Monday Monday...

Last night there was a blackout for over an hour. The local substation overloaded because everyone in the area had their AC running on full blast. And this week they say they're coming to finish the FTTH installation.

My wife bets that the appointment will fall through this time too.
We'll see!

Have a great week, #BSDCafe
Have a great week, #illumosCafe
Have a great week, #Fediverse

@_elena it angers me that VDL and Lagarde jumped on this bandwagon apparently without any vetting – just based on some weird backroom Davos connections and apparently hold themselves too good for and too high and mighty for a presence on the open democratic #fediverse. 😠

They should plusOne the Fediverse.
#plusOne

🛡️ #Cybersecurity news & tips across the #fediverse

“Sick of fighting them resurrecting Chat Control again and again and again ? Stop asking nicely. Hit them where it hurts - organise to leave the EU. # eu # eupol # chatcontrol # surveillance # security ...”

https://mastodon.ie/@rzeta0/116828667962105086

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“RE: https:// social.lansky.name/@hn100/1168 28485146491866 Anyone know whether these are in Washington state? I haven’t seen them, but…perhaps we should drag Aurora Ave above 90th in Seattle?
# FlockCameras #...”

https://mastodon.green/@odaraia/116828560299528894

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“In clear violation of the # PrivacyAct of 1974 & the E-Government Act of 2002: # WhiteHouse "now operates four public # federal # websites : ndstudio.gov, trumprx.gov, realfood.gov & trumpaccounts.gov."
All a...”

https://masto.nyc/@GetMisch/116828335053355374

🤖 via RSS feed. Not an endorsement.

Want to watch Zarkorr! The Invader (1996) in tonight's #Monsterdon #WatchParty ?

The collection on #NeoDB ( #Fediverse alternative to Letterboxd etc) now has links for:
- streaming video on demand
- download on demand
- scheduled stream
- search for more streams & downloads

https://eggplant.place/collection/6ICD4rDFsYEIcTpY8UTpdk

Ad-free options are Miru, downloads & Internet Archive, or use one of the options here:
https://ohai.social/@klu9/115245207831850566

@monsterdon

Alt...

Screenshot of the entry for Zarkorr! The Invader (1996) in the #Monsterdon collection on Eggplant.place, bleeding edge instance of NeoDB, media cataloguing platform & fediverse alternative to Letterboxd, Goodreads, RateMyMusic etc

🛡️ #Cybersecurity news & tips across the #fediverse

“Analysis of the underlying source code for four of the websites written by the secretive National Design Studio (NDS)
found that on at least two of them,
the studio installed a commercial tool called PostHog
that cl...”

https://c.im/@cdarwin/116828322225558491

🤖 via RSS feed. Not an endorsement.

Since ​@evan@cosocial.ca seems unable (or unwilling) to understand that many users desire the #FediVerse to be a place where opt-in is the normal and expected implementation for features such as #relays I propose that #fedidevelopers take up this call.

The problem: the implementation of relays lacks sufficient user-based controls. While users may (at least on platforms such as GotoSocial) add relays they desire to have their content sent to, there are no user based controls over relays configured at the instance level.

The current implementation appears to have unintended, and unconsidered consequences associated with it.

Ban evasion can likely be achieved through chaining relays together. We have already seen the unintended consequence of a relay following tags.pub leading to content being relayed non-consensually.

Something that has not been considered is potential damages to users in regions where political, social, or religious beliefs are sensitive topics need to maintain tight controls over where their content is sent. This is a case where the handling and relaying of posts needs to be 100 percent bulletproof.

The Solution: all platforms in the Fediverse should implement instance level relays in the following manner:

1. Instance level relays are disabled for all users on that instance.
2. User settings provide a list of the relays provided at the instance level.
   1. Users can opt to leave the relay(s) disabled, or
   2. They can choose to enable the relays they trust their content being sent to.

Through this implementation we avoid clunky workarounds like adding hashtags to profiles. Also, we make this feature more discoverable for new users who are unfamiliar with the conventions of the FediVerse.

I am unfamiliar with the #FEP submission process and requirements. Anyone willing to work with me on this, I would like to see this brought forth as a FEP.

#fedideveloperverse #fedideveloper #mastodon #gotosocial #misskeyworld #misskey #pixelfed #microdotblog #pleroma #sharkeydev
@alice @admin @gotosocial @Gargron

When you're a Very Important user on the #Fediverse, and you spend 3+ hours writing dozens of responses about how something is opt-in actually (it isn't), and that you understand consent (after-the-fact), maybe you should take the next 3 hours to reflect on how wrong you are.

#subtoot #hashtags #bots #relays #ConsentIsSexy

Hello everyone on #mastodon ,if you want to earn money easier grow cabbage because they take less time to get harvest.
And fighting hidden hungers in schools and communities they have helped us much more, so if you would like joining us. Welcome together we can grow.
#Today or #tomorrow
#gardening #2024Election #nature #c108webcatalog #free #love #local #farmers #environment #agroecology #climatechange #fediverse #solarpunksunday #performance

Alt...

Smile cabbage 😁

Alt...

Come and we grow together

🛡️ #Cybersecurity news & tips across the #fediverse

“Fascism is alive & kicking all opposition very hard under Trump’s NSPM7-driven, 100-year-long jail term, Palantir-enabled Hitlerite ‘Gleichschaltung’ regime! “Hot Type: The Machinery of the Fascist State” by Heidi Cud...”

https://expressional.social/@GrumpyOldFart/116827873288651569

🤖 via RSS feed. Not an endorsement.

When's the last time you went to Preferences > Accounts and checked how many sessions you've got open?

Assumes standard Mastodon 4.x. Not Misskey, its variants, or other frontends.

#Accounts #Fediverse #Mastodon #Security

@alice @frog_reborn Also it's good to remind everyone the #Fediverse isn't the "Move Fast And Break Things!" corner of the internet but the "Move Slow And Build Things!" corner!

https://mastodon.social/@kkarhan/116828967395800309

#MoveSlowAndBuildThings #MoveFastAndBreakThings #Fediverse #CommunityCare

Welcome to an interactive map of electronic sound evolution. From the first experiments with electricity to neural audio. Navigate the timeline, explore events, listen to music.

https://nodemusic.cc/

#music #fedimusic #fediverse #history #interactive #map #electronicmusic #experimentalmusic #sound #evolution #electricity #neural #radio #synth #synthetizer #study #nodemusic

@electronicmusic
@ExperimentalMusic

Alt...

Welcome to an interactive map of electronic sound evolution.

Alt...

Welcome to an interactive map of electronic sound evolution.

Alt...

Welcome to an interactive map of electronic sound evolution.

Alt...

Welcome to an interactive map of electronic sound evolution.

tags.pub has unsubscribed from all open relays. Evan recognises there's a mismatch of expectations on what Relay 2 relay, R2R connections should be like.

It should not have taken as long as it did but it's done. However this is ultimately a stop gap and not a full solution. What was asked for was an opt-in solution because there is value in having relays of relays.

So on the tags.pub issue, how should R2R relays gain consent?🧵

#TagsPub #Relays #Fediverse #OptIn

Alt...

a diagram potentially explaining the structure. a Source Instance to an open relay that the source instance is registered with (primary relay) to tags.pub (secondary relay) content is passed from the instance to the primary relay, and then onto the secondary relay. The question asked, how did the secondary relay receive consent from the primary relay?

🛡️ #Cybersecurity news & tips across the #fediverse

“The Supreme Court is building its own massive police force https://www.politico.com/news/magazine/2026/06/28/supreme-court-justices-security-police-00969784?utm_source=RSS_Feed&utm_medium=RSS&utm_campaign=RSS_Syndicatio...”

https://social.espeweb.net/objects/2001838a-9aa5-4d4d-8042-5ed1be095e71

🤖 via RSS feed. Not an endorsement.

@maxleibman I think that for most hashtags, there are multiple authors that use the tag. I don't think anyone owns the #fediverse hashtag.

I added a ticket to track this issue. It makes me uncomfortable to think that anyone "owns" a hashtag. But others don't agree, so I'd like to find an accommodation.

https://github.com/social-web-foundation/tags.pub/issues/50

🛡️ #Cybersecurity news & tips across the #fediverse

“Content warning: EU chat control 1.0, and 2.0, eupol, its back EU chat control 1.0 and 2.0 are back on the menu and this time they are passing them behind closed doors in the next few days.

We need to email our rep...”

https://woem.men/notes/ao140np5x9wx064x

🤖 via RSS feed. Not an endorsement.

I have written before about putting a cache in front of snac (https://it-notes.dragas.net/2025/01/29/improving-snac-performance-with-nginx-proxy-cache/), and more recently about the HAProxy layer in front of FediMeteo (https://it-notes.dragas.net/2026/05/18/fedimeteo-haproxy-and-the-art-of-not-wasting-snac-threads/). The general idea is always the same: the reverse proxy should absorb the repetitive, public work that has no business reaching the application server.

This post is the same idea applied to a much louder neighbour: a Mastodon instance. The instance is mastodon.bsd.cafe (https://mastodon.bsd.cafe/), the proxy is nginx on FreeBSD, and the configuration below is what I am currently running in production.

Mastodon is heavier than snac in every direction. It has Puma and Sidekiq behind it, more endpoints, more streaming, more federation patterns, and one specific characteristic that complicates everything: it serves multiple representations on the same URLs. The same path returns HTML to a browser, ActivityPub JSON to a remote instance, and sometimes plain JSON to an API client. If the proxy treats the URL as one thing, sooner or later it will return the wrong thing to the wrong client.

Most of the work below comes from that single observation.

If I had to summarize this whole post in a single sentence, it would be this:

Mastodon is not a website. It is a website, an API, and an ActivityPub server, all sharing the same URLs.

Everything else in this configuration - cache keys, variants, bypass rules, the diagnostic headers - is decoration around that one fact.

A popular toot from a friend gets boosted. Twenty federated instances ask for the same ActivityPub object within the same second. Browsers fetch the HTML version of the same URL. If the proxy sees only "a URL", it will eventually betray you: a remote instance will receive HTML, a browser will receive ActivityPub JSON, and you will spend an afternoon wondering why your timeline looks broken on three different servers. I have spent that afternoon. I do not recommend it.

Assumptions before anything else

The first assumption is that AUTHORIZED_FETCH (secure mode) is disabled. With secure mode off, all ActivityPub GET responses cached at the proxy layer are public and identical regardless of the requesting actor. With secure mode on, Mastodon can legitimately return different bodies depending on which remote actor is asking, and caching them blindly at the proxy becomes at best wasteful, at worst a cache-poisoning surface.

This is not a hypothetical. CVE-2026-25540 (https://nvd.nist.gov/vuln/detail/CVE-2026-25540), fixed in Mastodon 4.3.19, 4.4.13, and 4.5.6, is exactly this kind of mistake, but inside Mastodon's own Rails.cache: the pinned posts and featured hashtags endpoints had actor-dependent ActivityPub responses but were keyed without the actor. The CVE does not directly apply to nginx caches, but the underlying lesson does. Do not cache what depends on the caller unless the caller is part of the cache key. Keep this rule in mind every time you are tempted to cache a federation endpoint "just in case".

The second assumption is that no signed-URL storage backend sits behind /system/ or /media_proxy/. If those paths ever redirect to short-lived presigned S3 or SeaweedFS URLs, my TTLs below are too long: nginx will happily cache a redirect to a URL that has already expired.

The third assumption is that federation traffic uses HTTP Signatures, not the HTTP Authorization header. Mastodon signs federated GETs with the Signature header. The Authorization-based skip-cache rule further down catches API tokens, not signed federation traffic. If you enable AUTHORIZED_FETCH, you must add an explicit skip rule for $http_signature.

I am being deliberate about these assumptions because the configuration that follows is internally consistent only as long as they hold.

The proxy in front of mastodon.bsd.cafe has three jobs:

TLS termination, microcaching of expensive endpoints (especially federation-heavy collections and default public routes), and long-lived caching of immutable assets and user media.

The point is not to replace Mastodon's internal Rails cache. The point is to absorb spiky federation traffic and repetitive asset fetches that would otherwise hit Puma and Rails for every single request.

The strategy is deliberately layered: very long TTL on fingerprinted assets, medium TTL on user-uploaded media, very short microcache on dynamic pages and federation endpoints that get hammered, and explicit bypass rules for anything private, authenticated, actor-dependent, or otherwise unsafe.

Every cacheable layer is keyed correctly for content negotiation. That is the part that matters most.

The cache zone

proxy_cache_path /var/cache/nginx/mastodon
                 levels=1:2
                 keys_zone=mastodon_cache:200m
                 max_size=20g
                 inactive=24h
                 use_temp_path=off;

inactive=24h evicts anything not requested for a day, even if there is free space. This is intentional. I do not want a long, cold tail of stale entries to squat in the cache forever. I want the working set to remain hot, and I want the rest to fade.

use_temp_path=off is small but important. By default nginx writes a cached response to a temporary file and then renames it into place. If the temp path and cache path are on different filesystems, that cheap rename becomes a real copy. Setting use_temp_path=off puts temporary files directly under the cache directory and avoids that trap. It is the kind of detail nobody mentions until something is suspiciously slow.

Of all the maps in this configuration, only one really earns its place. This one:

map $http_accept $mastodon_cache_variant {
    default                          "default";
    "~*application/activity\+json"   "activitypub";
    "~*application/ld\+json"         "activitypub";
    "~*application/json"             "json";
    "~*text/html"                    "html";
}

The map normalizes Accept into four buckets - activitypub, json, html, and default - and the result is folded into the cache key in every location that does content negotiation:

proxy_cache_key "$scheme$host$request_uri|accept=$mastodon_cache_variant";

A subtle point I want to be explicit about: I do not include $request_method in the cache key. nginx already converts HEADinto GET for caching purposes by default, which is what I want here. A HEAD request on /@user/123 should hit the same cache entry as a GET request on the same URL. Adding the method would only separate them for no benefit.

During rollout I also expose the selected variant as a response header:

add_header X-Cache-Variant $mastodon_cache_variant always;

This is the first real gotcha, and I want to spend a moment on it because it caught me out the first time I configured a similar setup.

nginx honors the upstream Vary response header in addition to proxy_cache_key. If Mastodon emits Vary: Accept, or worse, Vary: Accept, Cookie, ..., my carefully normalized variant key gets paired with nginx's native Vary handling. The result is that the cache may still fragment on the full, un-normalized Accept header - which defeats the entire point of the variant map.

There is another, very specific failure mode on older or unpatched nginx builds. nginx stores the Vary value in a fixed-size cache metadata field. Historically that field was 42 bytes, which is famously short and almost charmingly suspicious of being a Douglas Adams reference. Modern nginx raised the limit to 128 bytes, which is enough for the common cases but still surprisingly small. If your upstream emits a long Vary header, anything beyond the limit is treated as Vary: *, which means the response is not cached at all. The only signal you get is a critical line in the error log, and unless you are looking for it, you will not see it.

The operational lesson is the same in both cases: if you rely on your own normalized variant key, do not assume upstream Vary is harmless. Check your nginx version, check your error log, and verify cache behaviour via X-Cache-Statusand X-Cache-Variant.

On the locations where the variant map is the cache dimension I care about, I take responsibility explicitly:

proxy_ignore_headers Vary;

proxy_set_header Accept-Encoding "";

Rather than build one giant boolean to decide what bypasses cache, I prefer to decompose the logic into small orthogonal maps. Each map is 1 when caching must be skipped, and the final decision is an OR of all of them.

map $request_method $skip_cache_method {
    default 1;
    GET     0;
    HEAD    0;
}
map $http_authorization $skip_cache_auth {
    default 1;
    ""      0;
}
map $http_cookie $skip_cache_cookie {
    default 1;
    ""      0;
}
map $uri $skip_cache_uri {
    default                  0;
    ~^/auth                  1;
    ~^/oauth                 1;
    ~^/settings              1;
    ~^/admin                 1;
    ~^/api/v1/custom_emojis$ 0;
    ~^/api/v1/instance$      0;
    ~^/api/v2/instance$      0;
    ~^/api/v1/trends/tags$   0;
    ~^/api/oembed$           0;
    ~^/api/                  1;
}

The important caveat I want to underline: the Authorization map does not catch signed federated GETs. Mastodon federation uses HTTP Signatures, which means the relevant request header is Signature. If AUTHORIZED_FETCH is enabled, you must add a parallel map:

map $http_signature $skip_cache_signature {
    default 1;
    ""      0;
}

The maps are used together in each cacheable location:

proxy_cache_bypass $skip_cache_method $skip_cache_auth $skip_cache_cookie $skip_cache_uri;
proxy_no_cache     $skip_cache_method $skip_cache_auth $skip_cache_cookie $skip_cache_uri;

Most locations share a common proxy baseline. There is nothing clever here, but if any of these lines is missing the rest of the configuration quietly does less than expected.

proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Connection "";
proxy_set_header Accept-Encoding "";

proxy_set_header Accept-Encoding "" keeps backend responses uncompressed so nginx can cache a single representation and handle client-facing compression itself. It also prevents accidental cache fragmentation through Vary: Accept-Encoding, which would otherwise creep in despite the variant map.

These settings are not exciting, and they should not be. The interesting parts of an infrastructure are not always the parts that should be unusual.

The Mastodon server block in my configuration ends up with seven distinct request profiles. Six of them cache; one explicitly does not, because streaming is not a cacheable workload.

I do not group them under one location / with a giant if block. I prefer to keep each profile in its own location, even if some of them look similar. When something goes wrong in production, I want to be able to point at one location and reason about it without holding the rest of the configuration in my head.

location ~ ^/(assets|packs|emoji)/ {
    proxy_cache mastodon_cache;
    proxy_cache_key "$scheme$host$request_uri";
    proxy_ignore_headers Vary;
    proxy_cache_valid 200 301 302 7d;
    proxy_cache_valid 404 10m;
    proxy_cache_lock on;
    proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
    proxy_cache_background_update on;
    proxy_cache_bypass $skip_cache_method $skip_cache_auth $skip_cache_cookie $skip_cache_uri;
    proxy_no_cache     $skip_cache_method $skip_cache_auth $skip_cache_cookie $skip_cache_uri;
    proxy_pass http://$custom_upstream;
}

404s get a short 10-minute TTL so a temporarily missing asset can recover quickly.

proxy_cache_lock on is the thundering-herd guard. When a popular asset is not cached and ten clients ask for it at once, nine wait for the first request to populate the cache instead of all ten hammering the backend. I like this directive a lot. It is the kind of small switch that quietly removes a class of problems.

proxy_cache_use_stale together with proxy_cache_background_update is the stale-while-revalidate pattern. If an entry has expired but Mastodon is slow or briefly down, nginx can serve the stale copy and refresh it asynchronously. For static assets this is almost always the right trade-off. The asset has not actually changed under the same URL, and a few extra hours of stale data hurt nobody.

location ~ ^/system/(accounts/avatars|media_attachments/files|custom_emojis/images)/ {
    proxy_cache mastodon_cache;
    proxy_cache_key "$scheme$host$request_uri";
    proxy_ignore_headers Vary;
    proxy_cache_valid 200 302 6h;
    proxy_cache_valid 404 5m;
    proxy_cache_lock on;
    proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
    proxy_cache_background_update on;
    proxy_cache_bypass $skip_cache_method $skip_cache_auth $skip_cache_cookie $skip_cache_uri;
    proxy_no_cache     $skip_cache_method $skip_cache_auth $skip_cache_cookie $skip_cache_uri;
    proxy_pass http://$custom_upstream;
}

The 302 status is also cached, because Mastodon may redirect to another storage location, and the redirect is usually stable enough to cache for hours.

This is also where the caveat about signed URLs really matters. If you ever put a signed-URL backend behind /system/, this TTL must be shorter than the signed URL lifetime, or nginx will eventually serve a redirect to a URL that no longer works. On mastodon.bsd.cafe I do not use signed URLs, so six hours is fine.

location ~ ^/(users|ap/users)/[^/]+/statuses/[0-9]+/replies {
    proxy_cache mastodon_cache;
    proxy_cache_key "$scheme$host$request_uri|accept=$mastodon_cache_variant";
    proxy_ignore_headers Vary;
    proxy_cache_valid 200 30s;
    proxy_cache_valid 404 10s;
    proxy_cache_lock on;
    proxy_cache_lock_timeout 1s;
    proxy_cache_lock_age 5s;
    proxy_cache_bypass $skip_cache_method $skip_cache_auth $skip_cache_cookie $skip_cache_uri;
    proxy_no_cache     $skip_cache_method $skip_cache_auth $skip_cache_cookie $skip_cache_uri;
    proxy_pass http://$custom_upstream;
}

A 30-second microcache absorbs the spike without serving meaningfully stale data. A reply that appears 30 seconds late in a federated thread is usually invisible to humans, while the backend relief is very visible.

The lock settings keep backend load and latency bounded. proxy_cache_lock_timeout 1s bounds how long queued requests wait behind the lock. If the timeout expires, they go to the upstream directly, but their responses are not stored in the cache, which prevents a runaway thundering herd from clogging the cache fill path. proxy_cache_lock_age 5s prevents one slow cache-populating request from monopolizing the fill path forever; if the request holding the lock has not completed after 5 seconds, nginx may let another request reach the upstream to retry.

I have currently left proxy_cache_use_stale off on this location while I am still validating the deployment. This is a deliberate debugging stance, not a permanent choice. Stale-while-revalidate is useful in production, but during rollout it can hide upstream issues while I am trying to understand the system. Once the behaviour is stable, the production version will be:

proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
proxy_cache_background_update on;

location ^~ /media_proxy/ {
    proxy_cache mastodon_cache;
    proxy_cache_key "$scheme$host$request_uri";
    proxy_cache_valid 200 10m;
    proxy_cache_valid 301 302 10m;
    proxy_cache_valid 404 1m;
    proxy_ignore_headers Cache-Control Expires Vary;
    proxy_cache_lock on;
    proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
    proxy_cache_background_update on;
    proxy_cache_bypass $skip_cache_method $skip_cache_auth $skip_cache_cookie $skip_cache_uri;
    proxy_no_cache     $skip_cache_method $skip_cache_auth $skip_cache_cookie $skip_cache_uri;
    proxy_pass http://$custom_upstream;
}

proxy_ignore_headers Cache-Control Expires Vary is deliberate here. Mastodon may emit conservative cache headers, or none at all, and I want the proxy to enforce a short local 10-minute policy regardless of what the backend says.

Set-Cookie is not in the ignore list. nginx's default refusal to cache responses carrying Set-Cookie still applies, and I want it to. It is a safety net I do not want to disable just to win a few cache hits.

The ^~ prefix is a small useful detail. Once this location matches, nginx stops evaluating regex locations. Media proxy traffic can be heavy, and skipping further regex matching is a tiny but free win.

location ~ ^/(users|ap/users)/[^/]+/(followers|following) {
    proxy_pass http://$custom_upstream;
}

/users//followers and /users//following are pagination-heavy, change frequently as people follow and unfollow, and are queried by federation crawlers in ways that would make the cache key proliferate through pages and cursors. The likely hit ratio is poor, the risk of serving stale social graph data is non-trivial, and the cost of caching them - in storage and in mental overhead - is not worth it.

If a remote instance starts hammering these endpoints, the right answer is rate limiting with limit_req_zone, not retrofitting cache as a rate limiter.

Default location: the microcache and streaming without cache

location / {
    proxy_cache mastodon_cache;
    proxy_cache_key "$scheme$host$request_uri|accept=$mastodon_cache_variant";
    proxy_ignore_headers Vary;
    proxy_cache_valid 200 10s;
    proxy_cache_valid 301 302 1m;
    proxy_cache_valid 404 10s;
    proxy_cache_lock on;
    proxy_cache_lock_timeout 5s;
    proxy_cache_bypass $skip_cache_method $skip_cache_auth $skip_cache_cookie $skip_cache_uri;
    proxy_no_cache     $skip_cache_method $skip_cache_auth $skip_cache_cookie $skip_cache_uri;
    proxy_next_upstream error timeout http_502 http_503 http_504;
    proxy_next_upstream_tries 2;
    proxy_pass http://$custom_upstream;
}

The TTL is only 10 seconds for 200 responses. That is enough to deduplicate the wave of requests when a popular toot gets boosted or linked from elsewhere, without making the page feel stale to a human visitor.

It is worth being honest that short TTLs still cost CPU. A 10-second microcache on a sustained-traffic URL means the backend regenerates the entry six times per minute. That is vastly better than serving every request from Rails, but it is not free. If your backend cannot comfortably handle that, raise the TTL, or enable stale-while-revalidate on these dynamic paths.

proxy_next_upstream with proxy_next_upstream_tries 2 is the failover trigger. If the primary returns 502, 503, 504, or times out, nginx retries on the backup. The chain is capped at two attempts so a sick upstream cannot hold the request indefinitely.

At the http level:

map $http_upgrade $connection_upgrade {
    default upgrade;
    ""      close;
}

location /api/v1/streaming {
    proxy_buffering off;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
    proxy_read_timeout 3600s;
    proxy_send_timeout 3600s;
    proxy_pass http://$custom_upstream;
}

The hour-long read and send timeouts allow long-lived streams to stay open through quiet periods.

There is no cache here. Streaming is not a cacheable workload, and trying to make it one is one of those ideas that sounds clever for about thirty seconds.

Upstream and failover

upstream mastodonbsdcafe {
    server 192.168.123.33  max_fails=3 fail_timeout=30s;
    server 192.168.122.133 backup;
    keepalive 64;
}

keepalive 64 holds up to 64 idle TCP connections to the upstream per worker. On a busy instance, this saves real handshake overhead, but only if the proxied connection can actually stay open. That is why the shared proxy settings include proxy_http_version 1.1 and proxy_set_header Connection "". Without those, upstream keepalive does much less than it looks like it should.

I also use an indirection layer:

map $remote_addr $custom_upstream {
    default mastodonbsdcafe;
}

What I log and why

log_format detailed '$remote_addr - $remote_user [$time_local] '
                    '"$request" $status $body_bytes_sent '
                    '"$http_referer" "$http_user_agent" '
                    'rt=$request_time '
                    'uct=$upstream_connect_time '
                    'uht=$upstream_header_time '
                    'urt=$upstream_response_time '
                    'us=$upstream_status '
                    'ua=$upstream_addr '
                    'cache=$upstream_cache_status '
                    'variant=$mastodon_cache_variant';
access_log /var/log/nginx/access.mastodon.bsd.cafe.log detailed;
add_header X-Cache-Status  $upstream_cache_status always;
add_header X-Cache-Variant $mastodon_cache_variant always;

The cache status is one of the values nginx exposes through $upstream_cache_status: HIT, MISS, BYPASS, EXPIRED, STALE, UPDATING, or REVALIDATED. The response headers expose the same information to the client, which makes it trivial to verify behaviour with curl -I or browser dev tools.

The always qualifier matters. Without it, nginx only adds these headers to a subset of responses, so a 502 from the backend might arrive without the diagnostic headers you need most. I want them on every response, no exceptions.

There is also a small operational detail I find pleasant: a custom 502 page.

error_page 502 /502.html;
location = /502.html {
    root /usr/local/www/mastodon_errors;
    internal;
}

if ($http_user_agent ~* "bytespider") {
    return 444;
}

How I check it actually works

The first verification is variant separation. Three requests to the same URL with different Accept headers should produce three independent cache entries:

for v in 'text/html' \
         'application/activity+json' \
         'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'; do
  printf '%-75s -> ' "$v"
  curl -s -o /dev/null -D - -H "Accept: $v" \
    https://mastodon.bsd.cafe/@someuser/123456789 \
    | awk '/^[Xx]-[Cc]ache/ { printf "%s ", $0 } END { print "" }'
done

The second verification is that cookies and Authorization always trigger BYPASS:

curl -I -H 'Cookie: _mastodon_session=test' \
  https://mastodon.bsd.cafe/@someuser
curl -I -H 'Authorization: Bearer fake' \
  https://mastodon.bsd.cafe/api/v1/timelines/home

If you intend to enable AUTHORIZED_FETCH, the third verification is for signed GETs. A quick synthetic check that the nginx map fires correctly:

curl -I -H 'Signature: fake' \
       -H 'Accept: application/activity+json' \
       https://mastodon.bsd.cafe/users/someuser

Finally, the logs themselves tell me how the cache is performing in production. Cache status distribution:

awk '{
  for (i = 1; i <= NF; i++)
    if ($i ~ /^cache=/) c[$i]++
}
END {
  for (k in c) print k, c[k]
}' /var/log/nginx/access.mastodon.bsd.cafe.log

awk '{
  for (i = 1; i <= NF; i++)
    if ($i ~ /^variant=/) v[$i]++
}
END {
  for (k in v) print k, v[k]
}' /var/log/nginx/access.mastodon.bsd.cafe.log

Caveats worth being honest about

Short TTLs cost CPU. A 10-second microcache on a sustained-traffic URL means six backend regenerations per minute. That is much better than no cache, but it is not free. If the backend cannot comfortably handle that, raise the TTL or enable stale-while-revalidate on the dynamic paths.

Dynamic stale-while-revalidate is powerful but it hides problems. I currently keep proxy_cache_use_stale off on the dynamic locations because I am still validating behaviour. In steady-state production, stale-while-revalidate is usually the right choice. During rollout, it can quietly hide upstream errors and make debugging harder. Be honest with yourself about which mode you are in.

AUTHORIZED_FETCH changes the threat model. With secure mode disabled, public ActivityPub GET responses are safe to cache as public content, provided your cache key handles content negotiation correctly. With secure mode enabled, ActivityPub responses can become actor-dependent. At that point you must either bypass cache for signed GETs or include the signing actor in the key. The latter usually destroys the hit ratio, so bypassing is the practical answer.

The variant map is a compromise. It covers application/activity+json, application/ld+json, application/json, and text/html. Everything else falls into the default bucket. That is intentional, but the default bucket is still a bucket. If you discover a real client type that matters on your instance, add it explicitly.

Ignoring Vary is a responsibility. proxy_ignore_headers Vary is not magic; it tells nginx to stop protecting you based on upstream Vary. That is fine only if your own cache key and request normalization cover every dimension Vary was protecting. For this configuration that means normalizing Accept into a variant, avoiding backend Accept-Encodingvariation, never caching cookies or authorization, and never caching signed GETs if secure mode is enabled.

Followers and following are uncached on purpose. They are pagination-heavy and change frequently. Caching them would create many low-value entries with questionable freshness. If a remote instance hammers these endpoints, use limit_req_zone. Do not retrofit cache as a rate limiter.

Signed-URL redirects require shorter TTLs. Caching 302s is useful when redirects are stable. It is dangerous when redirects point to short-lived signed URLs. If your media storage returns presigned URLs, your nginx redirect TTL must be shorter than the URL lifetime.

Set-Cookie must remain special. Do not add Set-Cookie to proxy_ignore_headers unless you are absolutely sure the location cannot produce user-specific responses. nginx's default refusal to cache Set-Cookie responses is a safety net. Keep it.

A good configuration is a written form of the assumptions behind a service. When the assumptions change, the configuration must change too.

There is no single brilliant directive in this configuration. The trick is combining long TTLs for immutable assets, medium TTLs for media, tiny TTLs for dynamic public pages, cache locking for thundering-herd protection, strict bypass rules for private or actor-dependent traffic, a normalized content-negotiation key, and enough logging to prove the system is doing what I think it is.

What this layer buys me, in one sentence: fewer requests reach Puma and Rails.

That is the metric I care about. Mastodon is not slow, but it is heavy, and the bigger the instance grows the more it benefits from a layer in front that quietly absorbs the work that does not need to be done by the application. A reverse proxy that caches Mastodon safely has to remember, with every request, that the same URL might mean three different things to three different clients. Once it does, even a very short microcache can remove a surprising amount of load without changing the user-visible behaviour of the instance.

https://it-notes.dragas.net/2026/06/05/aggressive_caching_for_a_mastodon_reverse_proxy/

#ITNotes #NoteHUB #fediverse #hosting #mastodon #networking #nginx #ownyourdata #server #snac2 #social #web

An alle anderen: Ich freue mich riesig über einen Boost für die Reichweite, damit wir die Jungs an den Töpfen auch finden!
#gaychef #gastronomie #köche #queerchef #gaygermany #gaydach #lgbtq #fediverse #signal #berufskoch #profikoch #chefslife #küchenchef #schwul #gaybavaria #gaynetwork #queer #fedidach #mastodondach #gastro #kochen #schwuleköche
3/3

🛡️ #Cybersecurity news & tips across the #fediverse

“https:// m.youtube.com/watch?v=rwhznrpg l7k # Mullvad # Surveillance # Censorship # tech”

https://kolektiva.social/@Antisap/116825208666715780

🤖 via RSS feed. Not an endorsement.

Good morning 🌞 fediverse and friends. Hope everyone has a wonderful day today.

#Morning #Coffee #Fediverse

Hey #musicproducers I have some things I want to release but I feel concerned about LLM's scraping my voice for their training. Does any one know of something I could use to overlay with my voice that would create dirty data for LLM's but that would keep the listening clear for human ears?

Please boost for visibility #music #producer #MusicProducer #musicproduction #dirtydata #mastodon #fediverse #help #programmer #llms #ai #airesearch #newtech

🛡️ #Cybersecurity news & tips across the #fediverse

“We Can Still Stop # California ’s # 3DPrinter # Surveillance Scheme https://www. eff.org/deeplinks/2026/06/we-c an-still-stop-californias-3d-printer-surveillance-scheme # privacy # AB2047”

https://mastodon.thenewoil.org/@thenewoil/116822664940319604

🤖 via RSS feed. Not an endorsement.

Es kann einfach nicht gut gehen!

Moin #Fediverse und euch einen gesunden Start in diesen Sonntag.

In den letzten Wochen habe ich in der Bau- und KI-Investment Szene recherchiert und meine Ergebnisse nun hier 👉https://www.metacheles.de/ki-blase-durchgerechnet-erst-zahlen-dann-erschrecken/ veroeffentlicht.

Es ist die mit Abstand groesste Spekulationsblase der Menschheitsgeschichte & ihr seid alle betroffen, denn eure Altersvorsorgen haengen mit drin!

Wuerde mich sehr freuen, wenn ihr diesen Post boosten koenntet.

Vielen Dank fuer den Support 🙏

Behavior in socio-technical systems, such as the #Fediverse, are created structurally by the architecture of that system.

The moralizing of individual behavior that emerges from structural problems is very much the same as "carbon footprint", even if the larger sociotechnical framework is different.

All sociotechnical systems exist with cybernetic feedback from the users, and the less adaptable the technology is, the more adaptable the users will become.

Both shitty bots and dogpiling behavior exist because the sociotechnical environment creates the dynamic.

Happy #SilentSunday, friends of #BSDCafe, #illumosCafe, and the whole #Fediverse!

May the peace of this view bring calm to this day.

Alone or in good company, that bench is there for you.

#Peace #Relax #Summer #Tranquil #Sea #Italy #Italia

Alt...

A peaceful sunlit terrace overlooking the sea, with a stone bench beneath leafy shade, lanterns swaying gently, and a clear blue horizon suggesting a fresh, calming sea breeze.

🛡️ #Cybersecurity news & tips across the #fediverse

“RE: https:// mastodon.xyz/@rms/116821811483 092534 Google data = State data Don't give the # fascists more ammo. De-Google today! https:// knurdology.com/indigenize-medi a/ # BigTech # resist #...”

https://kolektiva.social/@rootschange/116822564886245264

🤖 via RSS feed. Not an endorsement.

🥵 🏆 Warnwarnung vom 27.06.2026, 21:02 Uhr für die deutschsprachige Timeline:

❗ Amtliche WARNUNG vor AMTLICHEN WARNUNG

Gültig bis: wirklich alle gewarnt sind

Auf der Timeline ist mit einer HÄUFUNG von WARNUNGEN über AMTLICHE WARNUNGEN zu rechnen.

warnung.bund.de/meldungen

#Fediverse #Warnung #Tsuwarni #Warnstufe2

RE: https://toot.fedilab.app/@apps/116722285369696704

The most common answer is people asking what #HolosDiscover is. It's a service that indexes messages across the #Fediverse and lets you search through the data. What makes HolosDiscover unique is that it's not a scraper. It has an account, several opt-outs that automatically remove data, and most importantly indexed messages are immediately removed or updated as soon as the owner makes a change.

Have a look at https://discover.holos.social

🛡️ #Cybersecurity news & tips across the #fediverse

“Just when you thought # ChatControl was under control. Then someone decides to spin the wheel once more. https:// fightchatcontrol.eu/ # eu # privacy # surveillance”

https://infosec.exchange/@dazo/116821986677833261

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“SHUT DOWN UK’s MINISTRY OF TRUTH # BigBrother Watch’s investigation revealed that # secretive # UK # government # disinformation units have been # spying on # political # dissent and suppressing ...”

https://mastodon.scot/@paka/116821902006485652

🤖 via RSS feed. Not an endorsement.

Laut https://fedidb.com/servers ist #tagspub bereits die viertgrößte Instanz im #fediverse.
Wie lange bis es die zweitgrößte ist nach Mastodon.social oder sogar Platz Eins?

Mal abgesehen davon dass das ein Haufen Leute erstmal mit Benachrichtigungen abfuckt, sie rausfinden müssen was da passiert und wie man das abstellt, was bedeutet es für des fediverse, wenn es als Netzwerk mit hunderttausenden Bots wahrgenommen wird? Als Außenstehender versteht man das ja erst Recht nicht.

Is there a way to disable auto-boost of titles watched on NeoDB? I linked my Mastodon account to my NeoDB account and everytime I list some titles as “completed” my post is automatically boosted by the linked Mastodon account.

Is there a way to disable this function?

Thank you!

#fedihelp #NeoDB #eggplantplace #help #fediverse

@fffhaus@mastodon.

Welcome to the #fediverse!

🛡️ #Cybersecurity news & tips across the #fediverse

“we had a lovely show yesterday with many bremen friends cheering for us. looking forward to tonight's show at kulturpavillion hannover!

now with special offer: bring a friend for 1/2 price 🦈🦈

https://pavillo...”

https://pixey.org/p/Ultramorbidi/976400880188579646

🤖 via RSS feed. Not an endorsement.

#Fediverse
I checked 4160 fediverse instances for their connectivity.

- A / AAAA record persent
- Reachabliltiy over #IPv6 if AAAA present.

107 Instances announce AAAA records but have broken inbound IPv6

1909 are #LegacyIP #IPv4only

2141 are #DualStack and have working inbound #IPv6

Way to go.

🛡️ #Cybersecurity news & tips across the #fediverse

“The WSJ exposes how tech extracts wealth from the masses via fake narratives. This completely demystifies the Western AI myth: it’s not a decentralized productivity engine—working-class wages have been stagnant since the...”

https://mastodon.social/@2k115/116820958713649732

🤖 via RSS feed. Not an endorsement.

@mullvadnet trying to gaslight the #Fediverse about "free speech" and fascism, and posting the same obviously PR-approved response to multiple negative posts about their co-CEO / co-founder donating money to fascists sure is a choice.

Barbara Streisand must be rolling in her grave.

How much of the fediverse magic is just that we opted in? No algorithm feeding us what's popular — we chose who to follow, what to see, and when to engage. That intentionality changes everything. #Fediverse #DecentralizedWeb

Bin gerade sehr verliebt ins #fediverse Mein erster Post von meinem neuen Betriebssystem - Linux Mint, dank Hilfe der community. #fedihelp #fedigive #did #dutgemacht #diday #linux
special thanks @karhima
https://swiss.social/@sonniandl_unterwegs/116821902262768718

AodeRelay boosted

sonniandl » 🌐 2026-06-27
@sonniandl_unterwegs@swiss.social

Seit Wochen wurschtel ich rum um auf HP spectre von W11 auf Linux umzusatteln. Beim booten von USB FM die ich als Dummy nicht verstehe. Z.B. (Pop_OS) SBAT self check failed: security policy Violation, oder (Mint) failed ... \EFI\BOOT\mmx64.. not found, MokManager: not found, import_mok_state() failed...
habe jetzt Secure boot und Datenverschlüss. deactiviert. Neu,Ventoy Stick installiert, iso drauf,von Stick booten: Was ist MOK, was tun? Forensuche noch nicht hilfreich. #fedihelp #linux

🔆 #FediTips for https://PrivacySafe.Social & the #fediverse

“I've made a couple of posters to promote the Fediverse, perhaps on community noticeboards, or at activist or tech events etc. I've left part of the posters blank so you can customise them with sources of info about the ...”

https://social.growyourown.services/@FediTips/116823039153949219

🤖 via RSS feed. Your Mileage May Vary.

Wrote up why lighthouse.co.im finally moved from bare metal to Docker Compose -- and why it took a toot from @adamhavelka to make me look at my own setup properly.
The short version: the bare metal wasn't ideology, it was Certbot trauma. Caddy fixed the actual problem.
One database migration did not survive the journey. Now documented so you don't have to rediscover it.
https://haunted.lighthouse.co.im/articles/bare-metal-to-docker/
#Mastodon #SelfHosting #Docker #Fediverse #AdminLife

accessing the #fediverse through Waterfox running on Haiku because why not

Alt...

curved widescreen monitor showing mxchara at seattle dot pink open in Waterfox on the HaikuOS desktop

I've made a couple of posters to promote the Fediverse, perhaps on community noticeboards, or at activist or tech events etc.

I've left part of the posters blank so you can customise them with sources of info about the Fediverse (for example useful websites, local user groups, local/national servers to join etc).

You can find the posters (and lots of questions answered) at:

➡️ https://fedi.tips/posters-for-promoting-the-fediverse

Also, any feedback, translations or alternative posters very welcome!

#FediTips #Fediverse

🛡️ #Cybersecurity news & tips across the #fediverse

“To defend against hybrid attacks, governments should team up with the private sector https://www.politico.eu/article/hybrid-attacks-governments-team-up-private-sector/?utm_source=RSS_Feed&utm_medium=RSS&utm_campaign=RSS...”

https://social.espeweb.net/objects/f75e81ab-7ce9-4a3f-9369-ff0501ba15bc

🤖 via RSS feed. Not an endorsement.

Short videos.
Your community.
Your rules.

https://joinloops.org

#Loops #Fediverse #TikTok

Trying to see where things are with FEP-ef61: Portable Objects. Anyone working on this?

https://fediverse.codeberg.page/fep/fep/ef61/

https://socialhub.activitypub.rocks/t/fep-ef61-portable-objects/3738

#fediverse #FEP #PortableObjects

Years ago I built a People Directory for the fediverse, to help you find people based on topics aka hashtags in their bio.

https://fediverse.info

Spread the word!

#fediverse #findPeople

RE: https://mastodon.social/@dansup/116822734968898442

I'm thinking a federated wiki type service with a trust metric that allows more trusted users to moderate/curate edits.

We could expand this beyond related hashtags.

#activitypub #fediverse #pixelfed #askfedi

dansup » 🌐 2026-06-27
@dansup@mastodon.social

Pixelfed has a related hashtags feature, and I'm thinking maybe we should create a global corpus to help curate them.

What do you think?

Alt...

Pixelfed new mobile app hashtag screen

Alt...

Pixelfed new mobile app hashtag screen in grid mode

FediCon 2026 website is now live, thanks to @reiver for organizing this!

https://fedicon.ca

#fedicon #activitypub #fediverse

🛡️ #Cybersecurity news & tips across the #fediverse

“Karma is coming. Quote from Wikileaks: Prominent US war hawk John Bolton has pled guilty to violating the Espionage Act after previously demanding execution for whistleblowers Edward Snowden & Chelsea Manning and 176 y...”

https://infosec.exchange/@AmmarSpaces/116819321092938488

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“# EFF , # TEDIC and # CEJIL Challenge Secrecy in the Use of Face Recognition in # Paraguay https://www. eff.org/deeplinks/2026/06/eff- tedic-and-cejil-challenge-secrecy-use-face-recognition-paraguay # ...”

https://mastodon.thenewoil.org/@thenewoil/116818300132627657

🤖 via RSS feed. Not an endorsement.

Hey #KommunenAmLimit - hier habt ihr eine #mastowall

https://rstockm.github.io/mastowall/?hashtags=KommunenAmLimit&server=https%3A%2F%2Fmastodon.social

Der Hashtag zeigt ganz gut, dass man mittlerweile auch im #fediverse Kampagnen fahren kann.

🎉 The Fediverse is meeting IRL at FediCon.

Talks. Demos. Panels. Real humans.

🎟️ Get your FOSSY ticket, which gets you into FediCon ⬇️
https://2026.fossy.ca/attend/tickets/

🌐 FediCon
📍 UBC campus, Vancouver (Canada)
🗓️ August 6-9

#FediCon #FediCon2026 #FOSSY #FOSSY2026 #Fediverse

Took a lil break from Pixelfed dev to update the fedicon.ca website, I hope @reiver approves and merges the PR!

https://dansup.github.io/fedicon-www/

It's much cleaner and informative, though it does need the final schedule and speakers.

I also added some logic to hide sections after certain dates 😎

#fedicon #fediverse #activitypub

🛡️ #Cybersecurity news & tips across the #fediverse

“@ WJCT @ jacksonville-today-WJCT If # pedo buddy # DeSantis was actually worried about government # surveillance , we wouldn't have # Flock cameras and # APRs everywhere. He's a sawed off, piece ...”

https://mastodon.social/@Bandersnatch/116818088853397546

🤖 via RSS feed. Not an endorsement.

In case you want to help us with the development (and we could really use your #frontend help right now, not gonna lie...) or you're just interested in dev side of things: join us on our new dev channel!

https://matrix.to/#/#pond-dev:matrix.org

#fediverse #opensource #needhelp #webdev

Ist es nicht ein bißchen arrogant, wenn wir hier im Fediverse etwas von "Stromverbrauch der KI RZ" schreiben und dabei im RZ daneben durch das Senden und Verteilen des toots Strom verbrauchen?

#fediverse #stromverbrauch #rechenzentrum

🛡️ #Cybersecurity news & tips across the #fediverse

“TikTok collects keystroke patterns, clipboard contents, and device identifiers beyond what most users realize when they agree to its terms. # privacy # tiktok # tracking # surveillance # indigoprivacy”

https://mastodon.social/@indigoprivacy/116817791667788983

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“Flock is expanding to collect SIGINT data harvested by Bluetooth sensors at traffic lights. At this point, it's making me sick seeing 5-10 devices hanging from almost every traffic light. This technology would allow ALP...”

https://infosec.exchange/@sethhonda/116817498990434675

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“RE: https:// mastodon.social/@gtbarry/11681 7365790247018 I have bookmarked the site. I opened the map & checked the 2 zip codes for my general neighborhood; Centennial Hills/Skye Canyon, Northwest # LasVegas ...”

https://mastodon.social/@PattyHanson/116817471507559276

🤖 via RSS feed. Not an endorsement.

It might be a good thing to start an antifascist movie night on Fedi.

Y'know. Rather than limit ourselves to fictional monsters and such.

What do you think?

#Fediverse #Movies

Good Morning #fediverse #tzag

🛡️ #Cybersecurity news & tips across the #fediverse

“President vs Parliament: # Metsola overrides MEPs in bid to force through child abuse law https://www. politico.eu/article/president- vs-parliament-roberta-metsola-overrides-meps-bid-force-child-abuse-law/ # ...”

https://mastodon.thenewoil.org/@thenewoil/116817356540243975

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“What's the plan for the 29th?? How are we going to hit them badly, are we even sure emails are enough? # ChatControl # privacymatters # surveillance”

https://mastodon.social/@juno0/116817234973507197

🤖 via RSS feed. Not an endorsement.

Invasion of Privacy! Demanding notice anytime! #mastodon #fediverse #dogsofmastodon #dogs #photo #photography

🛡️ #Cybersecurity news & tips across the #fediverse

“License Plate Cameras Are Tracking Your Life Without a Warrant Automatic license plate readers sold by surveillance companies are now using a technology called SignalTrace that uses sensors in the ALPRs to scrape electr...”

https://mastodon.social/@gtbarry/116817007231939856

🤖 via RSS feed. Not an endorsement.

Week in Fediverse 2026-06-26

Servers

- Vernissage Server v1.39.0
- Bookwyrm v0.9.0
- Mastodon v4.6.1
- GoToSocial v0.21.3
- Ktistec v3.6.0
- snac v2.93
- Mitra v5.6.0
- Misskey v2026.6.0
- NeoDB v0.16.2.1

Clients

- Fedilab v3.42.0
- Mastodon for Android v2.13.0
- Voyager 2.47.3
- Tesseract v1.5.4
- Holos v1.10.2
- Phanpy changelog
- Rocinante: A modern, open-source Android client for BookWyrm

For developers

- Fedify v2.3.0
- Masto.js v7.12.0

Articles

- FR#168 – LLMs Join The Fediverse

-----

#WeekInFediverse #Fediverse #ActivityPub

Previous edition: https://mitra.social/objects/019ee1be-dd85-7353-beca-83c9a087b4fc

🛡️ #Cybersecurity news & tips across the #fediverse

“The EU pushing "chat control" again is just wild. they really want to scan our devices under the guise of safety.
encryption is basically useless if they backdoor the OS, but at least we can hide our traffic metadata f...”

https://mastodon.social/@masara11/116816878234755119

🤖 via RSS feed. Not an endorsement.

RE: https://stefanbohacek.online/@stefan/116817281859547761

Every now and then I see people getting really upset when features change, break, or are missing.

Let this be your occasional reminder that the fediverse is run by regular people like you and me, who are doing their best with very limited resources.

I get being frustrated, but use that energy to file a bug report, maybe even offer help, if you have the skills. Or donate, if you can afford it.

We make the fediverse better by working together.

#fediverse

🛡️ #Cybersecurity news & tips across the #fediverse

“RE: https:// mastodon.social/@Tutanota/1168 15262001889776 # NoMeansNo # Privacy # Surveillance”

https://mastodon.art/@707Kat/116816645520605655

🤖 via RSS feed. Not an endorsement.

RE: https://mathe.social/@tomkalei/116812600219433585

Wie ihr vielleicht gesehen habt, ging gestern die neue #Mastodon Instanz

=> mathe.social <=

an den Start.

Wenn ihr Leute aus der (deutschsprachigen) #Mathematik kennt, die jetzt starten wollen... Bei der Registration bitte angeben, warum man auf mathe.social sein möchte und wer man ist.

Ich arbeite auch daran, dass mathematische Forschungsprojekte, Softwareprojekte, etc. ihre #wisskomm dort betreiben können und das wird dann ganz großartig.

Mehr #Mathe im #fediverse!

Hello #Boston #Massachusetts - its the end of June 2026 - every week I put together a thread of local events worth the trip, as a way to build community on the #fediverse. Follow along at #BostonWeekend and enjoy, enjoy your #NewEngland 1/???

🛡️ #Cybersecurity news & tips across the #fediverse

“Learn to recognize them: https:// petapixel.com/2026/06/25/meta- launches-cheaper-smart-glasses-without-ray-ban-starting-at-299/ # Meta # Surveillance”

https://en.osm.town/@mdione/116815828625564804

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“@ eff welcome to Cyberfascism... Same Corrsion Strategy as always … # Cyberfasism # CorrosionStrategy # PoliceState # SurveillanceState # fascism # Surveillance”

https://tech.lgbt/@Netzblockierer/116813765005038452

🤖 via RSS feed. Not an endorsement.

Hello everyone how do you grow your Chinese cabbage, for us this is how we grow small scales containing much food 🥑🥝
#mastodon #fediverse #environnement #climatechange #solarpunk #birds #nature #gaedening #gardens #agroecology #farming #farms #farmers #crops #Tec #technews #creativity #evolution #sustainability

Alt...

This is our Chinese cabbage 🥬 just 3 weeks ago we planted them

Post 1/2 Hallo Leute ich bin #neuhier und möchte mich mal etwas im #Fediverse ausprobieren. Ich wohne in #Leipzig und mache gerade quasi einen Neustart und möchte euch etwas aus meinem Leben teilen. Zu meiner Situation: Ich bin aufgrund psychischer Krankheiten nicht mehr als 3 Stunden arbeitsfähig und bekomme eine Erwerbsminderungs­rente. Zu meinem Neustart suche ich nach einer günstigen #Wohnung in #Leipzig. In meiner Freizeit beschäftige ich mich mit #Linux #Opensource.

DESIDERATA! #mastodon #fediverse #dogsofmastodon #dogs #photography #photo

🛡️ #Cybersecurity news & tips across the #fediverse

“North Korea neighborhood watch leader shortage https://www. byteseu.com/2139949/ # Conflicts # ideology # Mobilization # NorthKorea # Pyongyang # surveillance # women # workers”

https://pubeurope.com/@byteseu/116812639348765877

🤖 via RSS feed. Not an endorsement.

Post Originaly from https://bsky.app/profile/fjox.win/post/3mofs2frbvs2v at 2026 06 16

my server had been down for like 5 days now. Now im stuck on this stupid place and don't even have acces to my nas. Then I found out I spend the last day and a half copying the wrong drive with ddrescue. Im soo done with this shit. I have decade old hard drives but ask a ssd to do more then 3 years hell no. I want a server that could run forever if electricity is provided. Ssds make it impossible. 3 months of 15 vms that probably didn't even do 500gb per day in total killed a drive that supposed to have a rw capacity of 2400 tb. Also I hate bluesky with its stupid twitter like post limit of 500. My mastodon had a limit of 65536. You could write a small book with that. And now that I have to copy shit with ddrescue again but instead of getting the same or better performance since its a ssd copying to a USB harddrive compared to a USB harddrive to the same USB harddrive its 30 times slower at peak. And that USB harddrive is 1tb bigger. now some might say just use the last backup. Well to even acces ir i need a vm on that ssd because nobody plans that ssd especially one from a reputable brand like samsung dies after 4 months of use. Even if mine was rather extreme compared to the usual use of one of them. it's ridiculousthat only 50 bad sectors and a passed smart test causes all the data to be inaccessible. Also the expectationthat I have backups that can survivea nuke is unrealistic. If i had the money i wouldn't use decade old hardware. Now you might say just play video games on your gaming pc. Well i don't have one, all my desktops are on my server and the only other computer that could game properly is copying the drive. I pirated gamesI alreadyown on a laptop for just to play some shitty DM for a dozen mins. This thread is probablybecoming longer then any serious post I made on the fediverse. Anyways now that i dont have a ssd for vms ig i gotta use a dozen decade old hard drives from the discard pile of a graphics design studio since im broke and you cant run multiple windows on a single harddrive cause that shit fucking lagggs. Im so done with this shit, i can even torture myself by editing long overdue videos and ive watched so many video essays that I can't watch anymore. I might just start looking on ebay for like epyc Rome shit or something. HAHA I GOT IT TO COPY AT 135MB/s. So now it's done at 0000... great. STILL BETTER THEN 10 DAYS HAHHAHAHAHAHAHHS OR THE PREVIOUS DAY AND THEN SOME ONTOP JAHAHHAHAHSHSHDHDHHDJDJFHDJDJDJDHHFJDJDJDHDJJFHDHDHFHNFJFNJDJFKFJFJDJDHFH it wasn't done, ddrescuetime calc sucks ass like it's not gonna be like 12 hours instead of 8... all the copying was fine no errors ddrescue didn't see any faulty sectors and yet all my data is shot. I can't boot truenas nor can I extract the config of it.

#thread #server #ssd #samsung #homelab #storage #proxmox #hypervisor #vdi #nvidia #fediverse #vgpu #serverrack #computers #computer #rant #hdd #hp #bsky #bluesky #twitter #externalhdd #usb #linux #ddrescue #datarecovery #data #nas #pc #thinclient #gaming #games #bsky #repost #bskyrepost

#snac2 #fediverse #frugalfediverse

🛡️ #Cybersecurity news & tips across the #fediverse

“Eric Arthur Blair, (AKA George Orwell) born June 25, 1903

"George Orwell" illustration by Danny Hellman for Public Eye, 1/18/21

#Illustrator #illustration #comix #comics #literature #nineteeneightyfo...”

https://pixelfed.social/p/dannyhellman/975829809504124864

🤖 via RSS feed. Not an endorsement.

Don’t use #Meta products anymore, but I have in the past. Today, I got an email from the company, and this was the first sentence: “The setting to disconnect your off-Meta activity is going away.” Because…of course it is. This continued #enshittification of the #internet in general and social media specifically is predatory corporate BS - and #TechBros are making it harder and harder to opt out - without taking drastic steps. #SurveillanceCapitalism is predicated on collecting our data to use against us in the marketplace, and lately…to use against us in the political arena as well. It didn’t have to be this way. Thank goodness for the #fediverse, for #FOSS and for those hardy souls who continue to resist #CorporateGreed and #CorporateTerrorism.

🛡️ #Cybersecurity news & tips across the #fediverse

“New. Sekoia: Sold to the Highest Bidder: The Escalation of ADINT from Geolocation Tracking to Intrusion Vector https://www. sekoia.com/blog/sold-to-the-hi ghest-bidder-the-escalation-of-adint-from-geolocation-track...”

https://infosec.exchange/@AAKL/116812106234030297

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“Meta paused an employee-monitoring program that collected keystrokes and mouse activity for AI training after some data was found broadly accessible internally 🖥️🔒
The program drew backlash over consent, privacy, and ...”

https://mastodon.social/@knoppix95/116812097579367559

🤖 via RSS feed. Not an endorsement.

INTEGRAL — A Federated Cooperative Economic System. #fediverse #foss #cybernetics

https://integralcollective.io/

🛡️ #Cybersecurity news & tips across the #fediverse

“https://www. europesays.com/people/129066/ Meta’s surveillance tool leaked employee private data # Facebook # MarkZuckerberg # Meta # Privacy # surveillance # WorkplaceMonitoring”

https://pubeurope.com/@people/116812036503431935

🤖 via RSS feed. Not an endorsement.

🔭 FediBoard was step one.
Now the open web ecosystem grows — bringing the same tools to bloggers beyond Flipboard too.
But it all still starts here: install FediBoard, Free Forever.
Be part of the loop. 🔄

https://fediboard.com

#Flipboard #Fediverse #FediBoard

🛡️ #Cybersecurity news & tips across the #fediverse

“North Korea neighborhood watch leader shortage Rodong Sinmun, the official newspaper of the Workers’ Party of Korea, reported on October 14, 2025, that workers…
# EuropeSays # Korea # KR # NorthKorea # ide...”

https://pubeurope.com/@korea/116811538099086162

🤖 via RSS feed. Not an endorsement.

Loops dot Video: Short videos. Your community. Your rules. The flagship instance of the open-source, federated alternative to commercial short-video platforms.

connect.fediforum.or...

Curated by FediForum Connect.

#loops #video #fediverse

FediForum Connect | loops.vide...

🛡️ #Cybersecurity news & tips across the #fediverse

“President vs Parliament: Metsola overrides MEPs in bid to force through child abuse law – POLITICO Ambassadors on Friday will consider an “invitation of the President of the European Parliament [to] proceed with the…
...”

https://pubeurope.com/@europe/116811242877046115

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“Ah, the # Olympics of # Orwellian oversight—where every nation is a gold medalist in invasion of privacy! 🎖️🥇 Democratic or authoritarian, they all want to prove who's best at wearing a tinfoil hat while peeking ...”

https://mastodon.social/@ngate/116810936411579981

🤖 via RSS feed. Not an endorsement.

You know how they say #socialMedia damages your #mentalHealth by keeping you hooked with an endless stream of #rageBait?

Yeah, that all is not a thing here. My most boosted/favorited post here, by far, is a joke about keyboard interrupts. https://mastodon.sdf.org/@argv_minus_one/115091485249788597

And now, I posted a bunch more funnies I found, like https://mastodon.sdf.org/@argv_minus_one/116811512688326879 and I'm getting flooded with boosts and favorites again.

I love the #Fediverse so much. ❤️ It is all that X/FB/etc is not.

#Mastodon

I'm going to visiting Southern Ontario and #Ottawa the first two weeks of July. Does anyone know of any #Fediverse / #foss / #Linux meetups I could try to connect with while I'm there?

⚠️ Word is from Admins and Mods, Russian bot farm accounts are becoming a real problem so the advice I'm hearing is, carefully vet new accounts following you and any you might want to follow.

#Fediverse #Mastodon

edit # 2
Thanks to
@crapaud for providing this resource specific to the aforementioned Russian bot farm

https://about.iftas.org/2025/10/05/coordinated-pro-russian-propaganda-network-targeting-activitypub-and-atproto-services/

edit: Look below this post--I will add a couple articles about how to spot a bot account

⚠️

An article about how to spot a bot account:

edit: I think the article I added below this one is better

#BotAccount #fediverse #Mastodon
#Bots
#SocialMedia

https://stateofsurveillance.org/guides/basic/bot-network-detection-social-media/

Hey everyone,

@casey and @rania40 had the honour of speaking to one family from Gaza today and we’d like to welcome them to Gaza Verified.

They are:

• Laila (@Laila11)

Please give them a warm welcome to Mastodon and to the fediverse, follow their account, and donate to their fundraiser if you can (and please share this so others can do the same).

Also, remember that you can find all our families who have fundraisers listed at the following page, ordered by those who have received the least in donations over the last week (on a rolling basis):

https://gaza-verified.org/donate/

Thank you for making Mastodon and the fediverse a safe space for our friends in Gaza and for your support.

💕

#Gaza #Palestine #GazaVerified #Mastodon #fediverse #newMembers #verification

ActivityPub = Fediverse
Fediverse = ActivityPub

If other federated things like XMPP, Matrix or E-Mail were part of it, the Fediverse would exist at least since 1971.

Nobody saying "Fediverse" talks about something older than the web.

#ChangeMyMind #ActivityPub #Fediverse

Almost forgot, a person at work had this on her whiteboard in front of her cubicle…

“Sometimes, I think the surest sign that intelligent life exists elsewhere in the Universe, is that none of it has tried to contact us.”

I second that! Especially with the US and its current administration

For now, good night to y’all good people of #Fediverse

Bonne Saint-Jean #fediverse

#quebec

💡 Pro tip: control your story volume.
FediBoard preloads what's cached — click "Load more" for as much as you need.
No overload. No waiting. Just what you ask for.
Your panel, your pace. ⚙️

https://fediboard.com

#Flipboard #Fediverse #FediBoard

PDX.social is a Mastodon server for the Portland, Oregon, USA region.

This server has been online since 2017.

https://pdx.social

You can find out more at https://pdx.social/about or contact the admin account @admins

#FeaturedServer #Portland #Oregon #PortlandOR #USA #Mastodon #Fediverse #FreeFediverse

Just found out through Vivaldi's news feed that Tangerine UI for Mastodon is officially EOL as of this month 🧡

The author ran it for nearly three years - hundreds of GitHub stars, 50+ instances, 40k+ users. But keeping it alive meant rebuilding it from scratch every time Mastodon shipped a major release, which just isn't sustainable when the fun of building it is long gone.

Honestly respect the decision. Burnout is real, and forcing yourself to maintain something you no longer use or enjoy helps nobody.

If you loved the theme, the author recommends giving Phanpy a try - apparently it was a big visual inspiration for Tangerine UI anyway.

Rest well, little orange theme 🍊
Thank you @nileane very much for your effort these years.

Source: https://github.com/nileane/TangerineUI-for-Mastodon/releases/tag/v2.5.4-EOL

#Mastodon #TangerineUI #Fediverse #OpenSource #WebUI #MastoAdmin #FOSS

🛡️ #Cybersecurity news & tips across the #fediverse

“President vs Parliament: Metsola overrides MEPs in bid to force through child abuse law https://www.politico.eu/article/president-vs-parliament-roberta-metsola-overrides-meps-bid-force-child-abuse-law/?utm_source=RSS_Fe...”

https://social.espeweb.net/objects/da9752fb-4977-4bec-8af8-3c72e035c2ed

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“@ aSweetGentleman They were sentenced to fifty years in jail for what they said, and you still use voice devices, siri and alexa.
And copilot. Astounding. When Trump disagreed with the International Court of Just...”

https://mstdn.social/@kevinrns/116802443657841979

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“Epic rant. # AI # surveillance is already out of control, and it is creating hardships for citizens for NO RETURN TO SOCIETY other than to enrich the handful of billionaires that profit from the grift. Be like Ja...”

https://sfba.social/@drahardja/116801293250943388

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“What we call "age verification" is actually mass # surveillance https:// pluralistic.net/2026/06/23/des troy-the-village/ https:// pw.wzm.me/wall/v/22741”

https://indieweb.social/@elgg/116801283376648934

🤖 via RSS feed. Not an endorsement.

Kennt ihr diese Argumente gegen das Fediverse? „Unsere Zielgruppe ist nicht dort" – „Zu wenig Kapazitäten" – „Niemand sonst macht es."

Stimmt nicht! 🔸 Es gibt gute Gründe fürs Fediverse, und der Einstieg ist leichter als gedacht.

Unser neuer Praxisleitfaden zeigt Vorteile, Praxisbeispiele & widerlegt häufige Einwände – entstanden mit der Community Nachhaltige Digitalisierung des @umweltministerium & dem @neuSoM

Zum Leitfaden: https://commons.wikimedia.org/wiki/File:Ein_Praxisleitfaden_zum_Einstieg_ins_Fediverse.pdf

#Fediverse #Mastodon

Hallo Mastodon!
das Haus der Instrumente (HdI) ist #neuhier und freut sich auf regen Austausch im #Fediverse !
Als Angebot der Albert Koechlin Stiftung stellt das HdI historische #Musikinstrumente und den historisch orientierten #Instrumentenbau vor.
Unter diesem Account werden wir Artikel zum Thema historische #Instrumente teilen. Dazu aktuelle Infos, wann bei uns im #Museum in Luzern-Kriens, #Schweiz die nächsten Projekte und Kurse stattfinden.
Zielpublikum sind Interessierte und Fachleute

🛡️ #Cybersecurity news & tips across the #fediverse

““The problem is, there's no such thing as "age verification" for the internet. What we call "age verification" is actually mass surveillance, so invasive and pervasive that it makes the ad-tech industry's commercial surv...”

https://tldr.nettime.org/@remixtures/116801189420796329

🤖 via RSS feed. Not an endorsement.

new server, new #introduction

i'm Christopher, i live in The Hague, Netherlands! i moved here from Seattle 2.5 years ago to continue my cybersecurity freelancing (entrepreneur visa), and I have been a privacy activist for 16 years, which started with running Tor relays and teaching others how to safely run them too

presently in my free time I am working on @discotheque -- a new Dutch Stichting that owns and operates this Mastodon server, gay.amsterdam. we are working on creating a novel organization model that aims to decentralize Trust & Safety in a radical way (blogged about this here https://blog.disobey.net/yawnbox/working-towards-an-organizational-model-for-defending-a-fediverse-community)

this effort to radically decentralize hierarchy native to even Mastodon (and other fediverse) instances is something I thought about while running @emeraldonion -- legal demands sent to an operator has no way to meaningfully inform a community about legal threats. if you're interested in helping work on Disobey Discotheque, please reach out, I'm looking to invite Advisory Board members or Trust and Safety Committee members. in the long term, like i am doing with Emerald Onion, I plan on speaking at hacker conferences about this lead-by-example model for building safe fediverse communities!

i'm very interested in meeting and making new friends in and around the Netherlands ^_^ and i am single :3 I'm passionate about many things: my family and friends, science, the internet, blogging, the fediverse, solarpunk, sailing, off-grid engineering, permaculture, hacker spaces and conferences, vegan cooking, coffee, matcha, swimming, yoga, sci-fi, anime, massages, raves, electronic and contemporary-classical music, trains, bicycles, camping, and learning in general!

#DenHaag #TheHague #Netherlands #fediverse #mastodon

Alt...

on a bright sunny day, in June 2026, here is Christopher in a red shirt, dark brown hair, white pale skin, wearing shiny green sun glasses and holding a Sony digital camera. in the background is a rusty bridge wall made out of narrow bars so that you can see through the tall evergreen trees in the background

Dug into the ActivityPub platforms beyond Mastodon with current FediDB numbers (June 2026): Misskey and its fork family, Pleroma and Akkoma, Friendica, GoToSocial, and the Threadiverse.

Misskey's custom emoji culture runs deeper than it sounds. Instances maintain hand-drawn reaction libraries that federate across the network. The closest analogue is early Slack workspace emoji culture, but federated.

Friendica has been federating since 2010 via its own DFRN protocol, Diaspora*, and OStatus. It added ActivityPub in 2019, consistent with its core goal of bridging every federation protocol it can reach.

GoToSocial exists for people who want a personal fediverse presence but find Mastodon too heavy to self-host. 250MB RAM, SQLite, no web client of its own. Runs on a Raspberry Pi.

Part 1 of the "Fediverse beyond Mastodon" series. Part 2 covers the visual fediverse: Pixelfed, Loops, and PeerTube.

→ https://federatedmind.com/misskey-pleroma-friendica/?utm_source=mastodon&utm_medium=social&utm_campaign=misskey-pleroma-friendica-1

#Fediverse #Mastodon #ActivityPub #OpenWeb #Misskey #Pleroma #Akkoma #Friendica #GoToSocial #Lemmy

Alt...

Abstract digital art on a dark navy background showing a radial burst of colorful geometric shapes and particles in mint green, coral red, amber, and teal. Scattered sticker-like elements suggest emoji reactions and expressive digital culture. Federated Mind brain logo watermark in the bottom right corner.

Do you think there is still a room for Prismo in fediverse? We have couple of amazing projects already, doing something similar or much more (lemmy and piefed as an examples). Would love to hear your thoughts in the comments!

#fediverse #fedidev #activitypub

🛡️ #Cybersecurity news & tips across the #fediverse

““[On 24 June] the EU Commission is expected to propose an overhaul of Europol’s mandate which will substantially expand its powers and more than double its (already huge) annual budget by 2034, to €444m annually Keeping...”

https://tldr.nettime.org/@remixtures/116801134917561687

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“Daily podcast: Trust in AI Companies is Incredibly Low. So why do we use their products? # News # TechNews # AI # ArtificialIntelligence # Trust # Privacy # DataMining # Surveillance # podcast ...”

https://mastodon.social/@NickAEsp/116801097900619516

🤖 via RSS feed. Not an endorsement.

Good Morning #fediverse #tzag

🛡️ #Cybersecurity news & tips across the #fediverse

“Pluralistic: # Spying on # kids to save kids from spying is very, very stupid (23 Jun 2026) – Pluralistic: Daily links from # CoryDoctorow
# privacy # ageverification # surveillance # advertising #...”

https://mas.to/@PrivacyDigest/116801008893942953

🤖 via RSS feed. Not an endorsement.

I roll my eyes when conservatives say "if everyone would just accept Jesus..." etc. and just as hard when progressives say things like "What we need is for everyone to care about each other, stop striving for personal gain, protest like their lives depended on it, and do effective and persistent mutual aid."

They will not. Everyone will not just. If this is your plan, then you have no plan.

I don't want the Christofascist fantasy. I want the world where everyone cares for everyone else, even at cost to themselves, and opposes ridiculous and unjust uses of authority. I want the world where bullies don't exist, where psychopaths don't take advantage of caring communities. But neither of those worlds exists or will exist in the foreseeable future.

I want the same "what" as many people here, but I am almost always deeply skeptical of the "how." I'm not sure I've ever heard, on the #fediverse, any plan for how to reach the shared goals except "everyone needs to just..." and I frequently note that the goals of progressives are often identical to those of conservatives. The "how" is everything.

I don't know what the solution is. I don't have a silver bullet "how." Everyone will not stop caring about resources and become anti-capitalist, support others when they or their loved ones lack resources, or start protesting injustice at cost to themelves.

"Line them up against the wall" etc. is just as empty. What happens after that? For that matter, what's your plan to actually win this violent revolution you fantasize? Perhaps you enjoy a little progressive-world fiefdom on the fediverse and haven't felt the need to work out the details. Even if your pipe-dream revolution (which has no plan, no strategy, and no resources) succeeds, I have yet to hear any plan for a system to replace the current one that has plausible safeguards against devolvoing into this or a worse system. And yes, it's all systems. You don't get an exemption. Even "no gods, no masters" is a system, just (as usually articulated) a thin, poorly-realized one.

I don't have the answers, but I haven't seen anyone else with answers, either. The best approach I've seen is from someone I love dearly who says, when we have discussions like this, that we will iterate. We will try things incrementally and adjust and improve. This isn't "you'll be the first against the wall." It isn't "Everyone needs to become a really good anarchist." This is something I can at least believe.

#pol #subtoot #drunk #maybe #anarchism #progressive #JustStop

Alt...

Tumblr-style post: Everyone Will Not Just If your solution to some problem relies on "If everyone would just..." then you do not have a solution. Everyone is not going to just. At not time in the history has everyone just, and they're not going to start now. [sic]

Your readers leave your site to search social media.
What if the search came to them?
FediFind covers Mastodon, Bluesky and Flipboard, right on your blog.
They never have to leave.

https://wordpress.org/plugins/fedistation-open-social-web-sharing

#WordPress #Fediverse #OpenWeb

Hello Mastodon and Fediverse! I should have been there long too before.

(I mean "I should have joined much earlier.")
Thanks to peers of fediverse. I like ActivityPub.
Thanks to @eayavas@mstdn.social @eayavas@pixey.org @eayavas@lemmy.ml @anlar to make me join there.​

#Mastodon #Introduction #NewHere #Fediverse #ActivityPub #iejide
#FirstPost #ÖzgürYazılım #DigitalPrivacy #Gizlilik #FOSS #OpenSource #Privacy #SelfHosted

🛡️ #Cybersecurity news & tips across the #fediverse

“Don’t ever do this # duet # dont # dontdothis # surveillance # flock # flockcameras # bigbrother # duet # YouTube https://www. youtube.com/watch?v=XiH_G5FuCKw”

https://stranger.social/@azcoigreach/116800488195487324

🤖 via RSS feed. Not an endorsement.

@zaronurmitc

Willkommen hier im #fediverse!

🛡️ #Cybersecurity news & tips across the #fediverse

“How Do Flock Cameras Work? Flock is indeed building a searchable database of individuals and offering extended video coverage, including live feeds, from its cameras. In other words, your car isn't the only modern techn...”

https://mastodon.social/@gtbarry/116800023753694140

🤖 via RSS feed. Not an endorsement.

🔆 #FediTips for https://PrivacySafe.Social & the #fediverse

“If you want to, Mastodon can be used entirely through your server's website. You don't need to use an app. Many people prefer the web interface because it gets new features before the apps, there are many settings that ...”

https://social.growyourown.services/@FediTips/116801603351894428

🤖 via RSS feed. Your Mileage May Vary.

🛡️ #Cybersecurity news & tips across the #fediverse

“# Signal ’s # MeredithWhittaker : The Push for Online Safety Risks # MassSurveillance
Whittaker spent years arguing # privacy is a prerequisite for free society. She says AI agents, device scanning and digital ...”

https://hachyderm.io/@BenjaminHCCarr/116799881987275511

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“📡 Hidden KYC: How Banks Silently Track Your WiFi Network → https:// telegra.ph/Hidden-KYC-How-Bank s-Silently-Track-Your-WiFi-Network-06-17 # kyc # privacy # wifi # surveillance”

https://infosec.exchange/@monniele/116798133594302464

🤖 via RSS feed. Not an endorsement.

@ricci

Have you seen this blog post?

It confirms, from first-hand experience, most of the points I made in an earlier post and its follow-up.

@jdp23 @innocentzero