Blocking big instances might save the Fediverse
A few days ago, the new social network Threads fulfilled the promise it made a few months ago. It started testing the implementation of ActivityPub, the protocol responsible for the interoperability between all the instances of Mastodon, Pleroma, Lemmy, PixelFed (what we like to call the Fediverse).
Back in July, when it was announced that this new social network was planning to implement ActivityPub, the Fediverse was divided over whether to allow or to block federation with it. Now we're back in this debate, but now we know they're really doing it.
This whole discussion centers on the fact that Threads is yet another product of Meta, the tech giant that owns Facebook, Instagram and Whastapp. In fact, to use Threads you must have an Instagram account.
Many of us who lurk in the Fediverse view this move by Meta with suspicion. Tech giants have a long history of adopting open protocols when they are favorable to their business and abandoning them when they have already built a big user base and don't want those to flee to other platforms. Examples abound. The most famous are those of the RSS protocol, abandoned by Google Reader, and the XMPP/Jabber protocol, abandoned by Google Talk and Facebook Messenger.
There's little doubt that the same could happen with ActivityPub. If Meta is currently considering adopting it, it's because they think they can get some commercial benefit from it. But if this strategy doesn't work, if they reach the conclusion that it is in fact detrimental to their financial health, the protocol will certainly be abandoned.
Many fear that this could happen, that the Fediverse will become too dependent on a single instance where most of the users host their accounts.
Many even think that that is in fact Meta's big evil plan. They will enter the Fediverse, build a big user base and abandon it, leaving all the other users wishing they were on Threads so they can continue to interact with the majority of their contacts. But does that make any sense? Just a few hours after Threads was launched, it already had more users than the entire Fediverse. Why would they want to extinguish something that can't stand up to them?
We all know in fact who their main rival is: Twitter, the social network that launched the concept of microblogging but has become a nightmare after being acquired by its new billionaire last year . And yes, there is also another potential competitor: BlueSky, the new social network launched by the former billionaire of Twitter, Jack Dorsey. It was supposedly designed from the start to be decentralized, but so far this has been nothing more than promises.
Maybe this whole adoption of ActivityPub thing is some kind of plan to win this space. I have no idea. But I know they're not doing it just because they believe in decentralization. If they did believe, why haven't they implemented it on Facebook or Instagram? Why do we even need an account to read posts from those platforms? Why don't they make their users' posts available via RSS so that we can follow them without accessing their platform, like Mastodon has done from the beginning?
A very interesting feature of Mastodon is the ease with which you can migrate an account from one server to another, bringing all the followers from the old account to the new one. According to Eugen Rochko (Gargron), Mastodon's creator, his "wife is looking forward to deleting her Instagram account once she can connect with the same folks from her Mastodon account. Being able to remain in touch with over 100M people who still use Meta products out of the comfort of an ad-free, privacy-friendly platform like Mastodon is a game changer".
What Gargron doesn't tell us is how he expects that to happen. First of all, ActivityPub is being tested on Threads, not Instagram. But let's imagine that Instagram goes down that road too. Can you imagine Instagram implementing an account migration feature that allows its users to move away to a Mastodon instance? I can see it happening in the opposite direction, sure. But believing that Meta will allow any celebrity to leave its platform while keeping their millions of followers, is totally naive.
Even if they did allow it, and if they somehow managed to monetize posts from other servers, it would still be a huge risk if those celebrities' followers also decided to migrate to the same server where the cool kids/On the other hand,are now.
But wait a minute. Why am I so critical of Meta's plan, when I've always been and advocate for interoperability? And, like me, why are so many other defenders of open protocols wary of federation with Threads? Isn't it contradictory that, now that this platform is going to adopt one of those protocols, we are so suspicious and thinking of blocking it in our accounts and on our servers? Aren't we the ones who compare ActivityPub with SMTP, the successful protocol that allows email to also be a decentralized and federated system?
Well, when we advocate the adoption of open protocols, what we're really saying is that anyone with some technical ability can create and manage a server. If so many people can do it, then the existence of servers that hold a majority of users is completely unnecessary. There are currently thousands of Mastodon servers (instances.social currently lists almost 17,000). Most of those only have a few dozen users. This is what we call decentralization. It's the possibility for a community to have its own corner of the Internet, free and independent of the big tech infrastructure. On the other hand, if a majority of users are centered on a single server, can we really call that decentralization? Multiple servers orbiting a massive server, resembles a centralized system more than the opposite.
I've thought about this a lot and I believe that the way forward is to block any instance that becomes a threat to the existence of the Fediverse by accumulating a significant percentage of users. I'm not only talking about Threads, Instagram, Twitter, Tik Tok, etc. I'm saying that we should also block any instance of Mastodon that grows beyond a reasonable size. Yes, Gargron, we're keeping an eye on your instance, too. Just like we block instances with hateful content, we should block any instance that may be toxic to the environment. That means blocking ones that are, or have become, bigger than they should be.
Basically, and going back to the email analogy, we don't want another Gmail. We want diversity.
But, unfortunately, not everyone agrees with blocking these platforms, which means that the Fediverse is split between blocking and non-blocking instances. In the latter, users will be able to interact with those trapped in Threads. In the former, this won't be possible.
Perhaps some users will migrate from the blocking instances to permissive ones where they will be able to follow Cristiano Ronaldo or Kim Kardashian's posts. I'd rather look at the bright side of it and enjoy that some other people will choose to delete their big tech social accounts and move to smaller instances where they will be able to interact with the many interesting people and communities who have chosen to keep control of their own data and posts.
Blocking is taking care of our space. It means keeping it healthy and free from manipulative algorithms, targeted advertising and dark patterns. Blocking is the best way to send out the message that we're fine as we are and don't need Zuckerbergs or Musks to get what, after all, we already have.
tags: mastodon, fediverse, block, threads
Hacking a custom homepage for your Mastodon instance
Starting with version 4.0.0, Mastodon's homepage is not that great. It defaults to the "explore" page that basically shows the public timeline of that instance. If you want to know more you have to click on the "Learn more" button and then you're presented with the about page that shows the long description of the instance, the rules and the list of moderated servers. And it all shows up in a column centered on the page, which is kinda limiting.
You can add some html tags to the description of the instance. That is good. But you can't do it in the rules section, where you can't even add hyperlinks.
In our instance, Ciberlândia, we decided to hack a custom homepage:
Looks good, doesn't it? aiscarvalho and rlafuente did a great work with the design of the page.
We didn't want to mess with the Mastodon source code, so we did it all by hacking a few rules in the NGINX config.
First step: Create your homepage html
SSH to your server as the mastodon user (or sudo - mastodon if you're already logged in as root).
Create the directory where your html will be. We used /home/mastodon/live/custom-index/. Put your index.html, images and css files in there.
Second step: Add rules to NGINX config
In this step you have to be logged in as root.
Edit the file /etc/nginx/sites-available/mastodon and add these lines (don't forget to change you Content-Security-Policy according to your needs):
# START CUSTOM HOMEPAGE
location /welcome {
rewrite ^ /welcome/ redirect;
}
location /welcome/ {
alias /home/mastodon/live/custom-index/;
add_header Content-Security-Policy "default-src 'none'; font-src 'self'; img-src 'self' data:; script-src 'self'; style-src 'self'; frame-ancestors 'none'; base-uri 'none'; form-action 'none'";
add_header X-XSS-Protection "1; mode=block";
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options nosniff;
}
location = / {
if ($cookie__session_id = "") {
rewrite ^/$ https://<**your instance url in here**>/welcome/ redirect;
}
try_files $uri @proxy;
}
# END CUSTOM HOMEPAGE
Final step: restart NGINX
Run this:
systemctl restart nginx
Now when a user tries to access the root of your site, NGINX will check if the user is logged in (checking the value of the cookie session_id) and redirect them to your custom page which is located at the /welcome/ path.
If the user is logged in, they will of course be served the default Mastodon interface.
[EDIT 2023-03-12] Added security headers
tags: mastodon, nginx, ciberlandia