Today is a “⅔ soapbox, ⅓ tech” Drop, so feel encouraged to just read the second section if my opines just aren't your cup of tea, today.

Brief 🎵♬ On 🧵🪡

Unless you're in a cave up in northwestern Maine (which means you aren't reading this newsletter), you have no doubt heard that Meta's Twitter killer — Threads — launched today. I'm not linking to it, and cannot advocate using it on anything but a security and privacy research device with an account that has nothing to do with you IRL.

I am far from the first person to point this out, but Threads can collect a bonkers amount of personal information, including health, financial, contacts, browsing and search history, location data, purchases and “sensitive info”. You can see the full list in the privacy breakdown in either the app store of your choice.

If you want to read more about Threads before using it (or deleting it), The Guardian has good coverage, though they seem to be oddly “pro-Threads”.

As a general rule, never trust a social messaging site that doesn't have a web app. The reason is usually that they're collecting as much data as possible, and want to avoid your ability to enlist browser protections to protect yourself.

Cinder

Łukasz Langa pointed out (on Twitter, so I'm not linking to it) that the backend of Threads is based on Cinder, Meta's internal performance-oriented production version of CPython. Some optimizations in it include:

• Bytecode inlining: This optimization replaces function calls with the actual code of the function, which can lead to faster execution times

• Eager evaluation of coroutines: Cinder optimizes coroutines by evaluating them eagerly, which can lead to faster execution times

• Shadow bytecode: This feature allows Cinder to optimize the bytecode of Python programs at runtime, which can lead to significant performance improvements

• Method-at-a-time JIT: Cinder uses a method-at-a-time JIT (just-in-time) compiler to optimize the execution of Python code

• Immortal objects: Cinder has a feature called “immortal objects” that allows it to reuse objects instead of creating new ones, which can lead to faster execution times

• Static Python: Cinder uses a feature called “Static Python” that allows it to analyze Python code at compile time and generate more efficient code

• Strict Modules: Cinder has a feature called “Strict Modules” that allows it to optimize the loading of Python modules

While I despise Meta, their engineering and data science teams do produce many useful items.

Getting Up In Bluesky's Bidnez

As most readers know by now, Bluesky is a public benefit corporation that is purportedly aiming to build an open and decentralized social network. I've been super wary of them given that:

• they're cozied up to an odd billionaire who had no issue giving Twitter up to the world's richest toddler

• were initially funded by Twitter itself (and were originally aiming to bring a new protocol to Twitter's app)

• there was no clear description of how they were going to make money (which, by default, means that you/we would have been the eventual product)

In a recent post, the folks that run the platform outlined where their 💰 is coming from, now, and what they plan to do to pay the bills moving forward. To fund their operations and growth, they recently raised an $8 million seed round from “values-aligned investors”, except that their values also include partnering with OpenAI and Microsoft, two of the most morally suspect companies

This funding is intended to enable them to expand their team and infrastructure, as well as grow the AT Protocol ecosystem. Instead of relying on advertising, Bluesky plans to offer paid services like custom domains as their first monetization strategy. They have partnered with Namecheap to allow users to easily purchase and manage custom domains for use with Bluesky and the AT Protocol. This custom domain service will help users personalize their identities in a decentralized manner.

“We're going to satisfy our investor's lust for 💴 by taking a cut of Namecheap's registration fees” sounds like a really suspect business plan IMO. And, to make matters worse, the setup for these domains to support the AT protocol routing is in direct violation of RFC 952, since you have to use an _ (underscore) in the hostname. If they're not willing to play nice with one of the oldest standards out there, what other standards are they going to break? My terrible registrar for my rud.is domain at least respects these standards, since I wasn't able to set up a _atproto.hrbrmstr.rud.is TXT record.

NOTE: if you do own your own domain name, you can hit up the Bluesky settings to get the deets on what you need to do to use it as your handle.

I'm on Bluesky to ensure my handle is not used by malcontents, and because some treasured mates are solely on there. As you can tell, I am quite wary of both the service and the protocol. The centralized service itself also doesn't support multifactor authentication, which should be the baseline for all new/modern services.

I'll keep using it until they eventually show their true colors, and I encourage all other Bluesky users to be equally wary and observant.

Share

FIN

Keep your 👀 peeled to the Reykjanes - Norður stream, as we may see another eruption on my fav place on the globe. ☮