New York State has finally passed a landmark “right to repair” bill proving American consumers some additional protection from repair monopolies. After some annoying delays created by lobbyists, New York State Governor Kathy Hochul signed the legislation on December 29.
The legislation gives New York consumers the right to fix their electronic devices themselves or have them repaired by an independent repair shop, instead of being forced to only obtain repairs through costly manufacturer repair programs. Groups like Consumer Reports were thrilled:
Marta Tellado, president and CEO of Consumer Reports, said, “This landmark law will save New Yorkers money, provide them with more convenient repair options, and cut down on waste. When your device is broken, you should have more options than a high-priced service or the landfill. The Digital Fair Repair Act will ensure that New York consumers have the choice to fix their own electronic products or have them fixed by a servicer they choose, including those independent of the manufacturer.
The final version of the bill enjoyed rare bipartisan support, passing the state assembly 147–2 and the senate 59–4. To make this happen, the bill doesn’t include vehicles, home appliances, farm equipment or medical devices — all sectors rife with obnoxious attempts to monopolize repair via DRM or by making diagnostics either expensive or impossible.
The final version of the bill stalled on Hochul’s desk as lobbyists attempted to weaken it further. With some success; according to Gothamist reporter Jon Campbell, the final bill strips away language requiring that manufacturers provide consumers, all “passwords, security codes, or materials to override security features,” as well as some additional intellectual property protections demanded by industry.
There are also some additional restrictions that force consumers to buy entire “repair assemblages” instead of being able to buy just the independent parts they need, which advocates say further undermines the law (imagine being forced to buy an entire computer motherboard when just a single component is broken):
It’s still a meaningful win, especially given the massive, well-funded, cross-industry opposition to the bill. Right to repair coalitions put it this way:
Repair supporters are justifiably upset that the law signed bears little resemblance to our original. The governor never made a statement of her intent, but it’s clear now that she never wanted the bill to include more than cell phones and laptops purchased at big box stores. At the same time, we know that lobbyists had her ear – and TechNet in particular has clearly had the most influence. But it still moves the ball forward so we’ll take our fight to the next level elsewhere.
So it’s nowhere near the landmark bill it professes to be, but it’s still a step forward. While it’s been a fairly dark decade for U.S. consumer rights, the “right to repair” movement’s shift from niche to mainstream continues to be one of the more promising trends in recent memory.
Pretending that you’re actually fixing the world’s privacy and national security issues by banning TikTok is just so very hot right now. Numerous states have passed new rules banning TikTok on government employee devices. And Marco Rubio has proposed a federal law that would ban TikTok unless ByteDance is willing to sell the popular app to an American company (presumably GOP-aligned Oracle).
Joining the festivities is University of Oklahoma, which this week announced its own ban of TikTok on any and all campus devices and networks. The university vaguely waves in the direction of “ongoing national and cybersecurity concerns with the TikTok application,” but doesn’t actually explain what the ban is supposed to accomplish:
In compliance with the Governor’s Executive Order 2022-33, effective immediately, no University employee or student shall access the TikTok application or website on University-owned or operated devices, including OU wired and wireless networks. As a result of the Executive Order, access to the TikTok platform will be blocked and cannot be accessed from the campus network. University-administered TikTok accounts must be deleted and alternate social media platforms utilized in their place.
As with the other bans, this is mostly a dumb performance by people who don’t actually care about user privacy. The app will continue to be used on employee and student personal phones, meaning nothing actually changes outside of the fact that students and employees won’t be able to access the site when connected to campus Wi-Fi. The net gain of such a ban is fairly negligible.
Yes, there have been concerns about TikTok and ByteDance sharing user data with the Chinese government. But singularly focusing on TikTok as the root of all evil in a reality where most peoples’ phones are jam-packed with services and apps from around the world that are every bit as privacy intrusive as TikTok.
The last five years have shown there’s simply no limit of app-makers, telecoms, hardware companies, services, and data brokers that hoover up every last bit of data from your phone, from how many milliseconds you spent on a website, to the exact route you take to work each morning.
Those companies then routinely do a terrible job securing that data, often hiding under the false claim that “anonymizing” it (a meaningless term) magically protects your identity from any shenanigans. As such, it’s pretty easy for the Chinese government (or any other government) to buy access to vast troves of data to build detailed profiles on American consumers, even if you ban TikTok.
Which is why singularly focusing on TikTok alone is so stupid. Most of the Republicans suffering embolisms about TikTok have opposed absolutely any guardrails on consumer data collection and monetization. They’ve opposed even a basic new privacy law for the Internet era. They oppose staffing and funding FTC privacy regulators. They oppose accountability of any kind for most executives.
These policymakers literally created the zero accountability environment that allows TikTok (and everybody else) to violate consumer trust. Banning only TikTok doesn’t fix it. Forcing TikTok to partner with Oracle (a company with its own dodgy history of privacy abuses) doesn’t fix it. Forcing students to browse TikTok on private cellular networks (where consumer tracking is also rampant) doesn’t fix it.
I’d go so far as to argue these bans aren’t even about protecting consumers from TikTok privacy abuses. It’s mostly about pretending to a xenophobic GOP base that the GOP is being “tough on China.” While simultaneously laying the groundwork to force ByteDance to sell TikTok to some GOP-allied company, likely Facebook, Oracle, or Walmart (recall this was Trump’s cronyistic plan all along).
Because let’s be honest: most of these folks are perfectly fine with rampant privacy abuses as long as it’s U.S. companies profiting off of it and the US government doing the surveillance. Actual consumer privacy doesn’t really enter into it.
Yet when I read mainstream media coverage of these TikTok bans, absolutely none of this context is even mentioned. At no point are readers informed that this is just a bad faith performance. If U.S. policymakers actually cared about privacy, we’d properly fund the FTC. We’d pass a privacy law. We’d embrace real penalties for companies and executives that fail to secure user data.
We’re not doing any of that. Instead, GOP policymakers (like FCC Commissioner Brendan Carr) are putting on a zero-calorie performance for cable news, declaring mission accomplished with a dumb, constipated look on their face.
NSO Group isn’t the only phone malware firm to draw international attention. Sure, NSO’s decision to sell to human rights abusers and aid/abet surveillance of journalists, lawyers, government critics, and political leaders drew the most attention, but there were others. And all of these malware purveyors seem to have sprung from the same source: spies whose last employer was the Israeli government.
NSO Group and its lesser known competitor, Candiru, managed to secure themselves sanctions from the US Commerce Department. In addition, NSO found itself targeted by the very government that allowed it to flourish before the bad press started rolling in.
Meanwhile, another exploit developer flew under the radar, only surfacing occasionally until it finally found itself at the center of a surveillance scandal. Cytrox, owned by Intellexa, sells its Predator malware to government agencies around the world. One of those customers was the Greek government, which apparently used it to target leaders of opposition parties — the sort of thing people generally don’t want allegedly democratic governments to be doing.
Following the resignation of the head of the Greek government’s intelligence service, the government finally decided to start policing itself. But, instead of erecting rules preventing this sort of abuse, it amended its surveillance laws to make it easier for the government to plausibly deny engaging in abuse of its surveillance powers. The stated goal was more transparency. The end result was something else entirely, even if it did finally provide potentially surveilled Greek citizens with an avenue to obtain information about domestic surveillance efforts.
Perhaps this is just a minimal effort meant to make the Greek government look a little less authoritarian, but it’s still surprising. According to this report from Haaretz, Cytrox is now facing the sort of scrutiny that involves armed officers breaking down doors and seizing anything they can find.
Greek police raided the Athens offices of the Israeli company behind the Predator spyware on Tuesday, local media reported, the latest turn of events in a months-long wiretapping affair that has rocked Greece over the past several months.
The offices of Intellexa, the Israeli-owned spyware company, and five other firms were raided by police in the Greek capital, Kathimerini reported on Tuesday. The raids also targeted the company executives’ homes.
The raid of the offices is unexpected. That this was extended to the homes of executives shows the Greek government is possibly aware the offices may have been cleansed of anything incriminating shortly after news broke of the illegal domestic surveillance.
It may also be an indication the government realized the surveillance scandal wasn’t simply going to evaporate into the news cycle ether. More bad news arrived shortly before this raid.
On Sunday, Greek newspaper Documento released a dossier revealing that dozens of acting ministers, military leaders, businessmen and media figures were also under surveillance.
Pretty much NSO Group, in other words. Give governments powerful surveillance tools capable of compromising phones and you should expect, at minimum, periodic abuse. The tools are too powerful and too tempting to be used only for the objectives stated when acquiring the malware. You know, things like criminal investigations of violent crimes or protecting the nation against terrorist attacks. Once acquired, governments — even those not considered to be habitual rights abusers — tend to target anyone deemed a threat to leaders’ job security, which is not nearly the same thing as national security.
Haaretz also reports Cytrox/Intellexa is being sued by Thanasis Koukakis, an investigative journalist apparently targeted by the malware. It’s not a civil suit. It’s a set of criminal accusations, filed with prosecutors in Athens.
That being said, there will be no day of reckoning for these governments or the tech companies who sell them the exploits they abuse. There will be case-by-case wins, but rest assured, the nasty business of malware development will continue. There are far too many well-paying customers out there, many of which appear to desire better ways to keep an eye on people governments don’t like, all while trying to maintain the pretense these acquisitions are necessary to securing nations and ensuring public safety.
It’s been interesting to watch over the last few months as tons of people have migrated from Twitter to Mastodon (or similar compatible ActivityPub-based social media platforms). I’ve noticed, however, that some people keep running into the same issues and challenges as they discover that Mastodon is different than what they’re used to with Twitter. There are a few tips and tricks I’ve been sharing with various people that seemed pretty broadly applicable, so I figured it was worth doing a post laying them out.
A couple of quick things to note: these are unlikely to be universal. It’s just a few of the things that I’ve found that take the Mastodon experience to a new, better, more useful level. In other words, yes, this is highly subjective. Also, some of the tools I’m discussing are relatively new, often developed by users who saw the need and decided to build something (again, this is something that’s nice about the open platform that enables anyone to see something that they feel can be improved… and improve it). This also means that it’s highly likely that there will be even more of these kinds of tools and add-ons from others in the near future, and they may surpass most of the suggestions here. This isn’t meant to be a comprehensive list.
Separately, there are a million “how to get started with Mastodon” posts and articles out there. If you’re brand new to Mastodon, I highly recommend checking those out first to get the basics down. This post is more about taking your Mastodoning to a new level. Perhaps the most comprehensive guide is found at Fedi.tips. A few other good beginner posts are Adam Field’s post on Medium, Dell Cameron’s guide at Gizmodo, Tamilore Oladipo’s guide at Buffer, Amanda Silberling’s guide at TechCrunch, and, finally, Noelle’s wonderful GuideToMastodon.com, which kicks off with the same advice I’ve given tons of people: DON’T PANIC. You’ll figure it out. Lots of people have and so will you.
All of those should give you a pretty good basis for understanding Mastodon, and (in particular) some of its differences from Twitter, which seem to be the things that trip people up the most.
Finding people to follow
My biggest “beginner” suggestion is to find and follow a few fairly active accounts, and then when they “boost” someone interesting, follow those people as well. If you’re trying to “migrate” from Twitter, there are a bunch of tools to try to find the people you follow there, including Fedifinder and Debirdify, but the one I found to have the cleanest interface, and the most useful (and allows one-click following) is Movetodon.
If you’re looking for new people to follow around a particular subject, there are a variety of lists out there, including Trunk, Fediverse.info, Fedi.Directory, and PressCheck.org (which verifies journalists, specifically).
A very cool tool I only recently discovered is Followgraph. You put in your Mastodon handle, it looks up all the people you follow and all the people they follow, and then recommends to you the people who lots of your followers follow, but you don’t… It’s pretty useful in surfacing people I might want to follow (though it also surfaces some people I know about but deliberately don’t want to follow).
I also, generally, recommend not cross posting between Twitter and Mastodon, but there are perfectly good reasons to ignore this suggestion. My thinking on it is that this is somewhere different, and you should learn to use it “natively.” Also, it feels like many people set up a cross-poster and then go off and ignore Mastodon, so their accounts are sort of zombie accounts.
Advanced view
This is probably the tip that is most well known and most commonly suggested for going from Mastodon beginner to expert. If you go into settings and click the box to “enable advanced web interface” then you end up with a multi-column interface.
For people who are familiar with Tweetdeck, the unfortunately long-neglected, multi-column Twitter app that initially made Twitter super useful, was purchased by Twitter, and then basically languished, that’s what you effectively get with the advanced web interface.
There are a few tricks to making this interface more useful as well. The left most column is for search (more on that in a bit) and posting. The right most column is basically the “active” column. This takes a little getting used to, but once you figure it out it makes sense. It can be the “getting started” menu (this is what it is when you first log in):
However, if you click on a particular post to see a thread or replies or whatnot, the post you click on takes over this column. This is a bit different from Twitter/Tweetdeck, but kinda makes sense once you get used to it, as it leaves your other columns in place. To get back to the menu, you can click the “hamburger” menu button that is in the left-most column. It may be a little confusing to have to click something in the left-most column to get the right-most column to go back to the menu, but (again) if you think of the right-most column as the “active” column, it makes sense.
Make use of lists
This is a useful feature whether or not you use the advanced view on Mastodon. If you follow enough people that there is a relatively active flow of new posts, I’ve found that lists are a super useful way to focus in on more interesting stuff, without it becoming overwhelming. This is the same thing that I did with Twitter in the early days, creating a series of “lists” of users, so I could narrow down what I’m following for specific purposes.
In my case, I’ve created four lists: “must read,” “journalism,” “law,” and “tech.” These should be somewhat self-explanatory, but I put the accounts I want to make sure I don’t miss into “must read” and those are usually the first thing I’ll check when checking in on Mastodon. Then I’ll bounce between the other lists and the home feed (of everyone I follow). I do not use either the federated feed or the local feed, as they are (for me) firehoses of noise. On some smaller, more focused, servers, I think the local feed can be quite useful, but for most major servers, it’s mostly useless.
I have seen some new Mastodon users focus on the local and federated feeds, and then get frustrated. I think it’s generally best to ignore the federated feed entirely, and only use the local feed on more tight-knit focused servers.
In the advanced web view, lists are even more powerful, as you can pin them and see all of them next to each other. This is also a little confusing at first, but if you create a list, and then access it (via the “getting started menu” where you click on “lists” and then the list of your choice), you then need to “pin” the list to have it show permanently in the advanced web view. You do this by clicking the slider settings button, followed by the “pin” button:
Once “pinned” you can then move the column left or right in the advanced view with the arrow buttons:
The list interface in Mastodon isn’t the best, and I highly recommend the Mastodon List Manager app, written by Andrew Beers. It has a somewhat simple interface, but it works so much better than the built in list interface. Beers’ app shows all of the people you follow in a giant list, and then puts any list (and you can create new ones directly in the interface) as a kind of grid next to the names of those you follow. You can then check off what lists (if any) you want to put the people you follow onto. It’s very simple, and it just works (for what it’s worth, I ran into a few bugs with it, and Andrew was quite helpful in getting them sorted out and fixed).
This setup makes it super easy to create lists and assign people you follow to various lists. It’s way easier than Mastodon’s built in setup.
There are some limitations to lists. Currently, (unlike Twitter) there really isn’t a way to make your list “public” or to share it. You can export the list as a CSV and in theory share that, but it’s much more complicated than Twitter’s ability to make a list public and have other people follow it. Also, I’ve seen a number of people complain that (again, unlike Twitter) you can’t add users to lists who you don’t follow. I’ve never used that feature on Twitter myself as the people I put on lists are always people I already follow, but some people like to do that to keep tabs on certain people/topics without having to “follow” them in their main feed.
Better UIoptions
Even as useful and helpful as the advanced web UI is, there are alternative interfaces as well. Most of the really unique efforts are on mobile, and not with the “official” Mastodon apps. I highly recommend checking out a few such apps to figure out what works for you. I use Tusky on Android and find that it works for me, but I hear good things about many other options. And, it sounds as though a bunch of developers are working on even nicer iOS apps as well (the folks who made the popular Tweetbot for Twitter are working on one called Ivory that lots of people are talking about).
However, for regular desktop use there are some additional options as well. I’ve played around with Sengi, Whalebird, TheDesk, and Hyperspace, and none of them really did much for me, to be honest. The advanced web interface struck me as better for me, personally, than any of those apps.
However, there is one other interface that I really like: Pinafore.social. It is not a downloadable desktop client like those above, rather it’s simply an alternative web interface for your existing Mastodon account, that is very clean, and very simple. It has a Twitter-like feel to it, and the site is quick and responsive. If you like a very clean interface better than a more cluttered one, you may like Pinafore quite a lot. Here’s a screenshot of what it looks like on my account:
You can access your notifications or your lists (via the “Community” tab) and it’s all quite nice. I use it probably 30% of the time, though I still use the advanced web interface more of the time. However, when that gets overwhelming, sometimes it’s nice to just switch over to Pinafore and have the cleaner interface.
In an ideal world, I’d love to see what Pinafore’s developer, Nolan Lawson, would do if he created an “advanced web view” version of Pinafore, but on the site he claims it’s not on the roadmap to create a multi-column view version (though I still wish someone else might take the idea and run with it).
This is another area that I’m hoping we’ll see a lot more development in over the next few months, as it’s a wide open space, and the nice thing about such an open system is that anyone can design an interface or app for it.
Extensions
There are some really useful browser extensions that make Mastodon much more useful. I know that some people shy away from browser extensions, especially as they may represent a security risk. But if you’re okay with it (and the main one I’m recommending makes its source code available for people to review), they make things quite useful.
The main extension I recommend is FediAct. One complaint I’ve seen from some users is that if you end up on a Mastodon post on a different server, it’s a little bit complicated to interact with it. This is where the nature of federation feels a little complicated, though it’s not that difficult once you understand it. If you view content from other servers through your own server, you can easily interact with it, because that content has effectively been copied over to your server, and your interactions link back with the original.
However, if you end up on a different server entirely, that server doesn’t know you’re logged into a different federated server, and therefore can’t interact directly. Instead, you have a couple of choices on how to interact, with the most basic one being that when you click to do something, it will ask you to indicate your own Mastodon instance address before effectively moving you over to interact with it on your own server. It’s clunky and a little bit of a nuisance.
Apparently, there was a period of time where Mastodon had built in tools to get around that, but people quickly realized that’s a pretty big security problem, as you’re effectively opening up a cross site scripting hole.
FediAct, however, allows you to do this while controlling it directly in your browser, and making Mastodon work the way most people think it should work. You plug your own instance into the extension, and then if you end up on a different server, you can still like and boost posts just like you could on your own server. It works and is nice and solves one of the bigger headaches people have with Mastodon’s federated setup.
There’s a separate extension called Roam that some people have recommended, which does some of the same things as FediAct regarding interacting with people on other servers. It also has a bunch of other features, including making it easier to post to Mastodon from anywhere, and to schedule posts to show up at a later date. It’s got a very clean interface and looks nice, but I haven’t really done much with it so far.
Hashtags
One of the things people often remind newbies on Mastodon about is that there is no text search: just users and hashtags. Some people find this frustrating (perhaps for good reason), but it does encourage people to make better use of hashtags (something I often still forget to do). That said, there is a nice (relatively new) feature on Mastodon: the ability to follow hashtags. If you find a hashtag that you want to follow, you can follow it just like you would follow a person:
This can be useful if you want to follow a particular topic more than just a few individuals who tweet about that topic. Unfortunately, it appears you cannot yet add hashtags to lists, which would be really helpful and hopefully will be an upgrade at some point soon.
Alternative platforms
As lots of people will remind you, Mastodon is just one implementation for ActivityPub, and there are lots of others. Some of those are designed to create totally different services (like PeerTube and PixelFed), but some of them are just alternative, but usually compatible, takes on creating a microblogging setup. Some of these are forks of Mastodon’s open source code, whereas others appear to be built separately from the ground up, but still made compatible (somewhat) with Mastodon, so you can still follow and communicate with the folks rushing to Mastodon while potentially actually not using Mastodon at all.
There are some forks that are more minor changes to Mastodon, like Hometown and Glitch. Hometown makes very minor changes to Mastodon with things like better list management and better rendering of rich text. Glitch adds a lot more like, better formatting tools, hiding follower counts, a better threaded mode and more.
Then there are just generally alternative takes on microblogging that either are built on or cooperate with ActivityPub. Some of these are more lightweight than Mastodon, and many have more features. This includes things like Pleroma, friendi.ca, and Misskey (which also has forks like Calckey and FoundKey). There are a bunch of other ones as well, and each has some different features, including some features or UI options that people feel are missing from Mastodon.
If you’re finding that Mastodon just isn’t doing it for you, it might be worth looking at the feature sets and UIs of these other platforms to see if they’re more your speed. For the most part, you’ll still be able to communicate with everyone on Mastodon… just via a non-Mastodon server (though sometimes they still call themselves Mastodon, just because).
There are, also, instances that have changed the feature set directly. For example, while the default Mastodon post is limited to 500 characters, there are a bunch of servers that have expanded that. For example, I’m pretty sure that infosec.exchange (a popular instance for the infosec crowd, obviously, that I believe is running the Glitch fork) allows for posts up to 11,000 characters. Or there’s qoto.org, which basically would let you post a novella with a limit of 65,535 characters. It has also implemented quote tweet functionality (all of the “key” forks have this as well), rich text, and actual full text search.
In short, even if there are features you think are missing from Mastodon itself, there may be other instances that have already implemented them, or if you’re technically proficient, you may explore setting up your own alternative instance.
One thing to note: there are (reasonable) complaints from people on smaller instances that some of those may not function as well, as the federated nature of Mastodon means that certain content is effectively excluded from those servers. This creates some problems, and while there are some attempts to solve them (with things like relays) there definitely are some downsides to joining a tiny instance. Of course there are some downsides to joining a giant instance as well. Once again, hopefully these are solvable problems, but did want to flag it for people rushing off to join different instances.
Conclusion
Again, this is not intended to be a comprehensive list, but it does show a bunch of tools, features, and services that I’ve found useful in getting around some of the limitations of Matodon that seem to frustrate some users, and to make this open, federated, social network much more useful.
Sam’s Club is a membership warehouse club, a limited-item business model that offers members quality products at an exceptional value unmatched by traditional retail. From groceries and kitchen supplies to electronics and furniture, Sam’s Club has great deals on the items you want! By redeeming and signing up as a member, you’ll be paying just $70 for a 1 year Sam’s Club Plus membership (normally $110) that automatically renews annually.
Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.
Telecom and media giants are running a sleazy year-long smear campaign against Biden FCC nominee Gigi Sohn aimed at miring the agency in perpetual consumer protection gridlock. The attacks have been carefully seeded across the US press through various think tanks and nonprofits, and falsely accuse Sohn of everything from hating police to being an enemy of rural America. The lies are baseless, but have proven effective enough to stall Senate confirmation.
Gridlocked at an even 2-2 commissioner split, the FCC can’t do absolutely anything deemed controversial by industry or its loyal GOP allies, including reversing many of the most unpopular Trump era decisions on net neutrality or media consolidation rules. There are also indications that the FCC may be unable to impose any fines for the wireless industry’s rampant abuse of wireless consumer location data:
Mobile carriers, including AT&T, Verizon, and T-Mobile, could temporarily avoid paying $200 million in privacy penalties because of the Federal Communications Commission’s partisan split, according to a report from The Wall Street Journal. Sources familiar with the situation told the WSJ that the FCC, which has two Democratic commissioners and two Republican ones, needs one more vote of approval to levy the fines, and both Republican members haven’t voted yet.
One obstacle is FCC Commissioner Brendan Carr, who spends the lion’s share of his time going on the television to complain about TikTok, despite the fact he doesn’t actually regulate social media. Carr’s performative concerns about privacy very rarely extend to the telecom sector he actually regulates, despite telecom’s long, rich history on this front.
Activists for years have warned about the obvious threat of over-collection and sharing of sensitive consumer wireless location data, be it gleaned from your mobile phone or apps. Now, post-Roe, it’s all but guaranteed this and other data (search histories, app usage) is going to be used by states (and potentially vigilantes, since this data is often easy to purchase) looking to target abortion seekers and those who help them.
Most companies claim that collecting this data isn’t a big deal because it’s “anonymized,” despite the fact that studies keep showing that word means nothing. Telecom giants often claim they don’t sell this kind of data, but that’s generally found to be a lie (they just call the practice of bundling and transferring and selling it to others something else). Not surprisingly, abuse of this paradigm was rampant.
Keep in mind that the FCC’s belatedly doing the bare minimum here. Wireless giants collected and sold sensitive location data to any nitwit with a nickel for decades, hoovering up countless billions in additional revenues over the entirety of their operational histories. The FCC’s proposing a $200 million fine that will probably be negotiated down by lawyers.
A good chunk of the FCC’s privacy rulemaking authority was stripped away when the GOP and telecom sector gutted FCC broadband privacy rules in 2017. Now efforts to do the bare minimum on privacy is stalling out because industry has managed to gridlock the nation’s top telecom and media regulator.
Assuming Sohn is re-nominated in the new year, it will likely be until sometime in the middle of 2023 that she’s seated at all. The FCC will then have a year and a half before the next presidential election to implement any reform; an extremely tight window that surely pleases industry giants looking to keep the FCC on the consumer protection sidelines in perpetuity.
I know, I know. Some of the more angry commenters around here keep insisting that I should stop talking about Elon Musk and Twitter, and I want to do exactly that. I planned to do exactly that and not write another post about it all until next week. And then… Twitter crashed hard last night. Downdetector has the receipts:
Here’s what happened when I went to visit Twitter:
I especially like that “it’s not your fault” bit, because, well, yeah. It’s not.
As I write this, there hasn’t been anything official about what happened, but I’m assuming that Elon will show up at some point to blame the “woke mind virus” or the federal reserve or SBF or Anthony Fauci.
And, it may be a total coincidence, but it was just four days ago that he bragged about pulling the plug on an “important server rack.”
Separately, there have been reports that Musk decided (with little to no notice, and almost no planning) to shut down its Sacramento data center and massively downsize their Atlanta data center. Twitter only has one other data center in the US, in Portland, Oregon. Twitter’s use of data centers rather than the cloud is something that’s been discussed over the years, and two years ago the company did sign a deal to start using Amazon Web Services, though I don’t think the company relies too heavily on it yet, and the first link in this paragraph notes that Elon has been trying to renegotiate the AWS contract as well (which might mean he’s also stopped paying the bills as he seems to have done that with many vendors as part of his “renegotiation” efforts).
Separately, I’ve heard from three separate people that Elon more or less ordered the shutdown of the an entire data center (presumably the Sacramento one) with basically one day’s notice and no planning.
And, with that in mind, I’ll remind people that one part of former Twitter security chief Peiter “Mudge” Zatko’s whistleblower report noted that the company had a deep need for more redundancy, not less:
Insufficient data center redundancy, without a plan to cold-boot or
recover from even minor overlapping data center failure, raising the risk of
a brief outage to that of a catastrophic and existential risk for Twitter’s
survival
That report also presented a redacted version of the “threat matrix” Mudge claims he wanted to show the Board, though was urged only to give a high level overview, orally, rather than present a more complete written report. It again notes that a data center failure could be catastrophic.
Later in the report, Mudge notes that this almost happened in the past:
Cascading data center problems: In or around the spring of 2021, Twitter’s
primary data center began to experience problems from a runaway engineering
process, requiring the company to move operations to other systems outside of this
datacenter. But, the other systems could not handle these rapid changes and also
began experiencing problems. Engineers flagged the catastrophic danger that all
the data centers might go offline simultaneously. A couple months earlier in
February, Mudge had flagged this precise risk to the Board because Twitter data
centers were fragile, and Twitter lacked plans and processes to “cold boot.” That
meant that if all the centers went offline simultaneously, even briefly, Twitter was
unsure if they could bring the service back up. Downtime estimates ranged from
weeks of round-the-clock work, to permanent irreparable failure.
“Black Swan” existential threat: In fact, in or about Spring of 2021, just such an
event was underway, and shutdown looked imminent. Hundreds of engineers
nervously watched the data centers struggle to stay running. The senior executive
who supervised the Head of Engineering, aware that the incident was on the verge of taking Titer offine for weeks, months or permanently, insisted the Board of Directors be informed of an impending catastrophic “Black Swan” event. Board
Member [REDACTED] responded with words to the effect of “Isn’t this exactly
what Mudge warned us about?” Mudge told [REDACTED] that he was correct. In the end, Twitter engineers working around the clock were narrowly able to stabilize the problem before the whole platform shut down.
That’s not to say that this has anything to do with the outages last night, but at the very least there are strong arguments that Twitter’s infrastructure is inherently fragile, and shutting down “sensitive” server racks or closing down entire data centers without careful planning seems like the sort of thing that could, well, backfire pretty badly.
Meanwhile, the only comment so far from Musk appears (it’s tough to know because Twitter only loads intermittently) is him responding to someone saying “works for me” when they asked about site problems. Also, in context, Musk is replying to a joke about the site being down, rather than a legitimate concern (someone asks if anyone can see or respond to their tweet, and one of Musk’s biggest fans tweeted “I can’t see or respond to it” (obviously making light of the whole thing) and then Musk responds with “works for me.”
So it’s not entirely fair to say this is a comment directly about the widespread outages. Assuming Musk realizes Billy is joking, then… it could just be a weak attempt at playing along? But here’s the actual funny part. The Guardian has an article about Musk’s tweet saying stuff “works for me” except that stuff isn’t working, because the Twitter embed is not showing properly, but instead is showing in failover mode, where if the embed won’t load it just shows the alt-text in as “tweet-like” a form as possible. This screenshot is just pure irony.
I eagerly await the comments from folks who were insisting to me just yesterday that Twitter under Musk was functioning much better than before, and that this all proved he was right to get rid of approximately 75% of the workforce who obviously did nothing…
Oh and just as this post was being completed, Elon has a new story, claiming that Twitter was just rolling out “significant backend server architecture changes” and that “Twitter should feel much faster” (it doesn’t, unless you’re talking about the difference from not working at all… to kinda working some of the time?).
Even if that was the cause of the outage (and… I’m doubtful), that still raises all sorts of questions about how the company prepared for the switchover, if it caused such a massive disruption in the process. That’s… not how any of this should work.
