Lain Thought on End-To-End Encryption with AP Characteristics for a New Era

17 minute read Published:

Reading encryption papers so you don't have to

The fediverse has been buzzing with talk about end-to-end encryption. In this (quite long) article, I’ll try to explain what E2EE is, what some common approaches to it are in the instant messaging space, and what I think would be the best way to use it on the fediverse.

(Note: Pictures are just there to break up the boredom. A hotel bar.)

Elixir and Postgres: A Rarely Mentioned Problem

14 minute read Published:

Or: How To Increase Your Elixir/Postgres Performance 20x With One Weird Trick

Last time, we talked about the magic trick to make your full text searches go fast. This time, I’ll tell you about another performance issue I encountered that probably also affects your performance, at least if you are using Ecto and PostgreSQL.

Here’s the story of the interplay between Ecto, PostgreSQL and the PostgreSQL query planner.

Postgresql Search: From the trenches

12 minute read Published:

The good and the bad of using Postgresql for full text search in the real world

Team Pleroma is back from FOSDEM and I finally got rid of most of my Tenshi stickers! The meetup was a lot of fun and we did learn a thing or two. One talk I went to see was this one on the state of full text search in current PostgreSQL. Sadly, it didn’t offer any new information to me, but it’s a good primer on the subject.

Overall, it paints a very rosy picture of full text search in PostgreSQL. With the right indexes, you can do efficient and fast full text searches without Elastic or any other additional component. While this is in general true, the devil is in the details. We have been using PostgreSQL for FTS for a while now in Pleroma, so this article is about all the gotchas, pitfalls and caveats that will ruin your search performance and make your users hate you.

(This image is just to grab your attention, what a wall of text, wow.)

Pleroma 1.0.0

3 minute read Published:

It's happening!

After long months of doing only bugfix and security releases, we are finally releasing the long-awaited 1.0 release. No more nines!

Fighting the Bloat! SSH Support in Pleroma

2 minute read Published:

It's like a BBS but not as cool

Pretty much one year ago, we started fighting the typical Web 4.0 Javascript bloat by adding Gopher support. After a wildly successful 0.999 release, we heard your calls for more debloating. The biggest complaint with the gopher support was the inability to post. So today, we’re taking it a step further: Making Pleroma a BBS.

Pleroma's First Release! 0.9.9

2 minute read Published:

We are doing a release! Finally! Stable, too!

(Hey! Don’t know what Pleroma is? Check out this page!)

The first commit in Pleroma happened 2016, on October 26th. Now it’s a few years and months later, and we are doing our first stable release!

Are you still running develop? That’s so 2018.

How Federation Works

2 minute read Published:

or: Why is my Federated Timeline empty?

A lot of people join our support channel (#pleroma on freenode) with the same sentence: “I just set up Pleroma but federation isn’t working”. Usually, this is not actually true, they just have an empty timeline. What they don’t know is how posts actually get into your instance. This short post is about the mechanisms that can make a post use your instance.

This is Pleroma specific, other fediverse servers may use different systems, although they are all very similar.

Gopher Support in Pleroma

2 minute read Published:

Un-Bloating the Fediverse

As you may already know, Pleroma is high-performance and low-resource fediverse server mean to run even on small devices like a Raspberry Pi.

Still, there is one part of Pleroma that is wasteful to the extreme…

It’s true! Pleroma’s mother allowed it to have TWO frontends, but both are resource-hogging Javascript monstrosities. If you don’t have a ‘modern’ browser that turns your PC into a heater, you won’t be able to see any posts!

So where did we go wrong? I think the problem goes way back. We made a deal with the Devil when we accepted free-form HTML into our systems. The best solution is to not make this mistake anymore, and go back to the future to a better alternative.

And that’s why, today, I’m announcing Gopher support for Pleroma!

Privacy and Tracking on the Fediverse

6 minute read Published:

How much privacy can you expect on the fediverse

Recently, there have been some shocking revelations. Facebook, a company in the business of selling your data to advertisers, had some of its data used illegally by a third party that used it to advertise to you. As people hate nothing more than getting their data misused without Facebook getting a cut, they are now up in arms and want to leave Facebook once and for all.

Media eye seems to have fallen on the Mastodon network as a solution this time. For an example, look at this Washington Post article, The new technology that aspires to #DeleteFacebook for good (19 trackers on the page, including Facebook), in which they tout it as a privacy-preserving alternative to walled-garden company-run networks.

Mastodon BDFL Gargron himself wrote an article with the nice subtitle Perspective from a platform that doesn’t put democracy in peril. He is privacy conscious, so this page only has two trackers.

(Aside: This article contains the delightful phrase “#DeleteFacebook is trending on Twitter.")

In all of these articles, Mastodon (and by extension, the Fediverse) are described as a more private and secure way of posting cat pictures and “please subscribe to my patreon” online. But is this actually true? Let’s check the situation on the fediverse.

What Is Pleroma?

5 minute read Published:

An introduction to the Pleroma microblogging server

In my last few posts I talked a bit about Pleroma. Since then, we had a lot of questions about what Pleroma is, how it is different from GNU Social and Mastodon, why you should use it and so on. This post will be an introduction to Pleroma, so read on if you are interested.

ActivityPub in Pleroma

4 minute read Published:

Implementing ActivityPub in Pleroma

After some work, ActivityPub support will be merged into the develop branch of Pleroma in the next days.

This change will add the following user facing features:

  • Support for Mastodon’s visibility suggestion settings, like private posts and direct messages.
  • Slightly faster federation

Not too much for a few weeks of work. Anyway, here are my thoughts about the whole process.