How to choose the right Mastodon instance
https://privacy.thenexus.today/choosing-a-mastodon-instance/
An excerpt:
…
One of the challenges for newcomers to Mastodon is that you’re faced with a major decision you face when signing up: what server (aka “instance”) to choose? Different instances have different focuses: are geographically focused (sfba.social), identity-based (tech.lgbt), interest-based (mastodon.art), professional (infosec.exchange), a group of friends (friend.camp), or even lipogrammatic (oulipo.social, which doesn’t allow the letter ‘e’ in posts). Others are “general purpose”, without a specific focus – like mastodon.social, mastodon.ai, and hachyderm.io. The choice isn’t irrevocable – you can migrate your account to another instance and keep the list of who you’re following and who’s following you – but it’s still daunting.
Newcomers are often told that it doesn’t matter what instance you’re on, or encouraged to join mastodon.social (the “flagship” instance, which is the default for mobile apps and spreadmastodon.com). This is really horrible advice, because what instance you’re on has a big effect on your experience – and for most people, mastodon.social is not a good place to start.
…
[This is an an updated version of the post I originally did last November. I’ve tried to double-check that the links all still work, please let me know if I missed any!]
@fediverse@lemmy.ml @fediverse@kbin.social #TwitterMigration #Mastodon
@thenexusofprivacy @fediverse@lemmy.ml @fediverse@kbin.social I chose infosec because I figured the odds of the admins of such a server is less likely to postpone patching for too long.
That kind of consideration should not be a factor, they should all be secure but on the other hand I don’t know what the solution is. Admins are volunteering their free time.
@badsynthesis Yeah, it’s a challenge. I agree that there should be a basic bar but when it’s a part-time volunteer project for so many admins it’s hard to know how much is realistic.
Also the software isn’t easy to adminster well. infosec.exchange’s a good choice and .the admin is indeed good about patching. On the other hand, set your expectations realistically: last fall infosec.exchange was one of the many Mastodon sites with a misconfiguration that allowed for the downloading and deleting of all files stored on the server (even images attached to followers-only and friends-only posts) and replacing every user’s profile picture.
https://arstechnica.com/information-technology/2022/11/how-secure-a-twitter-replacement-is-mastodon-let-us-count-the-ways/
https://www.alevsk.com/2022/11/system-misconfiguration-is-the-number-one-vulnerability-at-least-for-mastodon/
#TwitterMigration
@fediverse@lemmy.ml @fediverse@kbin.social