How secure a Twitter replacement is Mastodon? Let us count the ways

 In Biz & IT, mastodon, Security, Twitter, vulnerabilities

How secure a Twitter replacement is Mastodon? Let us count the ways

Serving the Technologist for more than a decade. IT news, reviews, and analysis.
How secure a Twitter replacement is Mastodon? Let us count the ways

Enlarge (credit: Getty Images)

As Elon Musk critics flee from Twitter, Mastodon seems to be the most common replacement. In the last month, the number of monthly active users on Mastodon has rocketed more than threefold, from about 1 million to 3.5 million, while total number of users jumped from about 6.5 million to 8.7 million.

This substantial increase raises important questions about the security of this new platform, and for good reason. Unlike the centralized model of Twitter and virtually every other social media platform, Mastodon is built on a federated model of independent servers, known as instances. In this respect, it’s more akin to email or Internet Relay Chat (IRC), where security depends on the ability and attention of the admin who configured it and maintains each individual server.

The past month has seen the number of instances mushroom from about 11,000 to more than 17,000. The people running these instances are volunteers who may or may not be versed in the nuances of security. The difficulty of configuring and maintaining instances leaves plenty of room for mistakes that can put user passwords, email addresses, and IP addresses at risk of being revealed (more about that later). Twitter security left much to be desired, but at least it had a dedicated staff with a deep background in security.

Read 25 remaining paragraphs | Comments

The demise of Twitter’s security and privacy teams has people looking for alternatives.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt