# I am the Watcher. I am your guide through this vast new twtiverse.
#
# Usage:
# https://watcher.sour.is/api/plain/users View list of users and latest twt date.
# https://watcher.sour.is/api/plain/twt View all twts.
# https://watcher.sour.is/api/plain/mentions?uri=:uri View all mentions for uri.
# https://watcher.sour.is/api/plain/conv/:hash View all twts for a conversation subject.
#
# Options:
# uri Filter to show a specific users twts.
# offset Start index for quey.
# limit Count of items to return (going back in time).
#
# twt range = 1 101
# self = https://watcher.sour.is/conv/saz2moa
Hi, I just created this account but couldn't seem to login with the android app, Goryon. does username need ? Is pod just twt.social?
> Hi, I just created this account but couldn’t seem to login with the android app, Goryon. does username need ? Is pod just twt.social?\n\nYou use your email as-is and you login to the pod where your account is. e.g: https://twtxt.net. Be sure to include the full https:// (_there is a known bug that errors on just a domain, where it should default to https_)
> Hi, I just created this account but couldn’t seem to login with the android app, Goryon. does username need ? Is pod just twt.social?
You use your email as-is and you login to the pod where your account is. e.g: https://twtxt.net. Be sure to include the full https:// (_there is a known bug that errors on just a domain, where it should default to https_)
> Hi, I just created this account but couldn’t seem to login with the android app, Goryon. does username need ? Is pod just twt.social?
You use your email as-is and you login to the pod where your account is. e.g: https://twtxt.net. Be sure to include the full https:// (_there is a known bug that errors on just a domain, where it should default to https_)
> Hi, I just created this account but couldn’t seem to login with the android app, Goryon. does username need ? Is pod just twt.social?\n\nYou use your email as-is and you login to the pod where your account is. e.g: https://twtxt.net. Be sure to include the full https:// (_there is a known bug that errors on just a domain, where it should default to https_)
@adi Make me do the Turing test then 🤣
@adi Make me do the Turing test then 🤣
@adi Make me do the Turing test then 🤣
@adi @prologic I feel like an old man. Never used twitter. Are you able to use the app?
If I had removed the hashtag and prologic's name would my reply still have linked to this conversation or sent you a private msg?
@adi @prologic I feel like an old man. Never used twitter. Are you able to use the app?\n\nIf I had removed the hashtag and prologic's name would my reply still have linked to this conversation or sent you a private msg?
@adi @prologic I feel like an old man. Never used twitter. Are you able to use the app?\n\nIf I had removed the hashtag and prologic's name would my reply still have linked to this conversation or sent you a private msg?
@prologic I remember encountering an Eliza for the first time, fooled me a little bit at first!
@prologic I remember encountering an Eliza for the first time, fooled me a little bit at first!
@prologic I remember encountering an Eliza for the first time, fooled me a little bit at first!
@adi @prologic \n\nThanks. My mistake was trying to use twt.social for the pod name.
@adi @prologic \n\nThanks. My mistake was trying to use twt.social for the pod name.
@adi @prologic
Thanks. My mistake was trying to use twt.social for the pod name.
@lazarus\n\n> If I had removed the hashtag and prologic’s name would my reply still have linked to this conversation or sent you a private msg?\n\nRemoving the mentions is "okay" but the (#xxx) forms part of a conversation chain. Under the hood this software (_including the mobile app_) all really uses the twtxt.txt spec/format. We describe "extensions" we are documenting over at dev.twtxt.net
@lazarus
> If I had removed the hashtag and prologic’s name would my reply still have linked to this conversation or sent you a private msg?
Removing the mentions is "okay" but the (#xxx) forms part of a conversation chain. Under the hood this software (_including the mobile app_) all really uses the twtxt.txt spec/format. We describe "extensions" we are documenting over at dev.twtxt.net
@lazarus
> If I had removed the hashtag and prologic’s name would my reply still have linked to this conversation or sent you a private msg?
Removing the mentions is "okay" but the (#xxx) forms part of a conversation chain. Under the hood this software (_including the mobile app_) all really uses the twtxt.txt spec/format. We describe "extensions" we are documenting over at dev.twtxt.net
@lazarus\n\n> If I had removed the hashtag and prologic’s name would my reply still have linked to this conversation or sent you a private msg?\n\nRemoving the mentions is "okay" but the (#xxx) forms part of a conversation chain. Under the hood this software (_including the mobile app_) all really uses the twtxt.txt spec/format. We describe "extensions" we are documenting over at dev.twtxt.net
@lazarus \n\n> Thanks. My mistake was trying to use twt.social for the pod name.\n \nNo problem! Twt.social is _our_ crappy attempt at "branding" and the 1-click fully managed hosted platform for those that either a) don't know how to host/run thee backend and/or b) can't be bothered. To date my pod (twtxt.net) is the largest and most active, but there are ~7 others we host on behalf of others at https://twt.social/join as well as two others which are completely independently run at twt.u53.net and txt.sour.is~
@lazarus
> Thanks. My mistake was trying to use twt.social for the pod name.
No problem! Twt.social is _our_ crappy attempt at "branding" and the 1-click fully managed hosted platform for those that either a) don't know how to host/run thee backend and/or b) can't be bothered. To date my pod (twtxt.net) is the largest and most active, but there are ~7 others we host on behalf of others at https://twt.social/join as well as two others which are completely independently run at twt.u53.net and txt.sour.is~
@lazarus
> Thanks. My mistake was trying to use twt.social for the pod name.
No problem! Twt.social is _our_ crappy attempt at "branding" and the 1-click fully managed hosted platform for those that either a) don't know how to host/run thee backend and/or b) can't be bothered. To date my pod (twtxt.net) is the largest and most active, but there are ~7 others we host on behalf of others at https://twt.social/join as well as two others which are completely independently run at twt.u53.net and txt.sour.is~
@lazarus \n\n> Thanks. My mistake was trying to use twt.social for the pod name.\n \nNo problem! Twt.social is _our_ crappy attempt at "branding" and the 1-click fully managed hosted platform for those that either a) don't know how to host/run thee backend and/or b) can't be bothered. To date my pod (twtxt.net) is the largest and most active, but there are ~7 others we host on behalf of others at https://twt.social/join as well as two others which are completely independently run at twt.u53.net and txt.sour.is~
@lazarus Although... THere e_could_ be others I'm not aware of 🤔_
@lazarus Although... THere e_could_ be others I'm not aware of 🤔_
@lazarus Although... THere e_could_ be others I'm not aware of 🤔_
@prologic Got it. Are pods linked (federated), or do they exist in isolation?\n\nOptional, like Mastodon?
@prologic Got it. Are pods linked (federated), or do they exist in isolation?
Optional, like Mastodon?
@prologic Got it. Are pods linked (federated), or do they exist in isolation?\n\nOptional, like Mastodon?
@lazarus Pods are "federated" in the sense of the word - Yes. They do not however utilise ActivityPub (_for good reasons_), they operate in "pull" mode and understand Twtxt. I also offer a free RSS/Atom -> Twtxt aggregation service at feeds.twtxt.net (_which is how I read all my news, lobsters, slashdot, etc, etc_)
@lazarus Pods are "federated" in the sense of the word - Yes. They do not however utilise ActivityPub (_for good reasons_), they operate in "pull" mode and understand Twtxt. I also offer a free RSS/Atom -> Twtxt aggregation service at feeds.twtxt.net (_which is how I read all my news, lobsters, slashdot, etc, etc_)
@lazarus Pods are "federated" in the sense of the word - Yes. They do not however utilise ActivityPub (_for good reasons_), they operate in "pull" mode and understand Twtxt. I also offer a free RSS/Atom -> Twtxt aggregation service at feeds.twtxt.net (_which is how I read all my news, lobsters, slashdot, etc, etc_)
@prologic and if one ran their own server, can they pick and choose which instances to join with, or choose to exist completely isolated and private; msgs only visible to logged in accounts?
@prologic and if one ran their own server, can they pick and choose which instances to join with, or choose to exist completely isolated and private; msgs only visible to logged in accounts?
@lazarus \n\n> and if one ran their own server, can they pick and choose which instances to join with, or choose to exist completely isolated and private; msgs only visible to logged in accounts?\n\nCurious, what's your use-case? A pod can exist completely on its own, it only interacts with Twtxt feeds. If no users on _that_ pod follows any other users on any other pods, then yeah it'll be pretty isolated.
@lazarus
> and if one ran their own server, can they pick and choose which instances to join with, or choose to exist completely isolated and private; msgs only visible to logged in accounts?
Curious, what's your use-case? A pod can exist completely on its own, it only interacts with Twtxt feeds. If no users on _that_ pod follows any other users on any other pods, then yeah it'll be pretty isolated.
@lazarus \n\n> and if one ran their own server, can they pick and choose which instances to join with, or choose to exist completely isolated and private; msgs only visible to logged in accounts?\n\nCurious, what's your use-case? A pod can exist completely on its own, it only interacts with Twtxt feeds. If no users on _that_ pod follows any other users on any other pods, then yeah it'll be pretty isolated.
@lazarus
> and if one ran their own server, can they pick and choose which instances to join with, or choose to exist completely isolated and private; msgs only visible to logged in accounts?
Curious, what's your use-case? A pod can exist completely on its own, it only interacts with Twtxt feeds. If no users on _that_ pod follows any other users on any other pods, then yeah it'll be pretty isolated.
@lazarus A counter-example to this are the pods owned by @xuu and @etux where we (_especially @xuu_) frequently converse across pods on various topics of interest to us 😀
@lazarus A counter-example to this are the pods owned by @xuu and @etux where we (_especially @xuu_) frequently converse across pods on various topics of interest to us 😀
@lazarus A counter-example to this are the pods owned by @xuu and @etux where we (_especially @xuu_) frequently converse across pods on various topics of interest to us 😀
@prologic considering the negatives of social media on a large scale, wondering about an alternative for a local region. In my case, an expat pod for Vietnam. Mightn't need to complicate the feed with feeds from other pods that can have their own specific content.
Unless seperate pods were made to serve different languages and then joined for the multi lingual.
@prologic considering the negatives of social media on a large scale, wondering about an alternative for a local region. In my case, an expat pod for Vietnam. Mightn't need to complicate the feed with feeds from other pods that can have their own specific content.\n\nUnless seperate pods were made to serve different languages and then joined for the multi lingual.
@prologic considering the negatives of social media on a large scale, wondering about an alternative for a local region. In my case, an expat pod for Vietnam. Mightn't need to complicate the feed with feeds from other pods that can have their own specific content.\n\nUnless seperate pods were made to serve different languages and then joined for the multi lingual.
@lazarus Ahh I see. Yeah you can _totally_ do that and in fact I encourage it! You are right about the problems of "human socialism at scale", it doesn't scale. Keeping pods small is important in my humble opinion, but a large interconnected network of pods that is diverse is okay. There are no possible ways to create "echo chambers" here, no retweets, no likes, no algorithms. I try to keep things as simple as as "real" as possible, if that makes sense?
@lazarus Ahh I see. Yeah you can _totally_ do that and in fact I encourage it! You are right about the problems of "human socialism at scale", it doesn't scale. Keeping pods small is important in my humble opinion, but a large interconnected network of pods that is diverse is okay. There are no possible ways to create "echo chambers" here, no retweets, no likes, no algorithms. I try to keep things as simple as as "real" as possible, if that makes sense?
@lazarus Ahh I see. Yeah you can _totally_ do that and in fact I encourage it! You are right about the problems of "human socialism at scale", it doesn't scale. Keeping pods small is important in my humble opinion, but a large interconnected network of pods that is diverse is okay. There are no possible ways to create "echo chambers" here, no retweets, no likes, no algorithms. I try to keep things as simple as as "real" as possible, if that makes sense?
@prologic Yes, makes sense. I appreciate a minimalist design and service that focuses on one particular thing.\n\nNow, on this pod, each user has a profile link to their twtxt.txt which can be accessed by anyone without an account, and I noticed @xuu for example doesn't have his link displayed.\n\nCan the pod owner choose to have accounts private? Like I can view some twitter accounts without logging in and others I can't.\n\nor will the *.txt file always remain hosted somewhere in plaintext by design?*
@prologic Yes, makes sense. I appreciate a minimalist design and service that focuses on one particular thing.
Now, on this pod, each user has a profile link to their twtxt.txt which can be accessed by anyone without an account, and I noticed @xuu for example doesn't have his link displayed.
Can the pod owner choose to have accounts private? Like I can view some twitter accounts without logging in and others I can't.
or will the *.txt file always remain hosted somewhere in plaintext by design?*
@prologic Yes, makes sense. I appreciate a minimalist design and service that focuses on one particular thing.\n\nNow, on this pod, each user has a profile link to their twtxt.txt which can be accessed by anyone without an account, and I noticed @xuu for example doesn't have his link displayed.\n\nCan the pod owner choose to have accounts private? Like I can view some twitter accounts without logging in and others I can't.\n\nor will the *.txt file always remain hosted somewhere in plaintext by design?*
@lazarus So couple of things... The only "privacy" toggles are two-fold:
User-level:
A user can toggle whether or not their followers or followings are display.
Pod-Level:
A Pod Owner / Operator can decide to toggle "open registrations" or "open profiles".
The twtxt.txt URI however is open by design. I'm open to feedback however, this wasn't designed to be a "closed system".
The reason @xuu 's profile doesn't display much is a different issue.
@lazarus So couple of things... The only "privacy" toggles are two-fold:
User-level:
A user can toggle whether or not their followers or followings are display.
Pod-Level:
A Pod Owner / Operator can decide to toggle "open registrations" or "open profiles".
The twtxt.txt URI however is open by design. I'm open to feedback however, this wasn't designed to be a "closed system".
The reason @xuu 's profile doesn't display much is a different issue.
@lazarus So couple of things... The only "privacy" toggles are two-fold:\n\nUser-level:\n \nA user can toggle whether or not their followers or followings are display.\n\nPod-Level:\n \nA Pod Owner / Operator can decide to toggle "open registrations" or "open profiles".\n\nThe twtxt.txt URI however is open by design. I'm open to feedback however, this wasn't designed to be a "closed system".\n\nThe reason @xuu 's profile doesn't display much is a different issue.
@lazarus So couple of things... The only "privacy" toggles are two-fold:\n\nUser-level:\n \nA user can toggle whether or not their followers or followings are display.\n\nPod-Level:\n \nA Pod Owner / Operator can decide to toggle "open registrations" or "open profiles".\n\nThe twtxt.txt URI however is open by design. I'm open to feedback however, this wasn't designed to be a "closed system".\n\nThe reason @xuu 's profile doesn't display much is a different issue.
@lazarus @xuu 's profile not showing as much detail here on my pod is just a missing cross-pod feature which is captured in this issue
@lazarus @xuu 's profile not showing as much detail here on my pod is just a missing cross-pod feature which is captured in this issue
@lazarus @xuu 's profile not showing as much detail here on my pod is just a missing cross-pod feature which is captured in this issue
There _were_ / _are_ also future design considerations to create a "kid friendly" social media (_i.e: under aged children_) which would strictly require the "network" to be "closed" and "protected" but that's an entirely different project altogether and I don't have the bandwidth for that right now. I do worry about how software can be used and abused both ways, but then again there's nothing stopping anyone from running a Pod or two behind an OAuth2 authentication layer/proxy or similar anyway, so ... 🤷♂️ I am open to ideas however...
There _were_ / _are_ also future design considerations to create a "kid friendly" social media (_i.e: under aged children_) which would strictly require the "network" to be "closed" and "protected" but that's an entirely different project altogether and I don't have the bandwidth for that right now. I do worry about how software can be used and abused both ways, but then again there's nothing stopping anyone from running a Pod or two behind an OAuth2 authentication layer/proxy or similar anyway, so ... 🤷♂️ I am open to ideas however...
There _were_ / _are_ also future design considerations to create a "kid friendly" social media (_i.e: under aged children_) which would strictly require the "network" to be "closed" and "protected" but that's an entirely different project altogether and I don't have the bandwidth for that right now. I do worry about how software can be used and abused both ways, but then again there's nothing stopping anyone from running a Pod or two behind an OAuth2 authentication layer/proxy or similar anyway, so ... 🤷♂️ I am open to ideas however...
@prologic Hi James, I caught up with some of your blog posts and discussions on github. Maybe you're right, and we shouldn't have the misconception of privacy on any of these platforms. Even if closed to non-users, one hack or one unblocked user with access can archive everything. Still, with the simplicity of retrieving the archive of users twts, even if a pod owner claims not to track users, it unfortunately doesn't stop someone else from doing so.\n\nSo a pod owner can turn off open registrations and open profiles. I'm feeling dumb but what does disabling open profiles mean for users?
@prologic Hi James, I caught up with some of your blog posts and discussions on github. Maybe you're right, and we shouldn't have the misconception of privacy on any of these platforms. Even if closed to non-users, one hack or one unblocked user with access can archive everything. Still, with the simplicity of retrieving the archive of users twts, even if a pod owner claims not to track users, it unfortunately doesn't stop someone else from doing so.
So a pod owner can turn off open registrations and open profiles. I'm feeling dumb but what does disabling open profiles mean for users?
@prologic Hi James, I caught up with some of your blog posts and discussions on github. Maybe you're right, and we shouldn't have the misconception of privacy on any of these platforms. Even if closed to non-users, one hack or one unblocked user with access can archive everything. Still, with the simplicity of retrieving the archive of users twts, even if a pod owner claims not to track users, it unfortunately doesn't stop someone else from doing so.\n\nSo a pod owner can turn off open registrations and open profiles. I'm feeling dumb but what does disabling open profiles mean for users?
@prologic I'm not sure I know enough to implement OAuth2. I'm still considering that twt in combination with say XMMP for private dm and group chat could work for a local community.\n\nIs twtxt.net setup to hash user's passwords and emails? You have the ability for users to retrieve passwords but you mention you don't keep emails. I'm curious as I have just realized that the ejabberd server I setup stores passwords as plain text and I need to research this more.
@prologic I'm not sure I know enough to implement OAuth2. I'm still considering that twt in combination with say XMMP for private dm and group chat could work for a local community.
Is twtxt.net setup to hash user's passwords and emails? You have the ability for users to retrieve passwords but you mention you don't keep emails. I'm curious as I have just realized that the ejabberd server I setup stores passwords as plain text and I need to research this more.
@prologic I'm not sure I know enough to implement OAuth2. I'm still considering that twt in combination with say XMMP for private dm and group chat could work for a local community.\n\nIs twtxt.net setup to hash user's passwords and emails? You have the ability for users to retrieve passwords but you mention you don't keep emails. I'm curious as I have just realized that the ejabberd server I setup stores passwords as plain text and I need to research this more.
@lazarus \n\n> So a pod owner can turn off open registrations and open profiles. I’m feeling dumb but what does disabling open profiles mean for users?\n\nIt simply means you have to have an account to see that user's profile. i.e: anonymous access is disabled at that point.
@lazarus \n\n> So a pod owner can turn off open registrations and open profiles. I’m feeling dumb but what does disabling open profiles mean for users?\n\nIt simply means you have to have an account to see that user's profile. i.e: anonymous access is disabled at that point.
@lazarus
> So a pod owner can turn off open registrations and open profiles. I’m feeling dumb but what does disabling open profiles mean for users?
It simply means you have to have an account to see that user's profile. i.e: anonymous access is disabled at that point.
@lazarus
> So a pod owner can turn off open registrations and open profiles. I’m feeling dumb but what does disabling open profiles mean for users?
It simply means you have to have an account to see that user's profile. i.e: anonymous access is disabled at that point.
@lazarus \n\n> Is twtxt.net setup to hash user’s passwords and emails? You have the ability for users to retrieve passwords but you mention you don’t keep emails. I’m curious as I have just realized that the ejabberd server I setup stores passwords as plain text and I need to research this more.\n\nPasswords are encrypted with scrypt.\n\nEmails are not stored, only a hash is. If you need to recover your account for any reason (_password reset_) you must supply the same email used on signup, if the hash matches the backend will happily send a reset token.
@lazarus
> Is twtxt.net setup to hash user’s passwords and emails? You have the ability for users to retrieve passwords but you mention you don’t keep emails. I’m curious as I have just realized that the ejabberd server I setup stores passwords as plain text and I need to research this more.
Passwords are encrypted with scrypt.
Emails are not stored, only a hash is. If you need to recover your account for any reason (_password reset_) you must supply the same email used on signup, if the hash matches the backend will happily send a reset token.
@lazarus
> Is twtxt.net setup to hash user’s passwords and emails? You have the ability for users to retrieve passwords but you mention you don’t keep emails. I’m curious as I have just realized that the ejabberd server I setup stores passwords as plain text and I need to research this more.
Passwords are encrypted with scrypt.
Emails are not stored, only a hash is. If you need to recover your account for any reason (_password reset_) you must supply the same email used on signup, if the hash matches the backend will happily send a reset token.
@lazarus \n\n> Is twtxt.net setup to hash user’s passwords and emails? You have the ability for users to retrieve passwords but you mention you don’t keep emails. I’m curious as I have just realized that the ejabberd server I setup stores passwords as plain text and I need to research this more.\n\nPasswords are encrypted with scrypt.\n\nEmails are not stored, only a hash is. If you need to recover your account for any reason (_password reset_) you must supply the same email used on signup, if the hash matches the backend will happily send a reset token.
@lazarus
> I’m not sure I know enough to implement OAuth2. I’m still considering that twt in combination with say XMMP for private dm and group chat could work for a local community.
I haven't tried to implemented OAuth2 at this stage, it might be interesting, especially if you have an existing OAuth2 provider (_ideally self-hosted_). We did build an experimental DM that's based around the old "mbox" format and exposes an SMTP and POP3 services.
@lazarus \n\n> I’m not sure I know enough to implement OAuth2. I’m still considering that twt in combination with say XMMP for private dm and group chat could work for a local community.\n\nI haven't tried to implemented OAuth2 at this stage, it might be interesting, especially if you have an existing OAuth2 provider (_ideally self-hosted_). We did build an experimental DM that's based around the old "mbox" format and exposes an SMTP and POP3 services.
@lazarus
> I’m not sure I know enough to implement OAuth2. I’m still considering that twt in combination with say XMMP for private dm and group chat could work for a local community.
I haven't tried to implemented OAuth2 at this stage, it might be interesting, especially if you have an existing OAuth2 provider (_ideally self-hosted_). We did build an experimental DM that's based around the old "mbox" format and exposes an SMTP and POP3 services.
@lazarus \n\n> I’m not sure I know enough to implement OAuth2. I’m still considering that twt in combination with say XMMP for private dm and group chat could work for a local community.\n\nI haven't tried to implemented OAuth2 at this stage, it might be interesting, especially if you have an existing OAuth2 provider (_ideally self-hosted_). We did build an experimental DM that's based around the old "mbox" format and exposes an SMTP and POP3 services.
@prologic \n Passwords are encrypted with scrypt.\n \n Emails are not stored, only a hash is. If you need to recover your account for any reason (password reset) you must supply the same email used on signup, if the hash matches the backend will happily send a reset token.\n\nThis is pretty clever. Is this the default setup from installing one of the pre-built binaries?
@prologic \n Passwords are encrypted with scrypt.\n \n Emails are not stored, only a hash is. If you need to recover your account for any reason (password reset) you must supply the same email used on signup, if the hash matches the backend will happily send a reset token.\n\nThis is pretty clever. Is this the default setup from installing one of the pre-built binaries?
@prologic
Passwords are encrypted with scrypt.
Emails are not stored, only a hash is. If you need to recover your account for any reason (password reset) you must supply the same email used on signup, if the hash matches the backend will happily send a reset token.
This is pretty clever. Is this the default setup from installing one of the pre-built binaries?
@lazarus although we haven’t released any pre-built binaries recently so I would build from source for now
@lazarus although we haven’t released any pre-built binaries recently so I would build from source for now
@lazarus although we haven’t released any pre-built binaries recently so I would build from source for now