Rasmus Sindum1d ago

The first #Fedibook Security Review.

https://sindum.dk/fedibook-security-review-1/

The code is there for you to review and test

https://codeberg.org/sindum/fedibook

Come and try it out at the showcase instanse https://fedibook.net

Fedibook Security Review 1

Date: 2026-03-25 Reviewer: Claude Code (claude-sonnet-4-6) Scope: dev1 (primary codebase), dev2 (configuration variant), publish (release template) Code read: All Go backend files, all Svelte/TypeScript frontend files, all Docker/compose files, all configuration files. Summary Statement Fedibook is a small but structurally sound ActivityPub social network. The overall security posture

sindum.dk
Rasmus Sindum1d ago

Yes, Fedibook is heavily written with AI. That's a deliberate choice.

Big Tech will use it. Corporate business will use it. I'm scared about where this is heading — but I decided to learn to use it thoughtfully rather than look away.

My first rule: use AI to build non-AI tools. Don't embed AI in the product itself. The code is open source — real humans can take over. The exit is always there.

So I'm fighting fire with fire. Can we harvest the power of AI in open source without surrendering sovereignty? I think it's worth finding out.

My hope is for local models to step up — and I'm actively investigating how they might fit into Fedibook.

#fedibook #AIinOpenSource

Show threadRasmus Sindum1d ago

@oldperl Security is important - both with and without AI. The current approach focuses on security at the concept level. Privacy in friend and group communication isn't perfect by design — that's an honest trade-off in a federated system. I'm considering if and added layer of optional E2EE is possible.

For the implementation: follow best practices, run automated reviews, and most importantly — release the code early so the community can dig in.

Claude did a review based on my requirements. Top finding - I should have a look on rate limiting.

https://sindum.dk/fedibook-security-review/

#fedibook

Fedibook Security Review

Date: 2026-03-25 Reviewer: Claude Code (claude-sonnet-4-6) Scope: dev1 (primary codebase), dev2 (configuration variant), publish (release template) Code read: All Go backend files, all Svelte/TypeScript frontend files, all Docker/compose files, all configuration files. Summary Statement Fedibook is a small but structurally sound ActivityPub social network. The overall security posture

sindum.dk
Rasmus Sindum1d ago

Today I have deployed showcase instance for #fedibook

https://fedibook.net which is an Instance deployed form the git code repo.

It is as I wrote a showcase instance - I invite you to join, test, play aground and use for not-so-important stuff. I will aim to push new releases a coupe of times a week and the goal is to be able to do so with non-destructive upgrades.

For anyone intrested in the process I wrote an article on my blog https://sindum.dk/fedibook-fighting-power-with-power/

Log in — Fedibook

Fedibook - Your Friendly Neighborhood Social Network

Show threadKlaus Alexander Seistrup1d ago

@sindum Tak. Og fair nok. Jeg ved heller ikke hvordan man skulle gøre (med mindre hele #fedibook "bare" bliver en webclient til #activitypub, à la Phanpy, der så har et velkendt brugerinterface, og hvor man kan skabe sine egne grupper af dem man følger og følges af på fødiverset).

/cc @asjo @blog

Show threadKlaus Alexander Seistrup1d ago

@sindum

Nysgerrigt spørgsmål: Jeg har ikke prøvet at oprette en konto på #fedibook endnu, men: Danner man en ny konto, der så fungerer som ens fedibook-handle, eller kan man bruge en existerende #activitypub-konto (på samme måde som man fx kan benytte sin Bluesky/Eurosky-konto til at logge ind på "alle" #atproto-services)?

/cc @asjo @blog

Show threadRasmus Sindum1d ago
@asjo @blog #fedibook does. Check it out at https://dev1.fedibook.dk/ and https://codeberg.org/sindum/fedibook
Log in — Fedibook

Fedibook - Your Friendly Neighborhood Social Network

Arne D. S. Haldorsen2d ago

@sindum Thanks for taking the initiative to create a focused and simple solution for groups in the fediverse. Looks good, too!
Once you have a prototype you're happy with, what's the plan forward? Will you still use AI for development? Will you keep the current codebase, or start from scratch?

#fedibook #fedidev

Rasmus Sindum2d ago

Would you like to test your own #Fedibook instance?

Don't expect to much - but if you like to play along then have a go

https://codeberg.org/sindum/fedibook

Comments on features, functionality, how to install and general architecture is welcome. Low level code feedback is to early - I'm still prototyping and moving fast.

I would REALLY like to have your instance in a group chat 🙂

#YourFriendlyNeighborhoodSocialNetwork.

Rasmus Sindum3d ago

I need your feedback

As some of you may have noticed, I'm building a new fediverse / social media platform — #fedibook. The goal is a familiar look and feel, but one that's actually better for your mental health.

I accidentally included likes in the UI without really thinking it through. Not finished or properly tested — and honestly, I'm now wondering whether likes should exist at all.

What I'm considering instead: likes as a private bookmark only. More like a personal favourite — something you save for yourself to find later, but which is never shared with the author or the rest of the #fediverse.

Good idea? And what should they be called? Vote or comments - Thanks.

You are also invited to just the dev server at https://dev1.fedibook.dk follow the development process at first hand.

Most users want Likes - Keep it
57.1%
Make it Bookmarks (private)
21.4%
Make it favourite (private)
21.4%
Remove it all together
0%
Poll ended at .
Log in — Fedibook

Fedibook - Your Friendly Neighborhood Social Network