Why I have concerns about Truth Social

Posted by DC on Fri, 10/22/2021 - 03:45

I always have to preface these tech-related articles with saying I've been in the cybersecurity and software development space for thirty years, from lowly junior programmer, all the way up to owner, in three different industries.

I've owned a multi-million dollar data center, moved a data center once (and only once -- NEVER again), and had a smaller fail-over data center for contingency.  I've dealt with equipment costs, security, power, database replication, and a lot of stuff that makes owning such a venture really, really suck, not to mention all of our custom software we wrote to run on these platforms and interface with specific devices and hardware.

Critical equipment has gone down and never come back up, cooling system that decided to take a lovely Atlanta summer noon off, power outages with a generator that decides to quit working during a lightning storm, even though it ran fine test after test.

This was in the early 2000s, back when owning a tech company with a data center was actually hard.  I spent half my 20s in a perpetual state of stress, so I know what comes with owning a data center and building out your own infrastructure.

Owners of data centers have it much easier nowadays.  Equipment works and is more standardized, network costs are cheap, and the technology overall is standardized and far better than what I had to deal with back in the day.

I'm not saying it's a walk in the park nowadays, but the challenges are different.  I didn't have to deal with intelligence agencies and law enforcement trying to shut me down.  The concept of a telco or ISP deplatforming a customer for politics or not receiving a government-mandated shot would have been considered ridiculously insane and would warrant a call to the people with the paddy-wagon to come take you to where you could get some help.

I didn't have AntiFa-BLM trying to burn down everything in site, and I could receive payment from customers without worry of repercussions from banks.

My business wasn't politics-related, but with lockdowns, vaccines, and surveillance, that matters less and less, so I absolutely acknowledge the challenges a conservative social media platform has in today's world, without question.

I said all that to make the point that I know what's involved to do a venture like this.

Security, of course, is the most critical, and it's a different type of problem than it was back in my day.  It's more complicated now, yet sadly, it's the most neglected, and I can't wait for the day a tech project run by conservatives takes it seriously.  If you say "...but Gab..." then I'll reach through this laptop and smack you across the face.

When I look at a project like this new social media platform, I take notice of the technology stack.  It gives insight into the decision making and experience of the team.  I learned today that the platform is built on Mastodon, which is what Gab recently used before their 19th migration.

Mastodon is fine, if you're gay, but seriously, it's a solid framework to build a social media site for your friends or a small specialty site, but certainly not for a platform that's going to service millions and millions of active Trump supporters slinging memes and videos around all day.

Mastodon runs on Ruby on Rails, which is a dying framework, and the decision to build with this system tells me the Truth Social team is completely clueless. 

 

Web programming

 

Those search terms aren't apples-to-apples, but you get the jist.  Rails is a great framework, but it's not setting the future of the web on fire.  For scale and a platform like Trump's that will need lightning fast response times, you'd use a NodeJS-based framework.  If you're on the Truth Social team and you disagree, you need to resign.  Please.  Right now.

If I had to make a front-end decision today, I'd probably go with something like Svelte.

I don't understand why a venture such as Trump's media company would use a framework under an AGPL license.  Why would they not want to completely own the software outright?  I'm more disturbed by someone who'd make such a decision with this new venture than the decision itself.  I'd ask them the same thing I'd ask one of my engineers after they did something stupid, "take me through your thought process that made you think this was a smart idea."

Why would the leaders of this project not build their own platform?  "Oh yeah DC?  You think you could do better?"

Yes.

If I were leading this project, flush with cash, with Trump and his people in my corner, I'd build the platform from scratch.  That may seem like a big endeavor, but its not.  A monkey with a mental disorder and a keyboard could build a social media platform.  It's so easy, people actually believe Zuckerberg did it with Facebook (I have beach property in Tucson you can have at a steal if you believe that).

I'd (my team would) design the bones of the new platform and make it an open-source project.  I'd vet the pro-Trump (or at least sane engineers who aren't sleeper AntiFa-BLM lunatics and like money) project maintainers who'd manage the code contributions and drive the project development and manage the DevOps.

I'd make sure we had bulletproof authentication.  For whatever reason, developers of conservative platforms seem to be incapable of implementing secure authentication, from how they handle OAuth tokens to moving from dev mode to production before they open up their endpoints.

We'd build the API infrastructure first.  We'd want developers to build all kinds of apps and integrate with the platform.

I have to say, to be a conservative and see how careless and clueless conservative app developers are is embarrassing.  Parler, Gab, and GETTR have been disasters in regards to security.  It's frustrating to watch, and frankly, they make us look stupid.

I'd reach out to a platform like Rumble and talk about video integration.  It appears they (Truth Social) have the iPhone app issue solved and have an agreement with Apple, but I'd have an Android install available for F-Droid (for those who keep Google out of the loop).

Believe me, there's plenty of conservative and pro-Trump software developers and engineers.  Most of them stay quiet and put up with the woke crap so they can make a living.

The project would be decentralized and extremely secure, with end-to-end encryption for messaging.  Minds did it.  We could too.  I'd also borrow a page from Brave Browser's book by paying users with crypto (Minds does that too).  Brave has paved the way with that.

I'd take advantage of a protocol like IPFS for images and files.  It's all about decentralization.  If you don't get that, you shouldn't be leading a venture like this.

I'd look for real estate to stand up some data centers.  With Trump's people, who scout for property for golf resorts and luxury hotels all over the world, I'm sure finding some good locations for a few data centers wouldn't be an issue.

For power, I'd try to figure out how to use our own small nuclear reactors.  NuScale sells them.  Trump, with his contacts and circles could get something like this done.  This would be clean energy, essentially unlimited, and would certainly take care of our cooling requirements without doing stupid things like lining your roof with solar panels.  Idiots.

For network contingency, and perhaps eventually primary, I'd try to do something with Musk's people at Starlink.  Musk already said they're launching satellites that have inter-satellite links.

 

Musk tweet

 

What that means is Musk is taking the internet on Earth completely out of play with his own internet.  It's why I've posted that Starlink is an absolute game changer.

Security is paramount, and I'd spend a good chunk on the best people, even those who hate Trump.  They'd make a ton of money breaking into the platform and exposing vulnerabilities.

Imagine TDS finally making you money.  I'd have quite an elaborate ongoing red team/blue-team security strategy, and we'd build and manage our own edge security, reverse proxy, threat management, and any and all tools we'd need to prevent threats from getting past the moat and castle walls.

The fact they're using CloudFlare in front of a social media platform is ridiculous.  I expect that from Gab, but not this new venture.  This is something they should be handling internally.

There's more I'd do, of course, and it wouldn't be easy (like the nuclear reactor part), but that's the napkin sketch of the direction I'd go.  You get the idea.

If I have Trump on my side with tons of money, contacts, and massive user base, and the benefit of seeing how others failed and where they're succeeding, and plenty of open-source projects available for renovation and integration, nothing would touch us.

Instead, with the current situation, they're just going to spin up a Mastodon instance, change the colors and slap a logo on it, move it behind CloudFlare, and call it a day while the genderly-confused owner threatens their IP?  They have every advantage under the sun that really no platform has ever had.  Why would they piss that away and build a piece of repackaged crap? 

Unreal.

I'm supporting the platform, will promote it, and will join, but I hope they find some developers who know what they're doing, because so far, I promise you they don't.

 

Share on Telegram

Recent Articles