I've written an ActivityPub server which only allows you to post messages to your followers. That's all it does. It won't record favourites or reposts. There's no support for following other accounts or receiving replies. It cannot delete or update posts nor can it verify signatures. It doesn't have a database or any storage beyond flat files. But it will happily send messages and allow itself to be followed. This shows that it is totally possible to broadcast fully-featured ActivityPub…
Continue reading →
I remember seeing the original "A new decentralized microblogging platform" on HackerNews back in October 2016. A few weeks later, I joined - becoming the 7,112th user. As the years went on, my use of it waxed and waned. I started cross-posting to both Mastodon and Twitter. Gradually, I started spending more time on the Fediverse. Once Elon shat the bed on Twitter, I moved over completely. And, you know what, I don't regret it for a second. I've found a lovely community of people. I get my…
Continue reading →
I've responsibly disclosed a small security issue with Mastodon (GHSA-8982-p7pm-7mqw). It allows a sufficiently determined attacker to use any Mastodon instance to redirect unwary users to a malicious site. What do you think happens if you visit: https://mastodon.social/@PasswordReset/111285045683598517/admin? If you aren't logged in to that instance, it will redirect you to a 3rd party site. Try opening it in a private browser window. Here's another, less convincing, demo: …
Continue reading →
I wrote a moderately popular post on Mastodon. Lots of people shared it. Is it possible to find out how many different ActivityPub servers it went to? Yes! As we all know, the Fediverse is one big chain mail. I don't mean that in a derogatory way. When I write a post, it appears on my server (called an "instance" in Mastodon-speak). Everyone on my instance can see my post. My instance looks at all my followers - some of whom are on completely different instances - and sends my post to…
Continue reading →
You can now have this blog federated to your social media site by following @blog@shkspr.mobi If you're on Mastodon, it should look something like this: You should be able to follow it on Lemmy, kBin, PixelFed, and some cool social network I've never heard of. How This blog runs on WordPress. Thanks to the tireless work of Matthias Pfefferle, there's now an official WordPress ActivityPub plugin. It's pretty easy to set up - just install and click on settings. But there are a few niggles …
Continue reading →
The latest version of Mastodon includes search functionality. It's early days, but seems to work pretty well. Here are some of the interesting things I found when using it. Search is complex - expectations I don't mean the act of searching a database - that's routine - but I mean it is socially complex. Lots of people left Twitter because it was too easy to search for them. For example, if you really hate people who support the wrong football team, it's trivial to search Twitter for people…
Continue reading →
One of the many great things about the Fediverse (Mastodon, PixelFed, Lemmy, etc) is that your account is portable. Let's say you're bob@social.boring and, one day, you decide to move your account to foxyfun@furryextreme.yif. Well, with a few clicks of a button, all of your old followers are now following your brand new account. You're still following all your old friends. The accounts you wanted to block and mute are still silenced. Perfect! Except... What happens to the people who blocked …
Continue reading →
Last week, this strange mention appeared on my Mastodon feed. After a bit of clicking around, I figured out what had happened. A user on the Kbin social network had linked to my Mastodon profile. Thanks to the magic of the ActivityPub protocol, it filtered into my mentions - even though I've never even heard of Kbin. That's pretty cool! A user on one social network can mention a user on a different social network - neither needs to be registered on the other. And that is where things get a…
Continue reading →
Twitter's decision to hobble its API has meant that a number of useful alerting bots might no longer function. Your local subway might not be able to Tweet each morning about delays on the line, nor will a tornado warning be displayed as you scroll through photos of brunch, and forget about flood alerts between your memes. In one sense, this is sad. A set of useful public services are being cut off from their audience. My friend, Bill Thompson, described this as "unnecessary disruption" I, on…
Continue reading →
I'm a big fan of Untappd. It's a social drinking app which lets you check in to a beer and rate it. Look, we all need hobbies, mine is drinking cider. You can see a list of everything I've drunk over the 13 last years. Nearly 900 different pints! After checking in, the app automatically posts to Twitter. But who wants to prop up Alan's failing empire? Not me! So here's some quick code to liberate your data and post it elsewhere. There are two ways - APIs and Screen Scraping. API First up,…
Continue reading →
How should I design my personal DNS for all the cool new Federated Services and IndieWeb protocols? Way back in the early 2000s, I started this website - shkspr.mobi. A few years later, I added a blog. I could have used the main domain, or created a subdomain like blog.shkspr.mobi. In the end, I chose a subdirectory of shkspr.mobi/blog I don't know if that was the right choice back then, but it is looking like the wrong choice now. I want to be a "first class" citizen of the Fediverse. I…
Continue reading →
Twitter's over, my dudes! And now everyone is on Mastodon! But Mastodon isn't a site, it is a federated network running an interoperable protocol! Yay for ActivityPub! Anyway, that means there isn't one Mastodon website. There are many. There is only one Twitter. There is only one Facebook. There is only one Instagram. If you want to interact with Twitter/FB/Insta then you have to do it on those websites, or via the official apps. Mastodon is decentralised. I am on Mastodon.Social, and you …
Continue reading →
