Musings about Mastodon

I’ve always been in love with Infosec Twitter. While I wasn’t active on it... like, at all... I loved reading it. I would retweet stuff every so often, but that’s it. Regardless, I’ve loved it.

Then Elon took over Twitter. And I thought I could make my way through that, I really did. But, I couldn’t. Elon being Elon, he made a tweet celebrating the termination of some of the employees, and that was enough to push me away.

So I shopped around and found a small instance of Mastodon called Infosec Exchange. I joined right away early Saturday morning. There wasn’t anybody from Infosec Twitter, but I felt I could make it work.

Then Kevin Beaumont decided to make a trial move and posted about his move that same day. Maybe an hour or so after I set up an account. And many of the names I loved from Infosec Twitter came too. It’s been a flood since then.

What is Mastodon?

I’m not an expert. By any means of the word, but

I’ll still provide an answer as this is my blog, and then I’ll provide a link to some great resources I found.

Mastodon is a lot like Twitter. I say this because it is a microblogging site like Twitter. But honestly it’s so much more. Let’s start with some of the major architectural differences.

First, it is a decentralized social network. Yeah, that’s a fancy term used for many things and generally annoys me. So what does it mean in the context of Mastodon?

Simply put, there’s not one single mastodon server. Sure, you could try and argue there’s an “official” server in, since that is run by the guy who made the software, but that’s not the point. It’s just one of many servers. Like I said, I’m on There’s also,,, and numerous others.

So that means that when you join a server that has what, 3,000 or 15,000 users, you can only talk to them? Nope. There is a local timeline that is limited to only your instance, but then there is a federated timeline.

I just threw a new term your way, so let me explain. Federation is a means of communication between all the various instances of Mastodon. You see, Mastodon runs on top of something called the Fediverse, particularly a form of it known as ActivityPub.


This crazy federation thing with multiple levels of timelines can seem confusing. If someone makes a Toot (yes, the official term is now Post, but I far prefer Toot for it. Sue me.) how do I know if I’ll see that one? Well, I saw this handy diagram and it’s perfect for explaining that.


Yeah, it is a little complex compared to Twitter. But as a user of Mastodon, you really don’t need to worry about it. You’ll see tons of activity in each of your timelines, although your home timeline start seem barren until you follow around 30 or so people.

Also, don’t try and see this as a Twitter replacement. It’s more than that. In my opinion, it’s better than that.

How do I get started with Mastodon?

If you’re an infosec person like me, then check out Infosec Exchange. There’s more, there’s IOC Exchange and quite a few others. But I really like Infosec exchange and Jerry (the instance admin) has done an amazing job scaling it with the massive influx of users. It’s like joining any other site at that point. And do yourself a favor, set up a unique password and 2FA for it.

If you’re not into infosec, that’s completely ok. Check out Join Mastodon to find a home server for you. It doesn’t necessarily need to be your home server forever, you can move to another one relatively easy (although posts don’t move with you). In fact, it’s a built in feature. Also, I’d recommend against joining the really big instances, they’ve been struggling with the massively increased load from the Twitter migration.

Then.... just use it. Feel free to look me up, @[email protected]. I hope you enjoy Mastodon as much as I have.

Additional Reading

I wanted to provide another section with other good blog posts about Mastodon so you can learn more.

Fedi Tips

Cody Dostal

Cody Dostal