If you are a Mastodon administrator or moderator you should be protecting your admin/moderator account(s) with two factor authentication and a strong randomly generated password stored in a password manager.
More specifically for Mastodon server admins:
- SSH key auth only on all servers, audit which public keys are in your user accounts
- 2FA on domain registrar, DNS and server provider accounts.
The fediverse is a public forum.
Your posts are only as secure as the admins of every instance that your home server federates with, in terms of private and followers-only messages.
If you're going to talk about sensitive information, keep it to Signal or other secure 1-on-1 channels.
Assume that everything you post to the fediverse, is being scooped up by multiple gov agencies around the world.
The Milan scrape was only notable because they made their findings public.
If a university scraping feeds did it, it's safe to assume other, bigger organizations have been doing it for much longer.
User: The printer is showing a message that its jammed, but it can't be.
Me: Opens printer and pulls out 3 sheets of crumpled paper jamming the printer.
Had a lovely evening in #York, the sunset was beautiful!
Sprucing up my personal site.
Any tips and criticism from my fellow Mastodonians?
Thanks in advance.
Friendly Neighbourhood Sysadmin.
This is a mastodon instance that allows users to share ideas and participate in discussions.
We have a hidden service frontend running at: https://whtspshcehqg4nj4wqyiopjcfxradop7ujflycxum7wkfivewqt36zyd.onion
Our code of conduct and extended information can be found after the 'Learn More' link below!