Email or username:

Password:

Forgot your password?
Fediverse's posts Post Back to profile
Top-level
Fediverse Report

We now have the following national governments with a Mastodon server:

- Germany: social.bund.de
- The Netherlands: social.overheid.nl
- Switzerland: social.admin.ch

As well as the EU with
- social.network.europa.eu

Let's hope that other countries will follow this design pattern, and all launch a fediverse server at social.[governmentwebsite].[TLD]. Following this pattern makes it immediately clear to people they are communicating with an official government account.

12 Sep 2023 at 12:51 | Open on mastodon.social
48 comments
insha

@fediversereport there is wrong extension for EU server. It Should be EU instead ec

12 Sep 2023 at 13:01 | Open on mastodon.social
gocu54
mcneb10

@gocu54 @fediversereport Hell yeah it does. Twitter is only going down hill from here

13 Sep 2023 at 0:02 | Open on mstdn.social
writermonki

@gocu54 @fediversereport Trump would produce perfect toots all night long

13 Sep 2023 at 6:57 | Open on mastodon.social
DELETED
Twalzer

@fediversereport Wir (🇦🇹) schlafen wieder in der Pendeluhr?

12 Sep 2023 at 16:08 | Open on troet.cafe
Piiieps & Brummm

@Twalzer
Die Frage ist: vor oder nach dem Vatikan? 😄

(Aktuell konnte ich keine Instanz social.vatican.va finden)

12 Sep 2023 at 16:48 | Open on chaos.social
mybarkingdogs

@fediversereport THIS.

(Would also say there should be rules about government accounts conducting/hosting possibly or definitely invasive activities - such as surveillance -even "benign" surveillance like health and safety - or more malignant conduct like policing - they need to be required to declare this/the presence of said users on them so people who are vulnerable can exercise their rights to privacy, silence, etc)

12 Sep 2023 at 16:29 | Open on mastodon.sdf.org
Shoq

@fediversereport @mekkaokereke

This is a hopeful sign of life from governments that is still missing in journalism and other communities that should be much more engaged in building decentralized social networking. They all seem to be waiting for some form of silver bullet social media from big tech, when the solution is already here. But more users will bring more engagement, better apps, and more capital. Which in turn will bring more of the same.

bsky.app/profile/shoq.bsky.soc

@fediversereport @mekkaokereke

This is a hopeful sign of life from governments that is still missing in journalism and other communities that should be much more engaged in building decentralized social networking. They all seem to be waiting for some form of silver bullet social media from big tech, when the solution is already here. But more users will bring more engagement, better apps, and more capital. Which in turn will bring more of the same.

12 Sep 2023 at 17:16 | Open on mastodon.social
GoNancyGo

@fediversereport I would prefer to get important, time sensitive, Gov't info here. There is no "paid verification", no throttling. What other social media would they use? Twitter no longer exists, and every other media but this one can easily be bought by a megalomaniac as well.

12 Sep 2023 at 17:43 | Open on mastodon.social
ResearchBuzz

@fediversereport Oooo. Now this would make an interesting specialty search.

12 Sep 2023 at 18:43 | Open on researchbuzz.masto.host
Ken Tindell

@fediversereport @glynmoody The British regime will never have its own instance because “Mastodon is woke”.

12 Sep 2023 at 18:47 | Open on mastodon.social
wakest ⁂

@fediversereport the french gov have many peertube instances too

12 Sep 2023 at 20:38 | Open on social.wake.st
DELETED

@fediversereport I'm sure after 20 or so countries have done it, Australia will start to think about it...

12 Sep 2023 at 22:36 | Open on hostux.social
Inventor

@fediversereport Anyone can create "social." subdomains.
It does not make it "clear that it's an official government account".

13 Sep 2023 at 2:28 | Open on linuxrocks.online
Myrion

@inventor how so? In the Swiss example, the govt controls admin.ch, and no-one else can create those subdomains. Sure, it could be a rogue sysadmin, but that would get discovered and shut down quickly.

Anything from *.admin.ch has official character.

13 Sep 2023 at 18:14 | Open on infosec.exchange
Inventor

@myrion
Are you saying that someone in the government can create a rogue "mastodon.admin.ch"?
What you're saying doesn't make sense. Subdomains are irrelevant. Telling people otherwise will only cause more phishing attacks.
Example: social.govern.ment.eu
People fall for stuff like that. "social." is irrelevant.

13 Sep 2023 at 18:26 | Open on linuxrocks.online
Myrion

@inventor I'm saying that's the only way I can see someone getting a *.admin.ch subdomain without it being official, yes.

I don't think it's likely to happen.

And no, I'm not worried about someone creating social.ad.min.ch (if I'm understanding your examples correctly) to confuse people. It would have happened long ago already, since the Swiss government has been using admin.ch for years now for official communications.

13 Sep 2023 at 19:02 | Open on infosec.exchange
Inventor
Myrion

@inventor I understand the concept of phishing attacks. I understand that they can even be performed against government workers.

This doesn't change the simple fact that admin.ch has been the official domain of the Swiss government for years and that social.admin.ch clearly is from the Swiss government, and that other governments following the same structure of social.well-known.domain is perfectly sensible.

At this point, I'm very confused about what you're even trying to argue, as the article doesn't have a single example mentioning subdomains (frankly, no details at all).

Phishing exists, therefore governments shouldn't be on the fediverse?
Phishing exists, therefore government accounts must be... what? Only from the main domain, because that's somehow safer?

@inventor I understand the concept of phishing attacks. I understand that they can even be performed against government workers.

This doesn't change the simple fact that admin.ch has been the official domain of the Swiss government for years and that social.admin.ch clearly is from the Swiss government, and that other governments following the same structure of social.well-known.domain is perfectly sensible.

13 Sep 2023 at 19:22 | Open on infosec.exchange
Myrion

@inventor to rephrase my argument most clearly:

The Swiss government has been using *.admin.ch for official communication for years.

Phishing attacks pretending to be the Swiss government have happened.

This doesn't make communication from *.admin.ch any less clearly official.

This holds true even when *==social.

13 Sep 2023 at 19:25 | Open on infosec.exchange
Inventor

@myrion
"government accounts must be only from the main domain, because that's somehow safer?"

It can be from any subdomain under a valid root domain. Examples: "социальные.", "с.", "со.", "sociaux.", "sosyal.", "mastodon."... literally anything. Doesn't matter at all.

Only the root domain and certificate matter.

13 Sep 2023 at 19:29 | Open on linuxrocks.online
Myrion

@inventor aha! Then I misunderstood your objection.

I will say that while it's true, I think it's a bit pedantic. The OP wasn't suggesting, afaict, that "social.any.domain" clearly would be official, but that "social.known.domain" would be clearly official, and sensible - in that it's like the ".well-known" directory on a webserver.

Use the known domain, look for the social subdomain and voilà, there's the official social media accounts seems like a useful approach to me.

13 Sep 2023 at 19:34 | Open on infosec.exchange
Siegi 🇺🇦 🇬🇪 💜 🇨🇭

@inventor 1. The government create the instance on his own subdomain of admin.ch which is the federal domain and well known
2. They announce it and say which department want start to have an account (DFAE, DEFR)
3. They own and manage admin.ch, i think that persons managing DNS of admin.ch don't let everyone create what subdomain they want.

Maybe you mean the .social top level domain where everyone can create domain ?
@fediversereport

@inventor 1. The government create the instance on his own subdomain of admin.ch which is the federal domain and well known
2. They announce it and say which department want start to have an account (DFAE, DEFR)
3. They own and manage admin.ch, i think that persons managing DNS of admin.ch don't let everyone create what subdomain they want.

13 Sep 2023 at 18:15 | Open on tooting.ch
Inventor

@siegi @fediversereport

Are you saying that someone in the government can create a rogue "mastodon.admin.ch"?
What you're saying doesn't make sense. Subdomains are irrelevant. Telling people otherwise will only cause more phishing attacks.
Example: social.govern.ment.eu
People fall for stuff like that. "social." is irrelevant.

13 Sep 2023 at 18:31 | Open on linuxrocks.online
Gregory Trolliet

@inventor @siegi @fediversereport I don't understant. As owner of trolliet.info, you mean that anybody can create social.trolliet.info without my conscent and/or knowing?

13 Sep 2023 at 18:34 | Open on mastodon.zaclys.com
Inventor

@Faket @siegi @fediversereport
What I am saying is that you or anyone who is not the government could register any domain similar to a domain that a legit governmental organization uses, i.e. mimic it, and then create a "social." subdomain to lure fools.
Example: social.govern.ment.eu being created by the owner of ment.eu is totally plausible.
It will happen if this idea that "subdomains mean something" takes roots.

13 Sep 2023 at 18:41 | Open on linuxrocks.online
Gregory Trolliet

@inventor @siegi @fediversereport But since the owner/administrator of admin.ch is the government, what better way to certify a new service than to make it a service.admin.ch?

13 Sep 2023 at 18:46 | Open on mastodon.zaclys.com
Inventor

@Faket @siegi @fediversereport
It is already certified by the domain. The subdomain is arbitrary and serves no purpose other than being a name for a service/server/something. The end user must only pay attention to the domain and TLS certificate for the purpose of validation of legitimacy.

13 Sep 2023 at 18:50 | Open on linuxrocks.online
Gregory Trolliet

@inventor @siegi @fediversereport So? Are you saying that doing a social.admin.ch subdomain is a good thing? I don't understand your point TBH.

13 Sep 2023 at 18:51 | Open on mastodon.zaclys.com
Inventor

@Faket @siegi @fediversereport
My point makes reference to this quote from the second post on this thread:
"Following this pattern (social. subdomains) makes it immediately clear to people they are communicating with an official government account."

This is false. Establishing a convention may be a cool idea, but it adds nothing to security or "making anything clear". Subdomains mean nothing in terms of validation of legitimacy.
Root domains and certificates, on the other hand, mean everything.

13 Sep 2023 at 18:57 | Open on linuxrocks.online
Gregory Trolliet replied to Inventor

@inventor @siegi @fediversereport Are you suggesting that it's not better to have a [social|mastodon|toot|whatever].admin.ch than any other random root domain?

13 Sep 2023 at 19:01 | Open on mastodon.zaclys.com
Inventor replied to Gregory

@Faket @siegi @fediversereport It makes no difference.
In fact, now that I think of it, a simple convention about subdomains doesn't make sense either, since many countries speak different languages.

13 Sep 2023 at 19:11 | Open on linuxrocks.online
Jezza™@threads.com (Official)

@inventor @fediversereport why not? Any random asshole is going to do just as good a job at sucking at running a government's social as the people who do it presently for profit.

BTW, I'm the official social account of the government of Abkhazia.

13 Sep 2023 at 18:20 | Open on noagendasocial.com
Luna :verified_trans: :cat_is_blob_and_lesbian:

@inventor@linuxrocks.online @fediversereport@mastodon.social but you usually recognize the main domain if you live in the country

14 Sep 2023 at 6:36 | Open on mk.absturztau.be
Maarten Pelgrim

@fediversereport it's nice if we boost it here, but this kind of news needs to be spread beyond the Fediverse.

13 Sep 2023 at 7:17 | Open on mastodon.nl
Thomas Lee ✅ :patreon:

@fediversereport This is a great step in moving the fedivese, and Mastadon, forward.

13 Sep 2023 at 14:20 | Open on masto.ai
DELETED

@fediversereport @FreakyFwoof How long until they're defederated because one politician in their government contradicted "current thing"?

13 Sep 2023 at 16:45 | Open on mstdn.social
Jezza™@threads.com (Official)

@fediversereport why is this good? Things are always much better when government fucks off, goes away, and stays away.

So why don't you help improve the fediverse in the most profound way by fucking off, going away, and staying away? Get started now!
#FediverseImprovementProject #GarbageCollection

13 Sep 2023 at 18:17 | Open on noagendasocial.com
DELETED
Bostjan Laba
tessarakt

@fediversereport Does Bundesservice Kommunikation have a social.bund.de account?

13 Sep 2023 at 22:22 | Open on mastodon.social
Jo Kingly :verified:

@fediversereport Here's to hoping this will also increase government transparency and open democracy.

14 Sep 2023 at 8:00 | Open on c.im
Go Up