and the software they are running.
Edited to add the last block quote.
Honestly pixelfed should have just not fixed it. It’s a fediverse problem that can be fixed and mastodon is just misleading people.
Platforms should either make it clear that it means just that the post isn’t advertised by default on all platforms but is always accessible to anyone that wants it or actually implement e2e encryption.
I’m not sure I would go that far. A lot of “trust and safety” type things are like this, just soft boundaries to try to shape the types of interactions people are going to get themselves into to be a little more on the pleasant side. There’s nothing wrong with Pixelfed trying to show some honor to the same advisory boundary. The real problem comes into it when projects like Mastodon start giving people the impression that “private” posts that are federated out are going to be able to stay private. As long as the user expectation is clear that it’s just an advisory setting that will tweak the algorithms for showing the post in non-assurable ways, it is fine.