tdp

About two weeks ago, The Doodle Project (TDP) took on the stewardship of verifiedjournalist.org from the folks over at HoneyTree tech. TDP, my little small business, has two main sets of offerings:

1. Family internet safety solutions, like Pihole for Home – a managed Pihole security and privacy suite, along with training, advocacy, etc.
2. Fediverse solutions – we offer one of the longest running and most stable fediverse relays and a service that provides the ability for individuals and organizations to run on the fediverse with their own domain without having to run their own mastodon server.

One of the biggest challenges that we've seen these past few years is helping people migrate from the hellscape that has become Twitter (I refuse to call it X because it's stupid). In doing so, we've had lots of great success in onboarding individuals to “bring their own domain” to our ecosystem that we offer at https://ourselves.space. One group in particular that I'm fond of, is news organizations and journalists. It's ... a lot ... to migrate. It's even harder to have a sort of decentralized verification mechanism for journalists and news orgs to prove who they are. Sure, there are several news focused instances like journa.host and newsie.social. But, like many other instances, those are open – anyone can join.

Enter https://verifiedjournalist.org. I've been a fan of Jeff and team over at HoneyTree Tech and they've been phenomenal at building an ecosystem of trust. The verifiedjournalist.org site is a great site to find journalists and news orgs that have been “Accepted” as well as those that have been “Verified.” Because of our alignment in passion for helping the fediverse verify and find a home for this critical set of people and organizations, it was a great pairing when we got together to help take on the stewardship of the site.

The site will remain free, supported by donations (please!) and we'll continue to work with the team at HoneyTree Tech on future versions of the verifiedX platform which verifiedjournalist.org is based. Here's a bit about what verifiedjournalist.org does.

Any journalist or news org can have their profile added to the site. Once added, we'll list them. Easy as that. But there are further states that can add additional trust relationships within the fediverse:

Accepted means – any journalist or news org that has been added can be accepted and visible on the platform. This allows the site to pull posts from their account and roll into the ecosystem for visibility.

Verified means – once an account is accepted, the journalist or news org can claim their profile. When they claim their profile, the team at TDP will research the profile to validate the person is who they say they are. This often involves a few DMs where we ask for evidence the person is affiliated with the organization they claim. Once verified, our system places a verified badge on their profile and the end user or org can add the rel=me link to their profile which cross links to verifiedjournalist.org. This completes the verification.

verifiedjournalist.org is a great place to not just find people, but amplify the content that matters to news organizations and journalists. When claiming a profile, we obtain an OAUTH token with READ permissions to the PUBLIC data of the journalist or news org. This allows us to read the profile and public posts of the user as well as collect vital statistics which are then presented to the journalist/news org in the stats dashboard so they can see reach within the fediverse for their work. The feed is updated every minute to show newest posts from around the globe.

There's a lot of great content happening from our newsies. We hope you find the service useful for finding verified journalists and news orgs. If you'd like to support our work and help keep the service alive, you can make a monthly recurring donation of $1 to The Doodle Project here: https://subscriptions.thedoodleproject.com/subscribe/93ae02662a4e0933d2767e6de0a988d5835d327f877b7e75ad482bf477cf719e/Vjt1

The Galaxy Tab 9 Ultra – my review

It's really a rare pleasure to pick up a new device and be “wowed” from the moment you turn it on. First glance, the screen is absurdly amazing. Crisp, responsive, NITS flying everywhere. Performance is off the charts. The OneUI interface gets the job done. Build quality stellar.

Second glance, it's still an Android Tablet and for better or worse, will always be encumbered from apps that aren't built for this size of device. Samsung does a great job of scaling, nothing looks horrible – and many apps do enhance themselves with tablet friendly features.

Third glance – DeX mode is simply impressive. I reviewed an early early DeX device a few years ago and found it seriously lacking. This completely changed my mind and they've nailed all the major use cases. A few final polish items like consistent app and quick action listing (and grouping) between DeX and non-DeX, some jitter with moving lots of apps around, and some more polish on the build in apps (in DeX mode to take advantage of the capabilities) and it'll rival a Windows/Mac easily.

Great battery life – daily drove it for a week with dozens of Knox enabled apps open all day. Charging is oddly slow, even with a beefy Mac USB-C adapter on it (annoyed they don't give you a charger, just a cable). But if it can run literally ALL day in conference calls, video calls, remote desktops, Linux terminal sessions, VPNed the works – it can charge overnight and that's fine.

Overall-almost too perfect. Just a bit more polish.

Someone fussed at me today about “sending a mob” after the devs for making a change to the Mastodon ecosystem that will have negative consequences for all small or single instance hosters (like myself). While I can completely understand from the perspective of “we're closing a loophole” and “this should never have happened to begin with,” to “it's a security issue,” (I disagree) I had to consider a few other positions from a point of dispassion to see all sides. Here's some rambling if you're interested.

Mastodon merged a change back in March that removes unauthenticated access to the StreamingAPI. Totally their right. But it was done so in a way that didn't take into consideration a vibrant ecosystem that was relying on that capability. As most didn't know about it till it was brought to my attention and I amplified it, I felt the spirit of an open source community was missing – dialogue. So, I suggested folks comment on what that means to them on the GH ecosystem where the merge took place.

I certainly didn't send a mob, and I was frustrated by that comment, and this is how I process frustration so, here's my rambles.

Where would one have a discussion with the developers on changes, if not on GH? Is there a more appropriate forum? I've not seen one, but would be happy to move my comment there. But to say that giving feedback, even late feedback, is unwarranted misses, a key driver of open source – the community it impacts.

Another piece of the comment from the author: (paraphrase) No one that's piling on understand the problem, therefore it's not helpful to pile on, or, as the author said, “mob the devs.” Couple of thoughts come to mind – first, if they don't understand the problem, perhaps someone could explain it in a way that resonates with those impacted. What these folks that don't understand the problem “see” is that a key, perhaps unintended, but totally documented, capability is being turned off. Second – the solution to the now introduced fix is to point back at the community and say “figure it out.” Again, that misses the value of the community and the very real impacts even small changes can have. Absolutely their right to do so, they're the devs. But to not even bother to hear from the community?

Open source is messy. People are passionate. One of the smartest people on the planet recently left the entire fediverse ecosystem because of those passions. That doesn't help anyone. I personally need thicker skin, but it'd also be helpful for people to assume the best intent and the eagerness of folks to grow the community through dialogue and change. Sometimes tough changes need to be made – perhaps in the guise of security even. So, teach us. But using strong words like “mob” and diminishing the value of what these folks are saying, even though they don't understand the technical nuances, that seems contrary to the spirit of open source. Again, just me. To anyone that was offended by me suggesting folks chime in, I'm sorry you thought my intent was malicious.

Got lots of reactions to our position on #threads joining the social media fray, so thought I'd share here for posterity with some added flair.

I understand #mastoadmin folks globally may want to block #meta #threads before it even launches. I don't agree with their reasoning, but in a true #fediverse, this is allowed. The “market” will dictate if that's a popular decision. For us at https://ourselves.space, we won't be blocking their servers unless or until they violate OUR policies, just like any other instance. That may make us a pariah, but an open ecosystem is better than a closed one. We'll be taking a wait and see approach.

The main reaction was “kudos.” Nice :) The second type of reaction was something akin to “sellout,” or “you capitalist whore.” Less nice :|

We are going to stand by it. The fediverse is an amazing playground and everyone gets to make their own rules. The market will ultimately decide whether the Threads of the world get to play. On the flip side, almost 30 million people signed up for Threads in under 24 hours. That includes many brands, personalities, etc. that have had plenty of time to explore “not Twitter.” They are there because of ease of onboarding – ie, if you use Instagram and are already “verified,” there you go – a verified profile on the fediverse. That doesn't bode too well for my little business who has at least one primary mission to bring those types of folks to the fediverse using their own authenticated domain and do so without running a server (https://www.thedoodleproject.com/singleuser). But, we're going to stay the course there as well, because we believe in what we're doing. Privacy. No ads. No tracking. Timeline ordered feed (FFS!). I think we've got a good strategy. Now, we just need some customers! :)

Had some fun with the Takahe server this morning. In the past few days(?), DNS got wonky and users were no longer able to search for each other from other instances. A quick curl to webfinger endpoint showed that CloudFlare was now sending things off with a strange redirect. Turns out, it actually wasn't a CloudFlare problem, but rather, the way I was handling things in the inbound proxy server.

I'd been trying to parse together the base domain (www.ourselves.space) and do a CloudFlare redirect to the naked domain (ourselves.space) as that's the endpoint that Takahe listens on. Also, who wants to be @[email protected] – that's dumb, we want @[email protected]. My re-write rule was the culprit.

So, I restructured everything so that I 301 redirect www to . and re-enabled all the CloudFlare goodies to help protect the site in the unlikely event we get famous. Thanks to my new user this morning for helping test it! Next up, still working on Lemmy/kBin – a kBin user is doing a seriously great job of making the docker instructions/deployment easier, so I'm following that effort closely (https://codeberg.org/Kbin/kbin-core/pulls/143) with fingers crossed it gets merged in.

Well, we launched our PeerTube instance! https://videos.ourselves.space is now up and running. I'm hoping we can get the fediverse to bring some great content. Particularly interested in seeing technology history, world history, American history, etc., but it's an open / moderated / safe-for-work instance so, almost everything is welcome.

The setup was pretty straight forward, although had to fight with Cloudflare configs a bit as PeerTube includes the ability to start streaming at a certain bit, which CF doesn't like in the headers. The other major config change from baseline is setting up offloading to S3 (compatible) endpoint. That played into the headers issue, but was necessary to get things into BLOB and not sitting on hot disks. It's a pretty neat setup they created, very asynchronousy and happens just after transcoding.

I selected what I think are some good transcoding options, but if you want others, just let me know. Happy video'ing!

Feeling incredibly grateful for the opportunity to travel all the way to Belgium this week for the #techorama conference. This is the third time I've spoken here, and each time is better than the last. I was worried that I wouldn't be able to come back after being the Keynote last year, but am happy to do so. Such a fantastic community, great organization, and location cannot be beaten (Antwerp). I feel, almost(?) at home here – like I know my way around, I know how traffic works, where the parks are for both exercise and relax, and almost know how to deal with jetlag. Last night's speakers' dinner was unmatched by any conference I've been to in a very long time – I got to dine with the penguins at the zoo! Next up, hoping to secure a speaking spot in NZ or Australia and then, my final bucket list speaker slot – Iceland! Fingers crossed :)

Working on some tweaks today to Bookwyrm. The outbound email configs are a bit, odd. It's working now, but I may have to change out the relay if it fusses at me any more. Currently, using Mailgun, but I prefer SendGrid since that's what all the other Fediverse tools I'm deploying are using. Will monitor.

Spent some time working on the deployment of the next Fediverse tool for ourselves.space today – PeerTube. It's up and running and mostly configured, but the S3 backend provider is ... interesting. It successfully transcodes and moves the files, but then the hashes end up all messed up. Not sure what the culprit is there. Will continue to tweak, but the documentation isn't amazing.

Strange juxtapositions and observations here in Antwerp. This is my third time here and I love it, but I'm just now getting around to some comical'ness as the “stupid American.”

1. The toilets cost money
2. Smoking in public is allowed
3. EVERYONE speaks at least two languages – this completely amazes me
4. The bike lanes are so serious, they have their own traffic lights
5. There are more beers than days of the year
6. There's nothing cuter than a little kid rambling at warp speed to their parents in (insert unknown language here)...just like at home in English, but it's far less cute in English.
7. All the churches appear to be museums and no longer...churches.
8. What the hell is the comma after the main price of food? (kind of like cents)
9. The Belgians do some very unnatural things with the alphabet!
10. The tax cab may not take credit card, even though is has a credit card/tap to pay symbol on it. Grrrrrrr.

Anyways, I'm here, so excited to speak at Techorama for the third time, starting to recover from wicked jetlag (worst I've ever had), and already got my presentations ready. Hope to see you at the conference!

It has been fun getting Bookwrym up and running here at ourselves.space. The base docker-compose had lots of superfalous items in it, and I'm still learning how to leverage Portainer's management interface to spread workloads across multiple cluster nodes without getting too far into the K8S weeds. But, once I got things paired down, and the the main containers up and running, the last part was securing the dbnet now that we've added a big Redis cluster to the mix. Fiddling with networking is painful, especially when each container may have N network interfaces, depending on what it's doing. The internal DNS helps, but I prefer static IP addresses. That works decent for reboots, but when doing an update/upgrade, I'm having to remember to go back in and reconfigure things. I need to find a good automation for it that doesn't involve yet another tool. Trying to keep things simple in container land is pretty comical.