The Breakout Plan
Whether you're looking for a way out of the Gulag or just a plan B for the next time you land in Facebook jail, moving from one centralized social network to another won't do you much good. Facebook, Twitter, Telegram, MeWe—they all have the same fundamental flaw. A for-profit corporation sustained by ads will always put growth and engagement above all else, from privacy and mental health of individual users to social cohesion and political stability of entire countries.
The free* software community has implemented an alternative to the competing centralized social networks: Fediverse, an ensemble of federated servers that are independently hosted and run different software but can all interoperate using open standards.
* as in "freedom"
Image by @email@example.com.
Fediverse offers many options. As usual with free software, you're in control, and you're expected to know what you want. Now would be a good time to take inventory of what is it social apps do for you.
But before we get to chats, microblogs, macroblogs, photo sharing, video calls, and other forms of communication, remember that social networks are made of people, and consider the part that creates the network effect: identity.
It isn't what you can do on a social network that locks you in, it is the people you know. Maintaining a relationship with someone depends on:
1) discovering ways to connect with them, and
2) being able to trust that you are connecting with the right person.
The flip side of discoverability and authenticity is privacy. Sharing some aspects of your identity with wrong people can open you to harassment, fraud, and other kinds of harm.
In centralized social networks, you have to trust a for-profit corporation to verify and protect people's identities. So far, they have failed miserably at both.
In Fediverse, you have full control over how much you reveal about yourself to make people believe that you are who you say you are.
On a scale from "take my word for it" to "strongly connected PGP Web of Trust", I think Keybase strikes the best balance between security and simplicity.
Update 2020–09–06: Between Keybase’s messy clients, closed source server, experiments with cryptocurrency, and acquisition by Zoom, I can’t recommend it anymore. There is now a clean and fully open source identity management platform Keyoxide. It is built around OpenPGP public key infrastructure, if you’re not already familiar with that, you can start with a simpler but somewhat limited way to prove your identity: Mastodon’s link verification feature.
So, other than discovering and verifying identities of people you know, what is it social apps do for you? Fundamentally, just one thing: meaningful conversations. Everything else is just things you do online, things worth talking about—it is the conversations that connect us.
Private real-time conversations are simple: you just use whatever chat app is available to both of you. It should be end-to-end encrypted (so you don't have to scramble when a sensitive topic comes up), open source (so you know it can be trusted), and mobile friendly (so you don't have to run to your computer to read your messages). Signal is easiest to use if you don’t mind sharing your phone number; Wire is better if you want insulation from your public identity; Matrix is the ultimate self-hosted option.
Public conversations require authenticity and structure. Nobody has time for email threads and nested quotations anymore, the microblogging format has made these skills obsolete. When a long post is diced into paragraph sized chunks, you can reply directly just to the right spot in a thread, with no need for quotes to highlight the context. Easy to move around and scroll through on mobile, easy to branch off sub-conversations, easy to track and reference every comment by its permalink.
Mastodon is the most popular microblogging platform in Fediverse, serving millions of accounts across hundreds of instances. You can join the flagship instance mastodon.social, find a smaller one that fits your interests and code of conduct preferences, or start your own instance—the Fediverse equivalent of creating a group.
Update 2020–09–06: Mastodon developers closed new signups on mastodon.social. Instead, they started a new open instance mastodon.online and created a directory of public instances.
Federation allows you to follow accounts on any Mastodon instance, and even on other Fediverse platforms: the more traditional blog-and-comments Friendica, photo sharing Pixelfed, video sharing PeerTube, etc.
Your own accounts on different instances can have different names and privacy settings. You can lock an account to only allow approved followers and make follower-only posts.
Mind that it won't give you the privacy of end-to-end encrypted chat: admins can see everything on their instance.
The main point of Mastodon's privacy settings is to protect people from harassment. To that end, it also offers a progressive spectrum of protective measures:
- hide someone's boosts,
- mute (you don't see them),
- mute notifications, too,
- block (they can't see you),
- hide an entire instance.
You can also report bad behavior, and instance admins can ban a user or an entire instance temporarily or completely.
There is no protocol for banishing an instance from the entire Fediverse. It is up to every instance to decide what to block, although many probably follow the block list published by mastodon.social. There are two prominent special cases that ended up forking Mastodon software to the point where they are no longer compatible and unable to federate: Counter.Social and Gab.
Counter.Social has implemented a draconian set of protective measures, including blocking entire countries known to run disinfo operations, along with thousands of VPN providers. Some major instances such as mastodon.xyz blocked CoSo over this, CoSo founder Jester Actual blocked the entire Fediverse back. On one hand, Fediverse does need stronger defence systems; on the other, country block is a cop-out, VPN block is plain harmful, and isolation turns an instance into yet another dictatorship.
Gab claims to stand for freedom of expression, which those familiar with American political discourse will immediately recognize as a "Nazis and white supremacists welcome" dog-whistle. In July 2019 they switched to a forked version of Mastodon and tried to join Fediverse, but were decisively rejected by Mastodon developers, blocked by most instances, and blacklisted by Tusky and Toot! mobile apps.
Did I mention that it isn't what you can do on a social network that locks you in, it is the people you know? It's not enough that Mastodon gives you means to connect and talk with your friends, you won't be able to leave the centralized social networks until you can take your friends with you. We all need a collective breakout plan.
We need to build a sustainable safe space where the few of us who are ready to move can work together. Then we gradually scale down our presence in the old networks, engaging our friends there just enough to remind them where to find us, while building and nurturing our new community here, making it a more welcoming and exciting place than Facebook's ranked feed hamster wheel.
Your homework for the stage 1 of our breakout plan (update 2020–09–06: edited to remove references to Keybase):
- Encrypt your phone, set screen lock to password (fingerprint unlock is ok).
- Install a two-factor authentication app (e.g. FreeOTP or Google Authenticator).
- Install a password manager (e.g. Bitwarden).
- Register on mastodon.online (we’ll get to our own Mastodon instances later, for now we stick with the flagship).
- Enable two-factor auth in your Mastodon account settings.
- Add links to your Mastodon to all your profiles on the centralized social networks.
- Explore preferences, read user docs (https://docs.joinmastodon.org/usage/).
Mastodon web interface works well on mobile, tablet, or desktop, but you might want to install a mobile app for better performance and battery life.
This article was originally composed as a Mastodon thread: https://mastodon.social/@angdraug/103101502713466343.