239 Matching Annotations
  1. Nov 2024
    1. https://web.archive.org/web/20241117122125/https://support.signal.org/hc/en-us/articles/6829998083994-Phone-Number-Privacy-and-Usernames-Deeper-Dive#:~:text=A%20username%20is%20a%20way,are%20chatting%20with%20in%20Signal

      Signal allows you to set usernames. They are unique but temporary (and you can have only 1 at a time). User names can be used to connect to you without sharing your phone number. Set an optional username in Settings Profile. They have two numbers at the end (you can set them).

      User names can be shared in three ways: - tell someone (and then change it so they cannot communicate it further) - share a QR code - share a unique URL (which does not contain your username in clear text)

      Signal can't 'easily' see which phone number has which username. But given a username it can find the associated phonenumber. 'easily' means it can be done though, and thus both ways.

      An old username will become available to others after a week, meaning imo they should not contain any identifiable or associative information.

      Found this through someone suggesting that sharing your Signal username through Mastodon would allow private msgs. Yes, but the world will know your username, so you're open to all people who might think it fun to msg you.

  2. Sep 2024
    1. each of these instances will need to comply with a set of minimumobligations for intermediary and hosting services, including having a single point of contact and legal representative, providing clear terms and conditions, publishing bi-annual transparency reports, having a notice and action mechanism and, communicating information about removals or restrictions to both notice and content providers

      Revisiting this after 2yrs, now as board member of mastodon.nl, need to read relevant DSA sections again, and think about if/how this applies. The list here as such is almost completely covered by default, except for the reports, which will come as we're heading towards ANBI status anyway.

      -[ ] lees DSA met mastodon.nl bril tav kleine platforms #activityclub #30mins

  3. Jul 2024
    1. https://web.archive.org/web/20240725080148/https://fossacademic.tech/2024/02/11/Move-Slowy-Preview.html [[Move Slowly and Build Bridges by Robert Gehl]] is a forthcoming book on 'Mastodon, the Fediverse, and the Struggle for Ethical Social Media'. This post gives summaries per chapter of the draft. Ch1 focuses on Xodus after Musk only. Odd, there are many examples where costs of leaving socmed platforms played a role, which may well be more informative than just n=1. Ch 2 on AP as protocol Ch 3 CoC as a social layer on networked tech (no regard here it seems for the fact that human networks exist outside of tech and span multiple tech platforms simultaneously, and themselves have social norms that guid behaviour regardless whether codified in CoC or expressed in federation choices) Ch 4 on blocking and defederation as a needed safety tool. Socially I think the default might need to be the other way around, federating is the choice, defed the default, as it is how we do it socially irl. We are not unwelcoming to newcomers in a group but we are wary. Ch 5. Who pays for the fediverse infra. Short answer is we all do/many of us do. I pay my own instance, and also contribute hours to the governance of the largest Dutch instance. Good point about people forgetting there are other bizz models for digital media than what centralised adtech kraken do. Ch 6. on eco impact of socmed, and need of awareness what running this stuff costs ecologically. Seems to then pivot to how degrowth and solarpunk people using fediverse tech to interact, which is not the same thing. (It says mitigate, but compared to what, X? ) Ch 7. Threads , or the corp reaction to a growing fediverse. Conclusion, this is where the ethics will be discussed finally.

      Forthcoming w Oxford Univ Press. Not sure this is for me, reads like a snapshot with a limited time window in which it might be informative. Perhaps of interest for [[Stichting ActivityClub Bestuur Hoofdnote]].

    1. Verbeterpunten zijn onder andere het beperkte bereik van de doelgroep

      This reads like classic 'it's not the same as X'. And an overestimation of actual human accounts on X in the Netherlands. Although yes, Dutch accounts on Mastodon aren't many, they are easily found, and interaction is up.

    2. https://web.archive.org/web/20240713075513/https://www.digitaleoverheid.nl/nieuws/1-jarig-mastodon-overheid-blikt-terug-en-vooruit/

      Dutch public sector has experimented with Mastodon for a year now. Pilot will run until December 2024. Started with 20 entities, now 40 active accounts. Plus is the easy recognition as authentic source (it runs on social.overheid.nl). They will open up to all levels of civil service in 2025. Good development.

  4. Jun 2024
  5. Apr 2024
    1. How does 'we've lost tax-exempt status in Germany' logically lead to 'let's incorporate in the US'? What makes paying tax bad? What about the tax exempt non-profit status in one of the other EU countries (Easy to form, I chair one and am on the board of two others e.g.)? What are the consequences of starting a US entity, how does it affect Mastodon falling within the scope of the Patriot act, what about how every data transaction to a US based entitiy is currently now legally covered in the EU? Which assets fall under the new entity?

  6. Feb 2024
  7. Jan 2024
    1. https://streetpass.social/

      StreetPass, a browser extension that leverages rel="me" for compiling a list of potential mastodon accounts to follow as you visit websites.

  8. Dec 2023
  9. Nov 2023
  10. Oct 2023
  11. Sep 2023
  12. Aug 2023
    1. Constantly being told I was somewhat dim because I didn’t understand how to do things or what the unwritten rules were.

      This, I particularly hate and hope desperately I did not contribute to.

  13. Jul 2023
    1. As Threads "soars", Bluesky and Mastodon are adopting algorithmic feeds. (Tech Crunch) You will eat the bugs. You will live in the pod. You will read what we tell you. You will own nothing and we don't much care if you are happy.

      Applying the WEF meme about pods and bugs to Threads inspiring Bluesky and one Mastodon app to push algorithmic feeds.

  14. Jun 2023
  15. May 2023
    1. https://share-on-mastodon.social/

      A really neat customizable "Share on Mastodon" button for your pages or posts.

  16. Apr 2023
    1. they require the original server to provide a redirect and cannot migrate the user's previous data.

      This is... an extremely strange conclusion to come to regarding Social Web account migration, to say the least.

      Taking Mastodon as the handy example...

      The only reason to use the (extremely competent, bizarrely fast) process of redirection is that one... would like to have the "required" redirect on the original server. If a user intends to move to a different Mastodon instance and does not want to leave a redirect, that step is just... removed from the process.

  17. tantek.com tantek.com
    In https://www.theverge.com/2023/4/20/23689570/activitypub-protocol-standard-social-network, author @pierce@mas.to does an excellent job covering a broad range of #ActivityPub related updates, and goes beyond the usual #Mastodon focus to describe numerous implementations. I was very happy to see that he also clearly communicated several #IndieWeb principles^1, practices, goals, and reasons why^2. Like this quote: “But the advice you’ll hear from most people in this space is this: own your own domain. Don’t be john@/mastodon.social or anna@/facebook.com. Have a space that is yours, that belongs to you, a username and identity that can’t disappear just because a company goes out of business or sells to a megalomaniac.” and this: “It’s [your own domain is] your YouTube channel name and your TikTok username and your Instagram handle and your phone number and your Twitter @, all in one name.” Great interviews with @stevetex@mozilla.social, @mike@flipboard.social, @dustycloud.org (@cwebber@octodon.social), @evanp.me (@evan@cosocial.ca), @anildash.com (@anildash@me.dm), @coachtony@me.dm, and @manton.org. As Manton said in the article: “If you solve identity with domain names, it makes things easier because it fits the way the web has been for 20 years,” Pierce also noted: “you might soon be able to turn your personal website into your entire social identity online” Already can. I replied to Pierce’s post^3 about his article noting this^4, from #federating directly from my website for the past ~6 months^5, to over a decade of using it as my social identity with the POSSE method^6 with various #socialMedia silos. It’s important enough that I’ll repeat part of Pierce’s quote at the top: “own your own domain. Don’t be john@/mastodon.social or anna@/facebook.com. Have a space that is yours” He gets it. Don’t be someone at someone else’s server. Big Chad or Little Chad’s garages^7 are social media stepping stones towards owning your own domain and IndieWeb presence. We’re here when you’re ready to take that next step: https://chat.indieweb.org/ This is day 38 of #100DaysOfIndieWeb. #100Days ← Day 37: https://tantek.com/2023/109/t2/years-ago-first-federated-indieweb-thread → Day 39: https://tantek.com/2023/112/t2/account-migration-post-blog-archive-format ^1 https://indieweb.org/principles ^2 https://indieweb.org/why ^3 https://mas.to/@pierce/110231624819547202 ^4 https://tantek.com/2023/110/t1/ ^5 https://tantek.com/2022/301/t1/twittermigration-bridgyfed-mastodon-indieweb ^6 https://indieweb.org/POSSE ^7 https://tantek.com/2023/001/t1/own-your-notes - Tantek
    1
  18. Mar 2023
  19. Feb 2023
  20. Jan 2023
    1. I noticed fairly quickly that the iOS app was a re-branded release of what used to be Mast. My first instinct upon this discovery was to DM Mast's original developer, Shihab Meboob, on Twitter, but frankly, I've already bothered him enough there over the years, so it's understandable that I didn't hear back. When I downloaded the desktop app I found on Roma's web page and noticed its similarity to Whalebird, I decided to use the site's contact form to inquire about what exactly was going on as gingerly as I could. Happily, I received a reply just *minutes- later from Leo Radvinsky, head of Leo.com, “a Florida-based boutique venture capital fund that invests in technology companies:” Hi David, In both cases we funded the original developers of both Mast and Whalebird to create a branded whitelabel app specially made for Pleroma. The idea was to make Roma a cross platform brand/app. It didn't really work out so now we're working on a new app from scratch called Fedi for iOS and Android and releasing that as open source. https://play.google.com/store/apps/details?id=com.fediverse.app&hl=en*US&gl=US https://apps.apple.com/in/app/fedi-for-pleroma-and-mastodon/id1478806281 I think Roma has been removed from the app stores as it's no longer supported. Let me know if you have any other questions

      ...coming back to this, now. ...

    1. The code above is somewhat simplified and missing some checks that I would advise implementing in a serious production application. For example:The request contains a Date header. Compare it with current date and time within a reasonable time window to prevent replay attacks.It is advisable that requests with payloads in the body also send a Digest header, and that header be signed along in the signature. If it’s present, it should be checked as another special case within the comparison string: Instead of taking the digest value from the received header, recompute it from the received body.While this proves the request comes from an actor, what if the payload contains an attribution to someone else? In reality you’d want to check that both are the same, otherwise one actor could forge messages from other people.
    2. We need to read the Signature header, split it into its parts (keyId, headers and signature), fetch the public key linked from keyId, create a comparison string from the plaintext headers we got in the same order as was given in the signature header, and then verify that string using the public key and the original signature.

      ```ruby require 'json' require 'http'

      post '/inbox' do signature_header = request.headers['Signature'].split(',').map do |pair| pair.split('=').map do |value| value.gsub(/\A"/, '').gsub(/"\z/, '') # "foo" -> foo end end.to_h

      key_id = signature_header['keyId'] headers = signature_header['headers'] signature = Base64.decode64(signature_header['signature'])

      actor = JSON.parse(HTTP.get(key_id).to_s) key = OpenSSL::PKey::RSA.new(actor['publicKey']['publicKeyPem'])

      comparison_string = headers.split(' ').map do |signed_header_name| if signed_header_name == '(request-target)' '(request-target): post /inbox' else "#{signed_header_name}: #{request.headers[signed_header_name.capitalize]}" end end

      if key.verify(OpenSSL::Digest::SHA256.new, signature, comparison_string) request.body.rewind INBOX << request.body.read [200, 'OK'] else [401, 'Request signature could not be verified'] end end ```

    1. Because I'm always forgetting them, and they're annoying to look up, my user ID's for:

      • mastodon.social: 17545
      • hcommons.social: 109429840453119702

      Also the permalink URL formats for reposts/links https://instance.org/@screenname/postID#reposted-by-userID

    1. https://mastodon.art/@fediblock

      I boost everything from the #fediblock hashtag that isn't noise, reruns, or user-level. Do your own homework beyond that.

      <small><cite class='h-cite via'> <span class='p-author h-card'>@welshpixie@mastodon.art</span> in "If you're an instance admin/mod struggling to keep up with the fediblock tag, @fediblock is a 'curated' version that filters through the trolling/misuse of the tag and repeat entries, and only boosts the actual proper fediblock content. :)" - Mastodon.ART (<time class='dt-published'>01/05/2023 11:17:52</time>)</cite></small>

  21. Dec 2022
    1. Tom MacWright, a software developer in Brooklyn, has firsthand experience with the pitfalls of ActivityPub. As an experiment, he tried to turn his photo blog into an actor that could be followed by users via their Mastodon accounts. It worked in the end—and you can search for @photos@macwright.com from your Mastodon instance to follow his photography—but it wasn't easy.

      Example of how ActivityPub standards don't work in practice, in part because Mastodon is an 800 pound gorilla which actively flauts or adds their own "standards".

    1. FOSSDLE Commons (new OER Foundation project) https://social.fossdle.org/ 4 OERu https://mastodon.oeru.org/ 6 Open EdTech https://openedtech.social/ 8 Fossodon (open source) https://fosstodon.org/ 1 Wikis World (wiki enthusiasts) https://wikis.world 1
    1. https://www.movetodon.org/

      What a lovely looking UI.

      The data returned will also give one a strong idea of how many of their acquaintances have made the jump as well as how active they may be, particularly for those who moved weeks ago and are still active within the last couple of days. For me the numbers are reasonably large. 860 of 4942 have accounts presently and in scrolling through it appears that 80% or so have been active within a day or so regardless of account age.

    1. Although there is no server governance census, in my own research I found very few examples of more participatory approaches to server governance (social.coop keeps a list of collectively owned instances)

      Tarkowski has only seen a few more participatory server governance set-ups, most are 'benevolent dictator' style. Same. I have seen several growing instances that have changed from 'dictator' to a group of moderators making the decisions. You could democratise those roles by having users propose / vote on moderators. It's what we do offline in communal structures.

    2. Mastodon is a sustainable, healthy network that reached – before the migration begun – an equilibrium of around 5 million overall, with half a million active users. So why does it need to grow further? Because millions more people need access to healthy, just, sustainable, user-friendly communication tools. Hans Gerwitz described it as seeing the network’s growth as “souls saved,” instead of “eyeballs captured.”  

      An eye-opening metric. 'souls saved' vs eyeballs. As in, the number of people with access to a community values reinforcing platform. Vgl [[EU Digital Rights and Principles]] and [[Digital Services Act 20210319103722]] more geared to things that aren't specifically aimed at the culture of interaction, but at things that can be regulated (in the hope that it will impact culture of interaction).

    1. Forks that do have a custom limit usually expose it as the max_toot_chars field in /api/v1/instance

      https://discourse.joinmastodon.org/t/get-character-limit-from-instance/3643/2

      Appending /api/v1/instance to a Mastodon instance will return a lot of interesting data about it and how it's set up.

    1. For those of you wondering if hcommons on mastodon has taken measures to ward against the sort of meltdown the server had a few weeks ago, there's a update from one of the admins: https://hcommons.social/@kfitz/1094609

      https://hcommons.social/@amisamileanded/109466986626984098

      Apparently sometime within it's first month of existence hcommons.social had a server meltdown of some sort. The admins addressed and hardened their set up.

    1. certain classes of Mastodon page have corresponding RSS feeds, and wondered if the tag pages are members of one such class. Sure enough they are, and https://mastodon.social/tags/introduction.rss is a thing.

      Mastodon has RSS feeds available for tags!

    1. I have 17K followers

      People talk about their huge follower counts on Twitter, but seem to discount the number of bots, inactive accounts, and other cruft that make up that number.

      Most people moving to Mastodon are reporting much more honest, human, and warm engagement on the platform over their experiences on Twitter.

    1. https://dolphin.town/about/more

      A social media service for dolphins where you can only send messages with the letter "e".

      compare with https://oulipo.social/about which elides the letter e

    1. Last night I posted a message to both Mastodon and Twitter saying how great M's support for RSS is. Apparently a lot of people on Masto didn't know about it and the response has been resounding. And the numbers are very lopsided. The piece has been "boosted" (the Masto equiv of RT) 1.1K times, yet I only have 3.7K followers there. Meanwhile on Twitter, where I have 69K followers, it has been RTd just 17 times. My feeling was previously that Mastodon was more alive, it's good to have a number to put behind that.

      http://scripting.com/2022/12/03.html#a152558

      Anecdotal evidence for the slow death of Twitter and higher engagement on Mastodon.

    1. tldr.nettime is an instance for artists, researchers, and activists interested in exploring the intersections of technology, culture, and politics. It has grown out of nettime-l, one of the longest-running mailing lists on the net — in particular, on the 'cultural politics of the internet'.
    1. Most Mastodon servers run on donations, which creates a very different dynamic. It is very easy for a toxic platform to generate revenue through ad impressions, but most people are not willing to pay hard-earned money to get yelled at by extremists all day. This is why Twitter’s subscription model will never work. With Mastodon, people find a community they enjoy, and thus are happy to donate to maintain. Which add a new dynamic. Since Mastodon is basically a network of communities, it is expected that moderators are responsible for their own community, lowering the burden for everyone. Let’s say you run a Mastodon instance and a user of another instance has become problematic towards your users. You report them to their instance’s moderators, but the moderators decline to act. What can you do? Well a lot, actually.

      Accountability economy

      Assuming instance owners want their instance to thrive, they are accountable to the users—who are also donating funds to run the server. Mastodon also provides easy ways to block users or instances, and if bad actors start populating an instance, the instance gets a bad name and is de-federated by others. Users on the de-federated instance now have the option to stick around or go to another instance so they are reachable again.

    1. https://www.downes.ca/post/74564

      Stephen Downes is doing a great job of regular recaps on the shifts in Twitter/Mastodon/Fediverse lately. I either read or saw all these in the last couple of days myself.

  22. Nov 2022
    1. Matthew Thomas has created a remote follow tool called apfollow, with source available. This creates a page where you can follow a Mastodon account by entering your own details in a box and it redirects you to your home server to do the follow. Here’s a link to follow my Mastodon.ie account.

      This looks cool.

    1. Literature, philosophy, film, music, culture, politics, history, architecture: join the circus of the arts and humanities! For readers, writers, academics or anyone wanting to follow the conversation.
    1. hcommons.social is a microblogging network supporting scholars and practitioners across the humanities and around the world.

      https://hcommons.social/about

      The humanities commons has their own mastodon instance now!

  23. techpolicy.press techpolicy.press