Mastodawn

Anthony J. Fontanez Nov 21, 2022

Jerry 🦙💝🦙

I love all of you and I want nothing but the best for each of you, particularly those on infosec.exchange. I understand that Mastodon isn't Twitter, that DMs aren’t end-to-end encrypted, that we are spread across different instances and it can be hard to find your friends, and that an instance can go away at any time, and that translating posts doesn't work correctly, and there is no native giphy support, and that some instances are overwhelmed and super slow, and that you don't think the federated model can scale to a billion users, or that it doesn't support full text search of every post and account, or that we can't comply with the GDPR, or that we don't support quote tweet style functionality, or that we shouldn't collect IP addresses, and many other things.

The fediverse is a work in progress. I've been here for going on 6 years. In that time, it's come a long, long way. That said, Mastodon is not going to appeal to everyone. The decisions I make are not going to appeal to everyone. No one is forcing you to be here. No one is forcing you to disclose your personal secrets into a network of federated servers running by volunteers and hobbyists. NB: this is not Twitter. It has some similar functionality, but it is not Twitter. Parts of it are better, IMO, and parts are not. The security community is generally among the most skilled and competent IT people the world has to offer. Mastodon is open source. Do you see where I'm going?

I set this instance up a long time ago for reasons I don't even remember. I have poured my soul into this thing because I believe in the importance of this community. I have effectively peaked in my career as a CISO and I and my family live well. I am not running this instance for fame, money, a better job, or anything other than wanting to foster a community of people that can learn from each other and make the world a better place. That's it.

As I've said in several recent interviews, I felt particularly obligated to ensure the security community had a good landing spot in the fediverse as everyone was running for the doors in Twitter. We've grown from 180 active users to about 30000 in the span of 3 weeks. I do not expect everyone to stay. Some will set up their own instances. Some will move to one of the other excellent security focused instances. Some will give up and move to on to some other social media. And that is OK. While I am super excited to see the buzz here, I don't have subscriber targets, engagement targets, retention targets, or anything else. The only metric I hold myself to is whether I think this is serving a useful purpose to the community.

I appreciate all of you, regardless of where you land. Infosec.exchange has been here for a long time and will continue to be here for you.

ricky 💜🍄🎶Nov 20, 2022

@jerry just takes time homie, you're doing good work.

THORp Nov 20, 2022

@jerry thank you for all of your hard work. As a student of Infosec, I can say you’ve created a community that fosters learning and acceptance and assistance. I hope to see this little corner of the internet last a long time.

Gian Maria Ricci 🐱Nov 20, 2022

@jerry you're the best Jerry, we really thank you for the wonderful work and i believe that this instance will stay for long and will become better and better.

Kudos!!!

Gustav H Meyer Nov 20, 2022

@jerry thank you!

Andy Hidalgo Nov 20, 2022

@jerry I one of those 30k that moved. So far so good

@jerry We all appreciate what you've done. Thank you. I think that the only metric that you follow is the best metric to follow and it's trending positively 🙂

George Roberts 💉🇺🇦

@jerry Thanks for everything you do.

Martin Kelly Nov 20, 2022

@jerry Jerry you are a mensch and very much appreciated

AMS Nov 20, 2022

@jerry s/handing/landing/ ?

Jerry 🦙💝🦙Nov 20, 2022

@AMS thanks. no matter how I try, I am sometimes blind to my errors. I corrected it.

AMS Nov 20, 2022

@jerry That's how it always works. I swear typos are invisible until you hit send.

@jerry
Do not worry, we are all with you, we love your work, and we are happy to be hand in hand to form a large and safe social network. We realize that this requires some time, but it is not a big obstacle. We entered Mastodon and found everything that is beautiful and wonderful. If you continue to update this platform, it will be great in the future. We have started to invite our friends On Twitter to join here at Mastodon because he deserves this and deserves to share and spread ideas and learn and exchange skills. Thank you with all my heart.

Christopher Nov 20, 2022

@jerry "The only metric I hold myself to is whether I think this is serving a useful purpose to the community."
And you are doing AWESOME at this metric @jerry ! You have given the infosec community a place to continue, and I'm sure I speak for nearly everyone here when I say we really appreciate it!

Adrien Delessert Nov 20, 2022

@jerry when all my favorite [kind, welcoming, informative, smart, competent] infosec people from Twitter started landing here I felt it must be a good place, but I feel it has really exceeded expectations! Thanks for nurturing this, you’re doing an amazing job.

ashar Nov 20, 2022

@jerry thanks 🙏

Gabriel Franceschi Nov 20, 2022

@jerry you are doing an excellent job. Unfortunately, criticism is always loud whereas appreciation is normally silent.

Thank you for giving us a place to interact, discuss and learn :)

spmatich vk3spm

@jerry inspired.

Fuzzysteve Nov 20, 2022

@jerry "that DMs are end-to-end encrypted" missing an "n't" ?

Jerry 🦙💝🦙Nov 20, 2022

@fuzzysteve ugh. Thanks for catching that

Fuzzysteve Nov 20, 2022

@jerry nbd :) At least you can edit here :D

Jerry 🦙💝🦙Nov 20, 2022

@fuzzysteve fixed

Pete Nov 20, 2022

@jerry @fuzzysteve so fast! I was about to@mention it - and gone!

Christopher Nov 20, 2022

@jerry Your comment about Mastodon being open source is also spot on. We can help make it more secure and we can help add functionality, both at the server and on clients. One thing to remember along the way is to honor the larger Mastodon community, keep the best parts, and no matter what, to avoid trying to turn this into Twitter.

Addison Crump Nov 20, 2022

@jerry Your mitigation of expectations shows that this is the right place to be.

Sophia Nyx Nov 20, 2022

@jerry I like your hair

0xBDB Nov 20, 2022

@jerry I appreciate the time and effort you and the moderators are putting in. Whether I would do things slightly differently or agree with every architectural decision the Mastodon devs ever made or whatever is beside the point for me... unlike Twitter, which regardless of who's running it has increasingly misaligned incentives, I personally trust you folks to do the best you can to make it a good community. That'll do. :P

@jerry Thanks Jerry!

Super Sheep Nov 20, 2022

@jerry I’m so grateful for all you’ve done here and to all other instance admins. People will always moan and if they’re comparing this to Twitter they haven’t learned or read anything people have posted. Keep up the good work!

Cyber Yuki Nov 20, 2022

@jerry : 👏👏👏👏👏

Rob Pomeroy Nov 20, 2022

@jerry Thanks so much Jerry. Right place, right time, right skill set, right attitude. 👍🏻❤️

Lise Voldeng Nov 20, 2022

@jerry Thank you, Jerry. I appreciate your genuine honesty and dedication. Exactly why I set up an account on infosec.exchange.

Purl Nov 20, 2022

@jerry thank you for everything you do. This isn’t the bird place, and that’s just fine. I wish I knew it was here sooner, and I’m glad I found it now.

Cosmic Ray Nov 20, 2022

@jerry well explained
Thanks for hanging in there
Understand you only do what can do

🐘Nov 20, 2022

@jerry you do good work dude! this place is cool :) (even if i grumble about the UX on some stuff - hey I'm a Brit i love to grumble!)

what you have done is super cool!

Anansi (spider)Nov 20, 2022

@jerry personally, i thank you for this place...if you want to discuss specific security design that are annoying people, i can help, generally on mondays afternoon...i am sure that this community can help to further secure mastodon and this specific instance...

@jerry I really appreciate all the hard work you and your moderators are doing to create and evolve infosec.exchange. For others who also appreciate @jerry and his team's work, consider making a donation @ https://liberapay.com/Infosec.exchange/ pay the bills for all the hardware, bandwidth and time needed to keep up with the expanding user base.

Infosec.exchange's profile - Liberapay

This will fund operations and hosting costs for the infosec.exchange Mastodon instance. I greatly appreciate any and all donations.

Liberapay

Rodri Mora Nov 20, 2022

@jerry are DM's E2EE? I thought they weren't

WvuSoldier Nov 20, 2022

@jerry you're a good man! We appreciate it!

@jerry I’m sure I can speak for everyone on this server by saying we appreciate eveything you have and will continue to do with this server. Of course there will be hiccups but what matters most is that the team figures a solution, learns and moves on. I will continue to support you and the team because I know it’s takes a lot to keep infosec.exchange up and running.

Suzyanalyst1 Nov 20, 2022

@jerry Thank you for doing what you do.

bertrand 🏃 👨‍💻 🎸Nov 20, 2022

@jerry Hi Jerry, I felt so welcomed by you and the other #fediverse old-timers. Thank you. Thank you so much.
I identify myself as an #identity (as in #IAM) person, considering #infosec as a side/tangent community I can't ignore but I don't identify directly in it.
Except for when I read your post. When I read your post I feel welcome in this community and I want to be part of it.
Thank you.

Jerry 🦙💝🦙Nov 20, 2022

@bertrand Welcome. I am glad you're here!

Nick Buraglio Nov 20, 2022

@jerry excellent points, and well stated. Others would be well served to read and absorb this post.

Phosra Nov 20, 2022

@jerry
"that DMs are end-to-end encrypted" I don't believe that this is the case; was that a typo?

Jerry 🦙💝🦙Nov 20, 2022

@Phosra it was a typo that I've since corrected - but you are correct.

@jerry this is outstanding and I hope you don't take my occasional musings about features (like e2ee) or chatter with folks about the legal issues of the fediverse as a personal critique at all. This reminds me of old school IRC days with all the tight communities and chaos and forum moderator meltdowns of the early 00s come again.

It's like we've hit the reset button on the internet and rolled back a decade plus of updates. For those of us who've been questioning the direction of an increasingly centralized and corporate internet with a few giants retaining so much power, for those of us nostalgic for the internet we grew up with when the toxicity had so much less reach, this is like a breath of fresh air.

There's a chance here, in some ways, to reset internet culture or at least to opt out of the toxicity of the current iteration for something smaller but healthier. A grand social and technical experiment seems to be unfolding and I'm glad to be here for it. Thanks for putting up w me.

Jerry 🦙💝🦙Nov 20, 2022

@bbennettesq It wasn't directed at any particular person. I've just read SO MANY criticisms, and "why don't you make it do $X?" and so on. I feel like I need to levelset expectations. (nearly) all of the points people raise are valid, at least to some extent.

@jerry I'm not so arrogant as to think your post was directed at me. It was just to assure that MY posts weren't criticisms of you! I've been around tech long enough to understand a little of the chaos descending on the fediverse and the hosts!

Jerry 🦙💝🦙Nov 20, 2022

@bbennettesq my apologies - I appreciate the feedback and I want to find a way to channel the energy everyone has to making things better. I do appreciate your views - there are some damn sharp people here, you included, and I'm trying to keep up :)

@jerry no apologies! Can you dig up the donate post periodically so I remember to donate to you? Or pin it in an faq somewhere? Is that a thing? 😂

It came and went and is lost to the fediverse until I learn how to find things better on here.

Jerry 🦙💝🦙Nov 20, 2022

@bbennettesq you bet - it's in my profile, and also on the infosec.exchange/about page

@jerry thanks!

gafraser Nov 20, 2022

@jerry thanks for doing this and making it welcoming 👍

SecBuff Nov 20, 2022

@jerry @gradius Thanks for all of the effort you’ve put into this. I really appreciate it.

@jerry thanks for all your hard work making this place welcoming and safe. Please reach out if you need an extra set of hands, I am more than willing to help.

Nick 'The Viking'Nov 20, 2022

I cannot imagine the levels of effort being applied here and elsewhere.

Y'all rock, each and every one!

Trif Nov 20, 2022

@jerry Just want to add that Mastodon is not the fediverse. It's very good, but there are other excellent implementations too with different feature sets. Misskey has both working translation functionality (via DeepL) and quote renotes, but some other aspects are lagging behind Mastodon a bit.

A healthy ecosystem of compatible systems will both let users pick according to their preferences & avoid a web browser market-like situation where one implementation controls the backing protocols & standards.

💉💉💉🎉Nov 20, 2022

@jerry This is really well written. Honest and clear.

@jerry 🥹 thank you Jerry!!!!

Peter loves 🐈Nov 20, 2022

@jerry you do a great work.
Now i Am here. Bad luck. I stay😈