Back in 2022, I wrote this rather grumpy post on Mastodon, the federated social media platform. @Edent@mastodon.socialTerence EdenMastodon enforces a "noreferrer" on all external links.I have mixed feelings about that.As a blogger, I want to see *where* visitors are coming from. I also like to see (and sometimes join in) with the conversations they're having.But, I get that people want privacy and don't want to "leak" where they're visiting from.Is it such a bad thing to tell a website "I was…
Continue reading →
What is a hashtag? Fifteen years ago (fuck, I'm old) I started documenting what Twitter's nascent hashtags could and couldn't do. Back in 2010, this is how the official Twitter site linked hashtags. Notably, punctuation symbols didn't "count" as part of a tag. How does modern social media handle something like #Fish&Chips? Mastodon links directly to #Fish&Chips BlueSky links directly to #Fish&Chips Threads links to a search for Fish & Chips What about normalisation? Should #Romeo…
Continue reading →
Both Mastodon and BlueSky have the concept of "self-verification". Rather than trust a central authority to assess your notability and then bless your account (as Twitter used to do), they let anyone self-attest using Domain Verification. What does that mean? You tell the service what your website is. The service gives you a secret code. You upload that secret code onto your website. The service checks the secret code is on the website. If it is, the service says your domain is verified. …
Continue reading →
If you've found this page, it's because you are me in the future and want to remember these instructions! Create an account on the Fediverse using a domain you control For example @user@bots.example.com Follow the Fediverse-ATProto bridge @bsky.brid.gy@bsky.brid.gy Your account will need to be over 2 weeks old and have a name, profile picture, etc. You now have an account on BSky! Its name will be something like user.bots.example.com.ap.brid.gy Get the DID of your account …
Continue reading →
What does it mean to block someone on a social media site? Way back in the mists of time, we dealt with trolls on Usenet with the almighty PLONK - PLaced On Newsgroup Killfile. It meant your newsreader never downloaded their posts. They could rant at you all day long, and you'd never hear from them. It's what we would nowadays call "Mute". But, whether you're on Usenet or a modern social network, muting someone doesn't actually stop them replying to you. The miscreant can still see your…
Continue reading →
Several years ago, I posted this poll on Twitter. Terence Eden is on Mastodon@edentIf the recent Twitter hack had exposed they way you voted on every Twitter poll, how would you feel?(There is no suggestion that this has happened, I'm just curious about people's relationships to voting and privacy.)Meh. So what?: (167)167Hmph. That's annoying.: (68)68Umm… This could be bad!: (32)32Delete account & run away: (8)8❤️ 0💬 8🔁 005:55 - Thu 23 July 2020 Most of the tech world that I interact with has …
Continue reading →
Many years ago, when I was younger and more foolish, I worked for an advertising startup. Things seemed to be going pretty well! The office was expanding, the sales team was screaming into phones, the budget for servers was rising. Growth had been healthy, but now looked to be plateauing. One day we were summoned into a large conference room. Our CEO was on the speakerphone (I told you this was a long time ago) with an important update on our financial situation. I think every arsehole in the …
Continue reading →
Vague thoughts as they enter my brainbox. The BlueSky social network has introduced "Reply Gating" - it looks like this: You can write your hot take on Taylor Swift and not be inundated by weirdos replying to you. Nifty! This is nothing new. Twitter has it. Facebook has the concept of "audiences" to restrict who your post is visible to. And, of course, blogging has this! There is a comment form at the bottom of this page - and I moderate it. If you post something stupid, I don't have to…
Continue reading →
I didn't realise this, so I'm documenting it to stop other people making the same silly mistake that I did. Messages in ActivityPub have two distinct ID strings. Here's a (truncated) view of what happens when I send a new message on Mastodon: "id": "https://mastodon.social/users/Edent/statuses/1234567890/activity", "type": "Create", "actor": "https://mastodon.social/users/Edent", "published":…
Continue reading →
Mastodon makes heavy use of HTTP Message Signatures. They're a newish almost-standard which allows a server to verify that a request made to it came from the person who sent it. This is a quick example to show how to verify these signatures using PHP. I don't claim that it covers every use-case, and it is no-doubt missing some weird edge cases. But it successfully verifies messages sent by multiple Fediverse servers. Let's step through it with an example of a message sent from Mastodon to my…
Continue reading →
Any computer program can be designed to run from a single file if you architect it wrong enough! I wanted to create the simplest possible Fediverse server which can be used as an educational tool to show how ActivityPub / Mastodon works. The design goals were: Upload a single PHP file to the server. No databases or separate config files. Single Actor (i.e. not multi-user). Allow the Actor to be followed. Post plain-text messages to followers. Be roughly standards compliant. And those…
Continue reading →
We live in the future now. It is OK to use Unicode everywhere. It seems bizarre to me that modern Internet services sometimes "forget" that there's a world outside the Anglosphere. Some people have the temerity to speak foreign languages! And some of those languages have accents on their letters!! Even worse, some don't use English letters at all!!! A decade ago, I was miffed that GitHub only supported some ASCII characters in its project names. There's no technical reason why your repo can't …
Continue reading →
