I am on Mastodon now

Those who know me, are aware that I am some sort of Hipster. As such, I of course have to be ahead of all the latest trends and topics de jour. In social media, that means that I of course need to have a Mastodon handle. In case you haven’t heard of Mastodon, here’s a short summary:

  • Mastodon is a microblogging service based on GNU-Social
  • Everyone can set up their own instance and then federate with other instances to create a global network
  • Identities are only unique within their instance. Same as email really, where you can have the same name on several domains.

So, what makes this different than, say Identi​.ca, Diaspora and similar things? For once, it already looks much more polished than Diaspora. And then it also manages to overcome quite a lot of the shortcomings that are inherent to the Twitter-clones:

  • There is an expanded limit of 500 characters for each „toot“. That is wordy enough for me.
  • There are two extra timelines that you can see — everyone on the same Instance and everyone else who is somehow connected to the people in your instance. That ensures that you see things happening and get connected to folks right from the start.
  • The federation system gets rid of the pesky free-speech vs moderation clash. More on that later.

So, what is it with the three timelines and the federation system? The basic setup is this: You have a home timeline, which shows everything from those folks you actively follow. You can follow users on your own instance, as well as those who are on any instance that is federated with the one you’re on. That basically means everyone, unless their instance is viewed as so toxic and bad that your admin has decided to get rid of them altogether. In effect, the Home timeline is what you’re used from all the other social networks. 

On top of that, you have a „Local“ timeline. That list shows all the activity from everyone who is a user on the same instance as you. This immediately shows one reason why it is important to choose the correct instance to have your account in: If the instance you join is full of gaming nerds, you will have a very different experience than if it would be full of artists or political activists.

The third timeline is the Federated one. Here you basically see everyone who isn’t local or in your home stream, but somehow connected to one of those people. Friends of a friend so to speak. The exact rules are a bit more complicated, but that is the gist of it.

I really cannot stress how useful I found these extra two timelines. While I have no idea how many people are on the same instance as I am (octodon.local, chosen because the about page is simply spot on to my worldview.),  it apparently is exactly the right size: The local stream is busy, but not too busy. And as a result, people take the time to chime into conversations there and answer open questions. On other social networks, those questions would probably either not be seen, or drowned in the sea of everything else.

Now, with every new tech project, there are of course immediate philosophical differences: One of them is the use of FollowerBots. Those are bits of software that simply follow every person on a different instance that they learn of, making sure that the activity of those people becomes visible in the instance of that bot. As an end result, the bots aim to change the behaviour of that Federated timeline from showing friends-of-friends only to showing everyone. Personally, I am not yet sure if I like this. The upside is that if this bothers you, you can for example join an instance that blocks those bots.

The other issue seems to revolve around censorship and free speech. My own stance is that you can say what you want, but not everyone is required to listen to you. And the federation system of Mastodon allows for exactly this: Everyone can set up their own instance, and everyone can give being heard a good shot. But if you spout stuff that upsets people, they can make sure that you don’t show up in their timeline.

(You should be aware though, that the whole Mastodon concept is not very privacy-oriented. There are lots of loopholes and pitfalls, and server admins can usually read everything on their instance if they absolutely want to.)

Still, the whole Federation system allows for a wide variety of needs on the whole free-speech-vs-censorship spectrum. And that allowance in turn fosters a discussion about these very things, with the results of that discussion ending up in the code and settings of the various instances. (keep in mind that the whole thing is open source after all!)

I think I’ll use Mastodon for most of my daily status update needs for a week or so now, to see where I end up with this. See the results here: https://octodon.social/@JollyOrc

Why I don’t identify as sysadmin anymore

I used to be a sysadmin. And I like to think that I was pretty good at my job. These days, my work is much more managerial with a strong emphasis on communication. The command line and I only meet occasionally, and I have to get help whenever I do something more complicated with regular expressions. Still, I apparently have retained enough skills that the Head of Cloud Operations at my current workplace occasionally says things like „oh, you can do that?“ in a positively surprised tone. But I usually do know my limits and what not to touch.

This is the story of when I failed to recognize my limits.

Knowing that I’m not an admin, this webpage resides on a server that is run by a webhosting company. They worry over security patches, uptime, sensible database configuration and so on, because I know that I’ll probably screw this up. I am allowing myself to change database tables, tinker with some of the htaccess settings and… DNS. That is one of those things that I don’t touch a lot, as there is no need for this on a daily basis.

And thus, I completely forgot about the SPF record when changing the MX entries to support my G Suite setup when I switched hosting last year. As a quick recap, let me quote Google what it’s about:

The purpose of an SPF record is to prevent spammers from sending messages with forged From addresses at your domain. Recipients can refer to the SPF record to determine whether a message purporting to be from your domain comes from an authorized mail server.

Quite the important and nifty functionality. I actually knew of it already, but didn’t realize that the new webhoster had this implemented as a standard. So while I successfully switched all the MX entries, I overlooked the SPF setting.

Alas, there are a lot of email servers that happily ignore a faulty SPF setting, even Google kept receiving emails despite the wrong setting. And you don’t really get an error message on the senders part, because no one talks back to (even only suspected) spammers. So nearly everything seemed fine: I was sending and receiving mails on a daily basis and this configuration error wasn’t discovered for nearly half a year. Only when I started to worry that one email recipient didn’t answer at all and a friend who actually is an admin looked into the matter for me.

So, the lesson here is: The Dunning Kruger effect is sometimes closer to home than you think. Whenever you do something only occasionally, maybe talk to someone who does it regularly, to make sure that technology hasn’t advanced past your own experience in the meantime. And if you use G Suite, here's how to set the SPF correctly.

Gangs & Bullshit

One of the nicest and also to me most intriguing RPG publishers I know these days is Paolo Greco with his Lost Pages. His stuff is whimsy, well made and often bafflingly strange. Where Lamentations of the Flame Princess stuff is heavy-metal gore weird, the Cthonic Codex for example is… odd. Paranoia meets Academentia is a nice explanation for it.

Gangs & Bullshit is the baby he’s carrying now for a while. It is not really a roleplaying game, nor is it a boardgame, and it isn’t „ready“ yet by far. The closest explanation is campaign sandbox with boardgame elements. You do have characters, and you can create them with your favourite (fantasy) game system. But there will also be turns and lengthy meta-discussions where the players plan which single (big) action their characters do each week.

But what is it about, you ask me. Well, the closest literary example would be „The Lies of Locke Lamarra“ — the players have a gang that tries to make money in a city where other gangs do the same. To quote:

Bullshit is screams in the night. Bullshit is a botched job. Bullshit is a corpse found by the city guard. Bullshit is something embarrassing coming known to your enemies. Bullshit happens.

The mechanics are mostly improvisation, some random rumour and encounter roles and helping hints on how to determine what other gangs and opponents are doing.

Personally, I think this game is a blast: The Broken Benches sat in their hideout (a leaky loft) and heard that this other gang wants you to buy several boxes of their cookies. Of course, this couldn’t stand, and shortly afterwards, a bunch of girl scouts got what they had coming…

Surprisingly, this is a game that is equally suitable for the planners as well as for those who just barge into a situation to find out what’ll happen next. A good deal of time can be spent studying the city map and planning where to break in, where to set up diversions and how to handle the minotaur-dung cart. But as you do have the backup of the RPG system of your choice, you can jump into the action at any time and see how things actually turn out.

Keep your eyes peeled, and get it as soon as it is available!

Tales from the Loop Playtest

For all of you who live under rocks: Tales from the Loop is a roleplaying game based on the retro-scifi artwork by swedish painter Simon Stålenhag.

The world portrayed are the 80ies we saw when we watched E.T. or, more recently, Stranger Things. As a result, you will be playing teenagers, or rather: Kids, somewhere between 10 and 15 years old.

We got our picks from easily relateable archetypes: The Computer Geek, the Rocker, the Popular Kid, the Hick and of course the Jock. They don’t get any custom skills like you might expect from games that are Powered by the Apocalypse but instead have slightly different sets of background notes and relationships.

The fun part is that the rules really drive home the idea that you’re playing kids. For starters, there are no combat rules at all, a fact that I actually only realized when the game was over and someone else mentioned it. Rather consequently, the kids can’t die either. Damage is caused by pushing ones limit and handled with an abstract set of conditions that are mechanically shed whenever you take a moment of timeout in a safe space.

As a result, you really get thrown into the kids mindset, even though some of the skills seem to be too broad or too narrow in name and definition, with a confusing overlap at some points. But that is not too bad — unlike the pool system: Nothing is more frustrating than throwing buckets of D6 and not getting a single success (which only sixes count as those).

Anyway: We opted for slightly older kids in the 13 to 14 year old range and had a blast. The kids spied on a scientist, camped on an island, played spin-the-bottle, nearly got torpedoed by a submarine and finally had to tell the truth to adults (which was a believably scary thing!)

If you know the teenager books like The Famous Five, TKKG and similar fare, you’ll feel right at home.