Social media has become part of our daily lives. It allows us to connect with our friends and family, meet new people, follow our favorite content creators, and even run our own businesses. It is a place for learning, sharing, and entertainment. Such platforms have also went a step further and created algorithms to enhance user experience and curate content based on the user's activity. However, with all of this content and information flowing back and forth, users personal data is getting abused for profit, with that practice, social media has become a business fuelled by our private data without our informed consent.
The usual centralized social media platforms that we use in our daily lives, like Meta's Facebook, Instagram and X (Twitter), have held power over our data for years, all the while we believe that our data is private. So what's the solution? We need a place where all our information and activity don't go back to a central point of power, a place that is transparent over how our data is being stored and controlled, and a place that can ensure the privacy of this data. A perfect solution that checks all the boxes is the decentralized, Open Source social media platform known as Mastodon.
Enter Mastodon
Mastodon is a decentralized social networking platform like X (Twitter), this platform is built on a protocol called ActivityPub that allows cross-platform communication with the Fediverse. The Fedivese (a term coined by combining Federation and Universe) is a collection of decentralized social networking platforms that can communicate with each other through a common protocol. Through the Fediverse, people from different decentralized networks can share content and messages with each other without being beholden to a specific platform.
As the Fediverse is decentralized without a single owner over the network or the data, users have more control over the information they share without the fear of censorship over the content they post. Therefore, users on the Fediverse network have the benefit of free speech unlike those on the centralized platforms which are controlled by both the site administrators and governmental rules.
Additionally, with no central owner of the data comes the freedom from tailored advertisements that are cut from the cloth of user privacy. Almost every centralized social media platform used today makes its profit from selling user information such as the user activity to ad companies. The Fediverse eliminates the possibility of this exploitation by not giving control over the user's data to a central authority.
And since the platforms on the Fediverse are Open Source, the user is granted even more transparency over how the data is being stored, used, and transferred.
How does it work?
To make communication possible over the Fediverse network, a communication protocol needs to be used, this is where ActivityPub comes into play. ActivityPub is both a protocol and an open standard used by the Fediverse. It provides two forms of communication, a client-to-sever API that is used by both the users and services to communicate with the decentralized server and a server-to-server protocol that is used to share information between different servers. ActivityPub uses ActivityStreams as a format which is an open format, it can be simply read as JSON data.
ActivityPub records have 3 main data types:
Objects: the Object data type is the content, it can be text, image, video, locations or events.
Activities: the Activity data type is the action performed, like creating, modifying or deleting an object.
Actors: The actor is the entity responsible for doing the activities, it can be a user, a group or a service.
All ActivityPub records include a "@context" attribute, that references ActivityStreams for format, and a "type" attribute that determines the data type of the ActivityPub record. A user's record would look like this:
{
"@context": "https://www.w3.org/ns/activitystreams",
"type": "Person",
"id": "https://social.example/johndoe255/",
"name": "John Doe",
"preferredUsername": "johndoe255",
"summary": "Software Engineer at XYZ",
"inbox": "https://social.example/johndoe255/inbox/",
"outbox": "https://social.example/johndoe255/outbox/",
"followers": "https://social.example/johndoe255/followers/",
"following": "https://social.example/johndoe255/following/",
"liked": "https://social.example/johndoe255/liked/"
}Each actor on the Fediverse has an inbox and an outbox. The inbox and outbox of an actor are just end points that both the actor and the server can communicate with in order to receive and send data.
When an actor wants to send a message or make a post, they would send an HTTP POST request to the outbox with the object. The server would query the outbox to get a new ActivityPub object using an HTTP GET request, if there is an object then the server would determine the type of the object. If it is a post, then it shares it, if the object is a message then the server will send object to the recipient’s inbox using an HTTP POST request, meanwhile the user would be continuously querying their inbox using HTTP GET requests for new objects (messages).
If an actor wanted to send a message to another actor, the message record added to the inbox of the actor would be something like:
{
"@context": "https://www.w3.org/ns/activitystreams",
"type": "Note",
"to": ["https://social.example/maxmaxwell/"],
"attributedTo": "https://social.example/johndoe255/",
"content": "Hey, how are you?"
}This message is encapsulated with a Create activity and added to the inbox of the user:
{
"@context": "https://www.w3.org/ns/activitystreams",
"type": "Create",
"id": "https://social.example/johndoe255/posts/c1763ab5-b1ed-4a81",
"to": ["https://social.example/maxmaxwell/"],
"actor": "https://social.example/johndoe255/",
"object":
{
"type": "Note",
"id": "https://social.example/johndoe255/posts/c1763ab5-b1ed-4a",
"to": ["https://social.example/maxmaxwell/"],
"attributedTo": "https://social.example/johndoe255/",
"content": "Hey, how are you?"
}
}Once the server queries the message from the inbox, it will find the recipient’s actor record and add the message object to their outbox so they can read it. If the recipient’s inbox is located on another server in the Fediverse network, then the server will have to communicate with the recipient’s server to achieve cross-server communication between actors.
In case a user wants to create a post with an image, the record added to the user's inbox will be a Create activity that includes an image object. This record is received by the decentralized server, then displayed on the user's profile and on the feed. If the server is synced with other servers, this record is also shared with those other servers using the server-to-server federated part of the ActivityPub protocol to synchronize the records between them.
The synchronization between servers occurs in a process called "Delivery", in which the sender's server forwards the post/message to other servers on the same network. The messages are sent to the recipient’s inbox on the recipient’s server, whereas the posts are usually added to a shared inbox between the servers that can be queried by all the servers on the network.
Using this cross-platform messaging or cross-server synchronization in the Fediverse raises privacy concerns, for example while you may trust the decentralized network you are a part of, the same cannot be always said for other connected networks which will have access to the shared data. However, you still have the luxury of choosing which networks you want to communicate with and which do you trust to maintain your data.
Another solution would be the solution we talked about earlier: Mastodon! While you can join an already built Mastodon network to be a part of the Fediverse. You can also host your own instance of Mastodon. Doing so will give you full control over the data you send, receive and store, as well as the servers you want to sync with. You can also invite others to join your instance to ensure that the communication and the content being shared on the platform is under your supervision and control. Nevertheless, the security of this data will fall under your responsibility.
Platforms other than Mastadon have entered the Fediverse and provided a greater variety of solutions. If you are looking to host a microblogging platform, like Mastadon, with minimal resource usage, you can try GoToSocial.
GoToSocial connects you to the Fediverse with the same features provided by Mastadon for a fraction of the computing power. Alternatively, if you are looking for a platform that acts more like a forum, you can host your own instance of Lemmy or join any of the existing ones. You can also replace Facebook and Instagram with their federated counterparts: Friendica and Pixelfed.
This variety between platforms and use cases while still being connected is what makes the Fediverse a great path away from the centralized and corporate-controlled social media platforms. While it isn't the answer to full privacy when using social media, it decentralizes the power over the data and gives the user the freedom to choose their own provider without being vendor locked away from communicating with others on the network.
