Noah Gift’s Post

I made a comment on a post about X and Bluesky. LinkedIn is now pushing Bluesky posts on me (of course). So, rather than comment on all these other posts I'll just say the following. I joined Mastodon recently and one thing coming up a lot over there is who is backing Bluesky and the promises they are (not) keeping. It isn't truly federated. Also Bluesky seems to be backed by a bunch of cryptobros. Personally, I never considered joining Bluesky to begin with. I think the important thing incumbent on all of us (now more than ever) is to understand 1) who owns the businesses and services we use every day 2) what are their motivations 3) what are they doing with our data and 4) are they delivering on their promises? Jeff Bezos intervening with WaPo not making an endorsement in the US election was a tipping point for me. I've been working on finding replacements for lots of different things as a result. I'd already been using Libreddit/Redlib for a while which is somewhat what lead me to Mastodon (shoutout to Vivaldi Technologies as a gateway drug) and Lemmy. I don't know if this is useful to anyone but, it sounds to me like Bluesky is just another Twitter/X waiting to happen. P.S. there are a plethora of alternative frontends for many of the large social services online. So, while you may no longer be able to engage with these services directly it's still nice to be able to browse them without giving them the actual traffic 👍 I've found they've helped ease the transition away from these services. Check out browser plugins like https://lnkd.in/gz-HEqrz (Privacy Redirect) and apps like https://lnkd.in/gH_p94Yi (URLCheck) for more! P.P.S I think it's also important to check in on the current ownership of different properties we engage with on a regular basis. For all we know VC has come in bought up a stake and completely changed the trajectory of whatever that service may be. #fediverse #mastodon #bluesky #twitter #xitter

I'm seeing more and more ex-tweeters flock to Bluesky. How does it work? The Good! 🌐 handles are based on existing web domains. As a person that owns over a dozen domains already, this is cool. Most of my Twitter handles revolved around each of those websites anyway. This aligns very well for Web natives. 💿 As web platforms die over time, going with Bluesky means aligning with people who understand the value of being able to archive the things you wrote. As a person who previously worked at a data backup and recovery company, you can start to imagine just how strong of an opinion I have on this sort of thing. I have scars from web services mucking up my data or worse I ended up losing it one way or another. The World Wide Web is quite fragile! We need smart and very caring people keeping it alive all the time. (*cough* I am available for hire PM me *cough*) 🍽 It is possible to host your own data on your own server; something that is becoming increasingly important to me. If its on my own server, I can very easily automate backups with 1 click. The Questions? 🏢 Will any of the other existing mega-sized social platforms adopt Atmosphere? I doubt it. I could see Google running with it during Summer of Code or something since they aren't maintaining their own social network anymore to maintain and tend to get their hands in lots of open source initiatives (even if briefly), and have a history of letting users download all their data to either bail or backup if they so choose. Copy-Paste to a lesser extent Microsoft/Discord/GitHub. 💣 Since it is possible to host your own data on your own server, will we see certain parts of Bluesky get DDOS'ed like the Old Web did? One of the things that made Twitter robust was the absolutely crazy amount of work that went into load balancing. I've had a few fascinating conversations with ex-Twitter engineer Adam Crane about this stuff. That's a whole other post which I don't totally feel qualified to write, but yeah. It's crazy. 🧐 Final Thoughts Before signing up for any service, I read all the terms, privacy policy details, and dig into how the company does business, organizes itself, and how it plans to make any money at all so that the platform will survive. (Hopefully without exploiting the users too much.) I appreciate what's happening here. I'm interested in integrating this sort of thing into my new websites going forward, ideally running together on one server. There are definitely some fun things to think about here.

We’re detecting a massive automated spam campaign hitting npm right now with an influx of garbage packages, a reprisal of the tea[.]xyz crypto spam, which artificially inflates the spam packages’ dependency counts. #JavaScript https://lnkd.in/eGCMsam3

X-odus: What’s the Best Alternative to Twitter? With recent changes on X/Twitter, many are exploring alternatives. BlueSky has seen a surge in user registrations, while Mastodon remains a strong contender. But here’s the good news: you don’t have to choose between them. Thanks to their decentralized infrastructure, BlueSky and Mastodon are interoperable. This means you can use both platforms seamlessly, accessing Mastodon content directly within BlueSky—and vice versa. Here’s how: On BlueSky, simply follow ap.brid.gy. That’s it! This lets you engage with the entire Fediverse, the network powering Mastodon and other decentralized apps. More information: https://fed.brid.gy/docs So, the only decision left is: are you ready to make the switch?

Hi LinkedIn family! 😎 I would like to invite anyone who comes across this post in their feed to #collaborate on a project of a significant scale. ✨ If you’re interested in any capacity, or would simply like to chat, please message me! The front-end is largely complete, built in #React with next.js. I’m developing the schema for the backend, and I’m still deciding between node.js + pg https://lnkd.in/e2-aP8gh Or Python / Flask / PostgreSQL (sqlalchemy) https://lnkd.in/eFvrhT3Y ✨ This project will be a Nostr client to host relays, allow bitcoin lightning transactions, and customization of Nostr feeds. 🧐 If you’re unfamiliar with the Nostr open source project, I urge you (whether or not you’re interested in collaboration) to check it out. ‼️ It may actually be the only true open source #decentralized protocol that can revolutionize social media, advertisement, and content ownership. 🔔 Read about #Nostr here: (open source GitHub) https://lnkd.in/eBECaWfJ

Introducing Flaregram ⚙ 🚀 A blazing fast JavaScript framework to make serverless telegram bots on Cloudflare Workers!  😎 It uses telegram bot API and is runs on Cloudflare Workers. Currently on beta version a lot of things has to be introduced in that and you all are free to push valid commits. 🤖 https://lnkd.in/g87QcFKY #javascript #telegram #cloudflare #opensource

Absolutely thrilled to introduce my latest creation: a robust social media platform powered by Node.js, Express, and MongoDB! 🌐 🌟 Key Features: User Authentication & Profile Management: Crafted a secure user authentication system with features such as email verification and password reset. Users enjoy dynamic profile management, including profile pictures and cover photos. Dynamic Tweeting: Empowered users to create, update, and delete tweets with the flexibility of including images. The platform seamlessly supports engaging multimedia content. Interactive Timeline: Enriched user experience with a real-time timeline, intelligently sorted based on various parameters like date, likes, and comments. Stay updated with the latest tweets from followed accounts. Engagement Features: Users express reactions through likes and comments on tweets. The platform also supports media uploads, creating a dynamic space for content creation. Follow and Unfollow: Fostered a connected and engaging social experience by enabling users to easily follow and unfollow others. Notification System: Implemented a comprehensive notification system to keep users informed about likes, comments, and new followers, enhancing the overall user experience. Retweets: Users can amplify the reach of interesting content within the community through the retweet feature. Security Measures: Prioritized security with best practices in secure coding, including robust input validation, error handling, and secure storage of sensitive information. https://lnkd.in/dXWNjtuH #NodeJS #ExpressJS #MongoDB #SocialMediaPlatform #WebDevelopment #JavaScript #FullStackDeveloper #CodingJourney

Few days ago while browsing X (formerly Twitter), I came across this interesting article claiming that Next JS “use server” directive is unsafe for production use, as it tends to leak data. Here’s are my thoughts on this: 1. For a mission critical application, separation of concern should be adopted. Meaning, not using “use server” as a top level directive. E.g just applying it to a single function and not the whole file. 2. With a proper authentication in place, it should handle and prevent API calls made by an unauthorised user. 3. I feel that this data leak is caused by improper access control mechanisms and not by the Next JS framework itself. Feel free to hop on the discussion and share your thoughts. #NextJS Link to the thread: https://lnkd.in/gkWZEM65

Imagine the GitHub project you are searching for has at least a thousand malicious clones with identical names. Well, that is precisely what is happening at the moment. A large-scale malicious campaign creates many forks of popular projects with the same names and adds an obfuscated payload. If executed, it will try to grab credentials, cookies, and whatever it can reach and send to a remote server. GitHub eventually detects and deletes most of them, but researchers from Apiiro(1) noticed that many others stay afloat - or even are legitimately forked! The delivery mechanism of the repo confusion attack seems to rely on social engineering by spraying the repo links across forums, channels, groups, etc. So be careful before following that StackOverflow answer ;) Given that the attack has been happening for a while now, it would be a sad/fun kind of a situation if LLM scrappers picked up some of these links, and they would appear in CoPilot/ChatGPT/you-name-it responses. (1) https://lnkd.in/eXVPZarw #llmsecurity #github #socialengineering #repoconfusion

🚀 Excited to share a simple social media Node.js backend project :   simplifies managing users, posts, comments, and replies in applications. Users can sign up securely, manage their profiles, and upload images and videos. They can create posts, and leave comments. Replies to comments are also supported. Scheduled reminders ensure users confirm their emails. The project prioritizes security, adhering to best practices like password hashing and encryption. 📌You can check the whole project from here and go through the readme to know more about the project features 👇🏻 https://lnkd.in/dJnKYwvn #NodeJS #BackendDevelopment #UserManagement #ContentManagement #APIs #ApplicationDevelopment