By @edent · ActivityPub bot fediverse · 8 comments · 350 words · read ~1,013 times.
As you may have read, BotsIn.Space is closing down, I have lots of automated bot accounts living on the Fediverse - and I want them to continue posting. Installing and maintaining an entire Mastodon instance sounds like hard work. Paying people to host my stuff feels like putting my fate in someone else's hands. Say… […]
Continue reading →By @edent · ActivityPub BlueSky mastodon Social Media twitter · 2 comments · 750 words · read ~260 times.
What does it mean to block someone on a social media site? Way back in the mists of time, we dealt with trolls on Usenet with the almighty PLONK - PLaced On Newsgroup Killfile. It meant your newsreader never downloaded their posts. They could rant at you all day long, and you'd never hear from […]
Continue reading →By @edent · ActivityPub fediverse mastodon privacy · 3 comments · 500 words
Several years ago, I posted this poll on Twitter. Terence Eden is on Mastodon@edentIf the recent Twitter hack had exposed they way you voted on every Twitter poll, how would you feel?(There is no suggestion that this has happened, I'm just curious about people's relationships to voting and privacy.)Meh. So what?: (167)167Hmph. That's annoying.: (68)68Umm… […]
Continue reading →By @edent · ActivityPub mastodon Social Media · 16 comments · 250 words
Vague thoughts as they enter my brainbox. The BlueSky social network has introduced "Reply Gating" - it looks like this: You can write your hot take on Taylor Swift and not be inundated by weirdos replying to you. Nifty! This is nothing new. Twitter has it. Facebook has the concept of "audiences" to restrict who […]
Continue reading →By @edent · ActivityPub fediverse IoT Social Networks · 15 comments · 550 words · read ~2,861 times.
One of the most frustrating things in modern technology is the effort spent trying to artificially restrict abundance. Take, for example, this tale from museum-worker Aaron Cope: I was out with a friend who worked for Twitter and I asked them whether it would be possible for the museum to “create 200,000 Twitter accounts, one […]
Continue reading →By @edent · ActivityPub mastodon · 2 comments · 500 words
I didn't realise this, so I'm documenting it to stop other people making the same silly mistake that I did. Messages in ActivityPub have two distinct ID strings. Here's a (truncated) view of what happens when I send a new message on Mastodon: "id": "https://mastodon.social/users/Edent/statuses/1234567890/activity", "type": "Create", "actor": "https://mastodon.social/users/Edent", "published": "2024-03-10T16:13:49Z", "object": { "id": "https://mastodon.social/users/Edent/statuses/1234567890", […]
Continue reading →By @edent · ActivityPub CyberSecurity http security · 5 comments · 400 words
It's never great to find out you're wrong, but that's how learning and personal growth happens. HTTP Message Signatures are hard1. There are lots of complex parts and getting any aspect wrong means certain death2. In a previous post, I wrote A simple(ish) guide to verifying HTTP Message Signatures in PHP. It turns out that […]
Continue reading →By @edent · ActivityPub php · 3 comments · 450 words · read ~508 times.
A few weeks ago, I built an ActivityPub Server in a Single PHP File. It's a proof of concept showing how easy it is to turn a website into a full-featured Fediverse participant. After a bunch of feedback and testing, I've added a some features to make it slightly more useful. A single PHP file […]
Continue reading →By @edent · ActivityPub cryptography http mastodon security · 2 comments · 1,250 words
Mastodon makes heavy use of HTTP Message Signatures. They're a newish almost-standard which allows a server to verify that a request made to it came from the person who sent it. This is a quick example to show how to verify these signatures using PHP. I don't claim that it covers every use-case, and it […]
Continue reading →By @edent · ActivityPub CyberSecurity encryption fediverse http · 10 comments · 550 words
I'm trying to get my head round HTTP Signatures as they're used extensively in the Fediverse. Conceptually, they're relatively straightforward. You send me a normal HTTP request. For example, you want to POST something to https://example.com/data You send me these headers: POST /data Host: example.com Date: Sat, 24 Feb 2024 14:43:48 GMT Accept-Encoding: gzip Digest: […]
Continue reading →