Believe me when I tell you that I did not want to write another article about pedophiles after the last one, but here we are. It is a vile subject to read and write about, the rabbit hole goes deeper than any of us ever want to think about, and when I say us I really mean me. This will be the last article I will ever write on the subject of pedophiles and child porn, and I feel tainted for having touched it.
Shortly after Elon Musk took over Twitter some of the most influential people in infosec began tweeting that they were leaving Twitter. I don’t think the reasons why they are pretending to leave are important, but I do think it is important we take a closer look at the social media platform they are desperately encouraging their followers to sign up on so they can have an audience.
In their haste to flee Twitter these influencers set up accounts on a social media platform called Mastodon without knowing much about the place they were migrating to, or anything about the kinds of communities that call Mastodon their home. To be fair, Mastodon makes it almost impossible to search for communities and content across the fediverse by design, so many of the newcomers have absolutely no idea who lives on Mastodon because they cannot see them.
Consider this article the first in a series of Secjuice articles focused on the Mastodon platform and the communities which call Mastodon their home. As our OSINT efforts against Mastodon ramp up we will publish more OSINT-focused articles around the subject, the technical folks are busy getting stuck in too and I am certain they have some great articles headed your way. If you are an OSINT researcher interested in Mastodon, check out this interactive map of the Fediverse, this diagram of the Mastodon attack surface created by Sinwindie, and this tool for gathering intel on Mastodon users built by OSINT Tactical.
The founder of Mastodon, Eugen Rochko, didn’t invent the concept of a decentralized social network he just built his own platform implementation of OStatus, an open standard for federated microblogging. OStatus was built to provide an alternative to Twitter, but instead of being controlled by a single commercial entity like Twitter is, it was controlled through a federation of ‘independent instances’. If this sounds familiar it is because, quite often, new technological ideas are just old ideas wearing a new pair of shoes.