Another social media app - Mastodon

Nov 7, 2022 · 5 min read

Legacy social media apps

Twitter and Facebook were my go-to social media apps back 10 years ago. I started using Facebook 2008 (yes, I was late to the party) and I connected to most of my friends there due to its popularity in Hong Kong. In 2009, via tech conferences (most of it were related to Docker), I learned that there is a thing call Twitter. Through Twitter, I learn a lot of stuff about Docker, later Kubernetes, and things in technology space in general. Given the way that Facebook treats user data, I tried to stay away from it since 2017. I rarely log onto it unless I had to (like contacting a friend who I only know on Facebook). Twitter had been the only social media app that I used since then. Twitter feed was batter than Facebook as there was less advertisements (back then) and the feed was mostly chronological (back then). I could get a lot of useful information from it and it does not serve too much noises.

Unfortunately, as with all the things in the last few years in Hong Kong and abroad, nothing is guaranteed forever. The way that staff of Twitter were treated recently was harsh but you may argue that it was a business decision. To continue to use Twitter, it is kind of endorsing the way Twitter will do things in the future in the name of free speech. Fortunately, there is a not-so-bad alternative for it and it is named Mastodon.

How does Mastodon works?

It is federated and it is different from Twitter in terms of storing and serving the feeds. With Mastodon, there is no one company store and serving all the data. In fact, if you want to go through the pain of setting up a Mastodon instance, you can store and serve your own feed data. To understand how this federated network works, you can think of how email works. Creating a toot (or a tweet in old money) is like sending out an email. You will need to sign up with an email service or you create your own email server. Mastodon works the same way; you sign up for a Mastodon instance (server) or you create your own. When a toot is created, it will be stored and served by the server you signed up with.

There are potentially millions, if not hundreds of millions, of Mastodon instances and there is no way one can sign up for all of them to read the feed of other users. This problem is solved by ActivityPub protocol which Mastodon uses. You can search for a handle (user) from your instance and the instance will search itself and other instances for that handle. Mastodon is able to discover each other through ActivityPub protocol. Thus, you can discover and follow others using ActivityPub and the protocol takes care of the data exchange between Mastodon instances. When a toot is created, it will be cached in the Mastodon instances which has users following the creator of the toot.

Good and bad

Mastodon is open-sourced and you can check its source code. This is good thing in terms of general security. For an average user, it also means there will be less “unwanted” features to be introduced. At the moment, there are no advertisements in the feeds which is a very good thing to me. The feed is also in chronological order which could save me a lot of time and ease my worry of missing something (and you know that feeling…).

Choosing a Mastodon instance to sign up with is important. It is partly because your data will be stored on that instance. Another important part is that moderation is not done by Mastodon but human moderators of your instance. Thus, each instance can have its own rules in terms of moderation and one instance can ban another instance. Another catch is that you probably need to know if your instance can scale up to the load to serve all users of it.

Search function is another good feature of Mastodon. You cannot search for any text of a toot but you can search and follow a hashtag. This is a good feature as it gives less a chance for anyone who wants to introduce noise to a conversation.

To be honest, there is a lot of room for Mastodon to be improved on security side of things. At the moment, data-at-rest in a Mastodon instance are not encrypted. That means all toots, direct messages and even passwords are stored in plain text. Thus, if you sign up with an instance, you are effectively trusting the administrators for your data. This is also the reason where 2FA (second-factor authentication) should be setup. (Reference: Operating Mastodon, Privacy, and Content)

People using Mastodon are mostly in technology space at the moment. Thus, I guess it will take some for people to switch to use Mastodon. If you want to find out popular users (handles) which have made the move, you can probably search for #TwitterMigration and #followfriday.

There are also tools to help the migration from Twitter.

Future

Like my Facebook account, I will probably keep it but not log onto it unless I have to. My social media app to use will be Mastodon in the near future and you can find me with handle @alexhokl@hachyderm.io.

Thanks

Thanks to @nova for spending time and money to set up a Mastodon instance. (link to Ko-fi)

Social
Alex Ho
Authors
Alex Ho
Software Developer
Experienced software engineer with interests in web and cloud technologies