Making Mastodon my new home

I have a vague memory of coming across the name Mastodon in the past, but I never cared about it until I read this post by my colleague at Automattic.

For those who are not aware of what Mastodon is, it’s a social networking software that anyone can download and install – thus creating a Mastodon instance.

Unlike social networking services like Twitter, Facebook and Reddit, Mastodon is different in who owns your content that you publish.

Understanding Mastodon instances

When you create an account and tweet on Twitter, your tweets are basically stored on Twitter’s service who can decide to purge your data anytime, if it’s against their terms of usage.

Mastodon, on the other hand, will be a Twitter-like service that is installed by you on your own servers. Such a setup is called a Mastodon instance.

If you are not tech savvy, you can always join other popular Mastodon instances like mastodon.social and mastodon.cloud that accept registrations. mastodon.social is the flagship Mastodon instance that was created by the Mastodon developer, Eugen Rochko – Github and Mastodon profile.

mastodon.social is crowded and registrations are closed at the moment. mastodon.cloud is the next close Mastodon instance recommended by the admins of mastodon.social, but depending on your interests, you can always choose any instance/server of your choice here.

Federated network

Given that you are signing up on a specific Mastodon instance/server, you might wonder if your communication is limited to that network.

No.

That’s where Mastodon excels. It’s a federated system that enables members of one instance/server to communicate seamlessly with other members of other instances/servers.

I am @arunsathiya@mastodon.social and this does not mean that my toots (status updates/tweets) are limited to that Mastodon server. Any user from another Mastodon server can follow me and engage with my toots.

Given the nature of this federated communication, Mastodon is highly resistant to governmental interference.

The admins of a specific Mastodon community/server/instance are who govern that community.

If a community ever decides to shut down, or is forced to shut down by authorities, you can always move to another community and continue being a part of Mastodon.

Similarly, if you ever find yourself not comfortable with being an user on a specific community, you can always setup your own Mastodon community on a server of your choice.

Another choice is to allow services like masto.host to setup a Mastodon server for you.

When you choose to own your own server, you are in control of your community – you can disable registrations if you prefer so, limit your Mastodon community to your family/friends and do much more with available administrative features on the Mastodon software.

Impersonation?

You might wonder if you sign up with your name on a specific Mastodon community like mastodon.social, what happens to the same username on other Mastodon communities?

Example: Let’s say you are ben@mastodon.social, but it does not mean that you are ben@mastodon.cloud as well, unless you sign up and secure the same username on that Mastodon community.

You might wonder if this would cause impersonators to rise, but this is pretty much not a Mastodon issue, but an issue in any federated systems.

This applies to emails and domains. There is no way you can prevent this, but to sign up on all Mastodon instances with your preferred username on each. This kind of beats the purpose of a federated system though.
It’s up to users to verify the authenticity of the person they are communicating with.

How do I access Mastodon?

Mastodon communities are web apps that you can access on any web browsers. A few networks that I have signed up for:

I can sign in into each of these Mastodon communities on Android, iOS and Mac OS using available apps. I have tested a few Android apps so far, including Tusky, Mastalab and Twidere. Of the lot, Tusky is my favorite ATM.

On the Mac OS front, Whalebird is really good.

Extending Mastodon

Mastodon is not limited to tooting with other users, but there are specific use-cases that are cropping up already and seem impressive. Two such cases:

Mirrored.Social is an instance that will #mirror some popular accounts from other social networks. If you wish to stay updated on MKBHD’s updates from Twitter, on Mastodon, there’s a bot that does just that.

Likewise, hntooter is a Mastodon bot that auto-toots front page news from Hacker News.

What you do with Mastodon and what you build on Mastodon network is limited by your creativity.

Limitations?

There are a few limitations at the moment.

For example, if you choose to sign up on a specific Mastodon community, but soon realize that this community’s rules do not resonate with your thoughts, you might want to move out to another community.

In such a case, there is no way to move your toots (content) to the new Mastodon instance. There is a open Github issue requesting this feature right here. Similarly, Mastodon does not integrate well with other software like WordPress at the moment. There is a open Jetpack request here to integrate Mastodon as a Publicize service.

I also haven’t got the hang of how Mastodon’s content visibility works. I should probably setup a Mastodon community of my own to understand how it works better.

Resonates with WordPress and other FOSS

I recently quit Twitter, Facebook, Google and the likes for available FOSS alternatives. It’s been two to three months since I quit these networks, and I don’t have any regrets. I am particularly glad that I am being more responsible about my content, my work and my personal information.

Mastodon seems to resonate a lot with WordPress as well. WordPress as a free open-source software (FOSS) can be downloaded, installed and extended by anyone. Mastodon feels similar with a difference in how federated communication comes baked in.

I came across a few other media publications and resources about Mastodon as well, which are definitely good reads:

If you do sign up on mastodon.social as well, do holler! I am @arunsathiya@mastodon.social.

Updates

August 27, 2018, 2045 IST: As David mentioned on the toot below, not everyone sees the same timeline as others – even when you compare users in the same instance.

https://divad.xyz/@zyx/100586720631616585

This is because of the privacy settings set on toots. In his words,

Due to each user’s privacy settings on a toot, who each of us are federated with, who is blocked, whis suspended server-side.

1Password is offering 6 months trial if you haven't signed up yet

I came across a deal today that’s offering 1Password trial for 6 months. I am not quite sure if this has been around since 2017, or even before that, but the good thing is that, 1Password is actively promoting the same and is encouraging new users to use that deal. Link here if you want to sign up without reading any further.
1Password has been my favorite choice of password manager these days. I have tried LastPass in the past, and have been using 1Password since April. I haven’t tried any other password managers so far. I am pretty happy with 1Password’s UI and customer support that I haven’t had a reason to move away.
Some of my most favorite things about 1Password:

The 2FA detector is a bit broken, but one can fix broken items by adding 2fa tag to it. 🔐
I am not a huge fan of the other browser extensions as they are not consistent. 1Password X aims at offering the consistency in UI. I wish 1Password X is available for Brave and Tor soon. 🌏
Related: Compare your 1Password passwords with haveibeenpwned.com list fast
If you haven’t signed up for 1Password yet, you should. The 6 months trial is a steal, and online security matters.

Compare your 1Password passwords with haveibeenpwned.com list fast

I stumbled upon this thread earlier today on the 1Password forums, and I should definitely agree with what Brenty said. It’s an excellent script to quickly check your 1Password passwords list with haveibeenpwned.com‘s compromised passwords database!

internet screen security protection
Photo by Pixabay on Pexels.com

If you are a 1Password user, you should noticed that with 1Password 7 app on Mac And Windows, there’s a new feature/section called Vulnerable Passwords that ensures that your password on the 1Password list is not one that is compromised in a data breach.
This GUI app is handy, but it’s challenging to check the status each password.
That’s where this script helps.

  • Get 1Password CLI app and set it up.
  • Get JQ. Homebrew command if you are on Mac – brew install jq
  • Download this script .zip file, extract it, enter into that folder using terminal and use ./1passwordpwnedcheck.sh to perform the test. You will be asked to signin into your 1Password account if you are not at that time.

Do note that the 1Password CLI app logs you out every 30 minutes. This is as explained by Session tokens expire after 30 minutes of inactivity, after which you’ll need to sign in again. on the 1Password CLI setup page.
In case you want to copy the script from here.

My two new favorite WordPress app features: Free photo library, Save for Later 📱

WordPress mobile apps has been improving with every update, and the latest two updates to the Android version (I am an Android user!) have added two features that I have been using a lot lately. The two new features are:

  • Free photo library that was launched on WordPress.com, now integrated on the WordPress Android app.
  • Ability to save posts to read later

Free photo library on WordPress.com mobile apps 📸

The free photo library originally launched on WordPress.com, and is available on the post/page editor screen as shown below.

Free photo library on WordPress.com
The free photo library on WordPress.com allows you to choose from over 40000 CC0 images from Pexels.com, for free.

This feature originally launched in January of this year, and in May of 2018, the same feature was launched on the WordPress.com Android and iOS mobile apps.

It allows you to pick from over 40000 CC0 images from Pexels.com. I recently started a photo blog, and have been republished these photos on Pexels.com as well. I cannot wait to see these my photos from Pexels.com being used by bloggers across the world, using WordPress.com’s free photo library. 💖

Save posts to read later 📝

Quick update: This is not available on iOS as yet. 😬
My other favorite feature that was launched on the latest version of WordPress.com mobile apps is the ability to save posts to read later. There is a shiny new “Save” icon for each post, on the homepage, when you launch your app. When you click on it, it gets added to a new list on your app, called “Saved posts“.
You can access this list anytime to read the posts that you have saved. This works offline as well!
I have a Feedly Pro subscription as well, but since I joined Automattic, I find myself using WordPress.com Reader a lot more to cover all the latest news. The “Save for Later” feature has only improved that experience by one notch. 👌
Both the features are available on the the WordPress.com Android app and the WordPress.com iOS app. The free photo library is available on both the mobile apps, but the “Save for Later” feature is available only on the Android app at this time.
Go, download the app and check these out! Tell me what you think about it in the comments! 😁

If you are traveling abroad, enable 2FA for your internet accounts now!

One of my friends is leaving to Finland tonight, and I encouraged him to enable 2 step verification (2FA – 2 factor authentication) for all his online accounts as soon as possible.
He’s moving to a new country, is going to login from new IP addresses and there’s a fair chance that the service would block his attempts to login, primarily for his account’s security.
There’s going to be SMS sent to his mobile number, only to see that he cannot use it, because he does not have access to the mobile number in a foreign country.
That’s when tools like Authy, Duo and Google Authenticator come handy. One can setup 2 step verification for any TOTP-based 2 step verification process and carry the codes securely using Authy apps for Android, iOS or Google Chrome.
Learn what 2 step verification is, and how to setup Authy for common accounts on this post I wrote.