It’s been about six weeks since Elon Musk purchased Twitter for over $44 billion. There has been a raft of layoffs, executive resignations, and security concerns since Elon Musk took control. While many are trying to figure out whether they stay or leave Twitter for another competing platform amidst the chaos, one community made their decision very clear: infosec Twitter. The infosec / cybersecurity community have largely all left for infosec.exchange Mastodon, with many abandoning their Twitter accounts or rarely posting since.
The reasons many are leaving Twitter from the infosec community are vast; some because they can’t get on board with Elon Musk’s rambling and escalating political views; others because key executives within Twitter that were well-respected have since resigned. And some simply don’t trust Musk with their data in a new Twitter existence.
Let’s not forget about the awful rollout of Twitter Blue, which gave anyone who paid $8 access to a “verified” Twitter blue checkmark.
infosec.exchange Mastodon is the way
If you’re looking to migrate to Mastodon yourself, then take a look at our guide on how to get started for the full walkthrough. But in short, Mastodon is a decentralized social media platform that is entirely open source.
Mastodon servers are independently owned and operated, and since they are decentralized, that means you need to create a Mastodon account on each server you wish to participate on—unless they federate with other popular Mastodon servers. The grouping of multiple Mastodon servers is thus known as the fediverse, and will give you a single account to use across all of the federated Mastodon servers.
The infosec community has almost entirely chosen to migrate specifically to infosec.exchange. This is accessible by going to https://www.infosec.exchange in your browser or using the Mastodon app on your smartphone and inputting that server address and your credentials.
Who to follow on infosec.exchange Mastodon
There are over 46,000 users on infosec.exchange according to a recent interview with the server’s administrator, Jerry Bell, on CyberScoop. In October, just prior to Elon Musk purchasing Twitter, there were only 180 users.
Mastodon as a whole now boasts over 5 million user accounts across all of its servers.
While there are many great people to follow, we’re going to suggest a few that—you guessed it—left Twitter. Some of these accounts are still active on Twitter, albeit at a reduced rate. Others have essentially abandoned Twitter altogether.
There are too many to list, but here’s a few to get you started:
Jerry Bell
Jerry is the lead administrator of the infosec.exchange Mastodon server. He’s incredibly active and looked upon as the community leader.
Alyssa Miller
Alyssa is a hacker and a very active community member. She is a CISO with over 25 years in the tech industry, per her profile.
Rachel Tobac
Rachel is the CEO of SocialProof Security, an ethical hacker, and has been featured numerous times on CNN.
Troy Hunt
Troy is a Microsoft Regional Director and you likely know him more as the founder of HaveIBeenPwned.com. He is always sharing new info and updates.
MalwareUnicorn
MalwareUnicorn works at Microsoft’s MORSE team and is a well-respected ethical hacker and public speaker.
Lesley Carhart (hacks4pancakes)
Lesley is the Director of Incident Response at Dragos, a former member of the US Air Force, and public speaker.
Catalin Cimpanu
Technically a part of mastodon.social, a different Mastodon server, it is federated with infosec.exchange. Catalin is a well-respected cybersecurity journalist.
Tanya Janca (SheHacksPurple)
Tanya is an application security, DevSecOps, and ethical hacker. She is also the founder of We Hack Purple Community, a company dedicated to the creation of secure software.
Is Mastodon better than Twitter?
We’ll answer this in great detail in a future post. But, if you’re among the infosec / cybersecurity community, the answer is a resounding yes.
You have to meet your audience where they are, and the infosec community really bound together and dropped Twitter like a bad habit very quickly. There was some hesitation and holdouts throughout November, but come the date of this posting, the community has certainly made their vote clear.
Expansive 500 character limits, no proprietary algorithms, corporate branding, or advertising make infosec.exchange Mastodon look like Twitter maybe 12 years ago. The user base, although rapidly growing, is mostly polite, helpful, and collaborative.
But it also represents an echo chamber: the Mastodon server you join and contribute to can quickly feel like you’re all discussing the same topics and reading similar opinions, unless you manually choose to view federated Mastodon server “toots” (Mastodon version of tweets – now just simply referred to as a published post) or trending topics.
So while you may like that you’re no longer trying to comb through enormous scrolling of posts discussing topics anywhere from politics to cybersecurity, you will be reading and discussing infosec and nothing but infosec unless someone happens to re-post a federated post, or post about a topic other than infosec.
It certainly has a much tighter, community feel to it than Twitter did. And the administrator, Jerry Bell, is extremely active to help deal with any issues that may arise, or act as the community leader.
Which platform you like is largely up to your individual preference and user experience. Just don’t expect to find many less savvy users on Mastodon.