Sign in to make your opin­ion count.

Sign in to make your opin­ion count.

The story of how Microsoft em­braced and then killed AppGet.

Microsoft re­leased WinGet (Not to be mis­taken with ) ear­lier this week as part of their Build 2020 an­nounce­ments. For the past few days, I’ve been col­lect­ing my thoughts fig­ur­ing out what ac­tu­ally hap­pened in the past 12 months. TLDR; I’m no longer go­ing to be de­vel­op­ing AppGet. The client and back­end ser­vices will go into main­te­nance mode im­me­di­ately un­til August 1st, 2020, at which point they’ll be shut down per­ma­nently.If you are still in­ter­ested, here is how AppGet died.A year ago (July 3rd) I got this email from Andrew, a high-level man­ager at Microsoft,

I run the Windows App Model en­gi­neer­ing team and in par­tic­u­lar the app de­ploy­ment team. Just wanted to drop you a quick note to thank you for build­ing appget — it’s a great ad­di­tion to the Windows ecosys­tem and makes Windows de­vel­op­ers life so much eas­ier. We will likely be up in Vancouver in the com­ing weeks for meet­ings with other com­pa­nies but if you had time we’d love to meet up with you and your team to get feed­back on how we can make your life eas­ier build­ing appget.

Naturally, I was ex­cited; my hobby pro­ject be­ing no­ticed by Microsoft was a big deal. I replied, and two months and a few emails later, we fi­nally had a meet­ing planned on August 20th at Microsoft Vancouver. The meet­ing was be­tween me, Andrew and an­other en­gi­neer­ing man­ager in the same prod­uct group. I had a great time; we talked about the ideas be­hind AppGet, what I thought was bro­ken about the cur­rent pack­age man­ager sys­tems in Windows and what I had planned for AppGet’s fu­ture. We went out for lunch and talked a bit more about AppGet, Windows Phone, and a few other things, but the out­come of the meet­ing as far as I un­der­stood it was, what can Microsoft do to help? I men­tioned some Azure credit would be nice, get­ting some doc on how the new MSIX pack­ages work and if they could fix a few is­sues I had with some of their down­load links.Fast for­ward to next week (August 28th), and I got this email from Andrew,

it was a plea­sure to meet you and to find out more about appget. I’m fol­low­ing up on the azure startup pric­ing for you. As you know we are big fans of pack­age man­agers on Windows and we are look­ing to do more in that space. My team is grow­ing and part of that is to build a team who is re­spon­si­ble for en­sur­ing pack­age man­agers and soft­ware dis­tri­b­u­tion on Windows makes a big step for­ward. We are look­ing to make some sig­nif­i­cant changes to the way that we en­able soft­ware dis­tri­b­u­tion on Windows and there’s a great op­por­tu­nity (well I would say that would­n’t I?) to help de­fine the fu­ture of Windows and app dis­tri­b­u­tion through­out Azure/Microsoft 365.

With that in mind have you con­sid­ered spend­ing more time ded­i­cated to appget and po­ten­tially at Microsoft?

Initially, I was a bit hes­i­tant; I did­n’t want to go to Microsoft to work on Windows Store, MSI en­gine or some other app de­ploy­ment-re­lated stuff. Shortly af­ter, I was as­sured that I would spend all my time on AppGet. After about a month of pro­longed email back and forth, we came to the con­clu­sion that the arrange­ment will be very sim­i­lar to an ac­qui-hire; Microsoft would hire me, AppGet would come with me, and they would de­cide if they wanted to re­name it some­thing else, or it would be­come Microsoft AppGet.Throughout the whole process, I was very un­clear on what my role would be at Microsoft. What would my re­spon­si­bil­i­ties be? Who would I re­port to? Who/anyone would re­port to me? I tried clear­ing some of these an­swers through­out those slow con­ver­sa­tions but never got a clear an­swer.Af­ter an­other few months of again very slow email con­ver­sa­tions, I was told that the ac­qui-hire process through BizDev would take a very long time. An al­ter­na­tive to speed up the process would be just to hire me with a “” and then work on mi­grat­ing the code own­er­ship af­ter the fact. I did­n’t have any ob­jec­tions, so we sched­uled some meet­ings/​in­ter­views in Redmond.I flew to Seattle on December 5th to have a full day of in­ter­views/​meet­ings at Microsoft HQ. I met with four dif­fer­ent peo­ple; three of the meet­ings were more like your typ­i­cal in­ter­views; the meet­ing with Andrew was more about what we should do once this is all over and how we would mi­grate AppGet’s process and in­fra­struc­ture to be able to han­dle Microsoft’s scale. We talked about some of our op­tions, but in gen­eral, I thought every­thing went well.My last meet­ing ended at around 6 pm. I took an Uber to the air­port and was back in Vancouver.And then, I did­n’t hear any­thing back from any­one at Microsoft for six months.Un­til ear­lier this week when I was given heads up about WinGet’s launch the next day,

Hi Keivan, I hope you and your fam­ily are do­ing well — BC seems to have a good han­dle on covid com­pared to the us.

I’m sorry that the pm po­si­tion did­n’t work out. I wanted to take the time to tell you how much we ap­pre­ci­ated your in­put and in­sights. We have been build­ing the win­dows pack­age man­ager and the first pre­view will go live to­mor­row at build. We give appget a call out in our blog post too since we be­lieve there will be space for dif­fer­ent pack­age man­agers on win­dows. You will see our pack­age man­ager is based on GitHub too but ob­vi­ously with our own im­ple­men­ta­tion etc. our pack­age man­ager will be open source too so ob­vi­ously we would wel­come any con­tri­bu­tion from you.

I look for­ward to talk­ing to you about our pack­age man­ager once we go live to­mor­row. Obviously this is con­fi­den­tial un­til to­mor­row morn­ing so please keep this to your­self. You and choco­latey are the only folks we have told about this in ad­vance.

I was­n’t too sur­prised; I had fig­ured out months ago that the “Microsoft thing” is­n’t hap­pen­ing.I waited un­til the next day to see what this new pack­age man­ager was go­ing to be like. When I fi­nally saw the an­nounce­ment and the GitHub repos­i­to­ries, I was shocked? Upset? I was­n’t even sure what I was look­ing at.When I showed it to my wife, the first thing she said was, “They Called it WinGet? are you se­ri­ous!?” I did­n’t even have to ex­plain to her how the core me­chan­ics, ter­mi­nol­ogy, the man­i­fest for­mat and struc­ture, even the pack­age repos­i­to­ry’s folder struc­ture, are very by AppGet.Am I up­set they did­n’t hire me? Not re­ally, af­ter vis­it­ing the cam­pus, I was­n’t too sure I wanted to work for such a big com­pany, also mov­ing from Canada to the U.S. was­n’t some­thing I was too ex­cited about. Also, through­out the process, at no time I as­sumed this was done deal.Am I up­set that Microsoft, a 1.4 tril­lion-dol­lar com­pany, fi­nally got their act to­gether and re­leased a de­cent pack­age man­ager for their flag­ship prod­uct? No, they should’ve done it years ago. They should­n’t have screwed Windows Store as badly as they did.Re­al­is­ti­cally, no mat­ter how hard I tried to pro­mote AppGet, it would never grow at the rate a so­lu­tion would. I did­n’t cre­ate AppGet to get rich or to be­come fa­mous or get hired by Microsoft. I cre­ated AppGet be­cause I thought us Windows users de­served a de­cent app man­age­ment ex­pe­ri­ence too.What both­ers me is how the whole thing was han­dled. The slow and dread­ful com­mu­ni­ca­tion speed. The to­tal ra­dio si­lence at the end. But the part that hurts the most was the an­nounce­ment. AppGet, which is ob­jec­tively where most ideas for WinGet came from, was only men­tioned as an­other pack­age man­ager that just hap­pened to ex­ist; While other pack­age man­agers that WinGet shares very lit­tle with were men­tioned and ex­plained much more de­lib­er­ately.There is a sil­ver lin­ing. WinGet will be built on a solid foun­da­tion and has the po­ten­tial to suc­ceed. And we ne­glected Windows users might fi­nally have a de­cent pack­age man­ager. —Code be­ing copied is­n’t an is­sue. I knew full well what it meant to re­lease some­thing open­source and I don’t re­gret it one bit. What was copied with no credit is the foun­da­tion of the pro­ject. How it ac­tu­ally works. If I were the patent­ing type, this would be the thing you would patent. ps. I don’t re­gret not patent­ing any­thing. And I don’t mean the gen­eral con­cept of pack­age/​app man­agers, they have been done a hun­dred times. If you look at sim­i­lar pro­jects across OSes, Homebrew, Chocolaty, Scoop, ni­nite etc; you’ll see they all do it in their own way. However, WinGet works pretty much iden­ti­cal to the way AppGet works. Do you want to know how Microsoft WinGet works? go read the ar­ti­cle I wrote 2 years ago about how AppGet works.I’m not even up­set they copied me. To me, that’s a val­i­da­tion of how sound my idea was. What up­sets me is how no credit was given.You should’ve fol­lowed up.I did, There was an is­sue with my travel re­im­burse­ment, So I con­tacted the HR con­tact and at the same time asked about the Interviews, She told me some­one will get back to me about that and they never did. This was on Feb 14th, 2020.

Why Chocolatey is Broken Beyond Any Hope

Posted on 20 May 2020

Tagged with:

[ aws ]

[ ama­zon ]

More of­ten than not, I’m us­ing Amazon Web Services (AWS) as my “cloud”. Not only for my own pro­jects, but al­most all cus­tomers I’m work­ing for use Amazon for host­ing their ap­pli­ca­tions. So over time you build up a lot of ex­pe­ri­ence on AWS ser­vice: you know how to (correctly) setup VPC’s, know when to you ECS, EC2 or lambda to host code and even ser­vices like S3, SNS and SQS pose no chal­lenges any­more.

But there are a lot of AWS ser­vices avail­able. And I do mean: a LOT. Currently, there are 163 (!) dif­fer­ent ser­vices that are avail­able from the Amazon Dashboard, each with their own way of work­ing, dif­fi­cul­ties, catches and best prac­tises.

You might re­alise that it’s prob­a­bly near im­pos­si­ble to dive into each ser­vice and com­pletely un­der­stand how they work and most likely, you don’t re­ally need to know the ex­act ins and outs. But, hav­ing a ba­sic un­der­stand­ing on each ser­vice can be a ma­jor ben­e­fit as a de­vel­oper, ar­chi­tect or ad­min­is­tra­tor. It makes it eas­ier to see if there is an al­ready ex­ist­ing so­lu­tion for your prob­lem at hand.

So, I dove into each and every ser­vice to fig­ure out what it ex­actly was for and how it works in the ba­sics. I tried to ex­per­i­ment with as many com­po­nents as pos­si­ble (time and money per­mit­ting, I did­n’t want to spend 15.000$ on AWS Data Exchange). I tried to cap­ture what the ser­vice does in a sin­gle one-liner to give you a global overview.

I think most of them are cor­rect enough but if you have any sug­ges­tions or cor­rec­tions, please tell me!

Functions you can run, writ­ten in Python, NodeJS, Go etc. Can run many in par­al­lel.

Repository of server­less ap­pli­ca­tions that you can de­ploy (on lambda)

Run Amazon ser­vices in your own data cen­ter

File stor­age. Not di­rectly used for mount­ing, but you can di­rectly down­load files from HTTP.

Windows / Lustre filesys­tems you can con­nect to your ec2 ma­chines

Low cost stor­age sys­tem for back­ups and archives and such

iSCSI so you can con­nect s3 to your own (remote) ma­chine.

Warehousing. Store lots of data that can be processed through streams.

MongoDB clone (but not re­ally com­pat­i­ble any­more)

Migrate things from your DC to AWS

Migrate data­bases to RDS while stay­ing on­line (can con­vert struc­tures as well)

(s)FTP ser­vice with S3 back­end. Upload to FTP, di­rectly store on S3 bucket.

Get a ma­chine from AWS, plug in your DC, trans­fer data fast to AWS, re­turn ma­chine

Sync data be­tween your dat­a­cen­ter and AWS

Create your own vir­tual pri­vate net­work within AWS.

Create HTTP APIs and let them con­nect to dif­fer­ent back­ends.

Create a (physical) con­nec­tion be­tween you (or DC) to AWS.

Automatically run Envoy as a side­car for your con­tain­ers (ECS or EKS).

Run your app on edge lo­ca­tions so they are closer to your cus­tomers (CDN for apps).

Quickly de­velop ap­pli­ca­tions by us­ing tem­plate code and code­com­mit, code­build etc

Allows trac­ing in your ap­pli­ca­tions, sup­ports Python, NodeJs, Go etc.

Cloud so­lu­tion for ro­botic de­vel­op­ers to sim­u­late, test and se­curely de­ploy ro­botic ap­pli­ca­tions

Job board: Hire AWS ex­perts for what­ever you need.

Let AWS han­dle your AWS ser­vices for you.

Some quan­tum thing. It’s in pre­view so I have no idea what it is.

Scale re­sources based on your cus­tom in­puts and rules

Templates to cre­ate and con­fig­ure AWS com­po­nents (think ter­raform/​sls)

Figure out who did what in your AWS ser­vices

Audit the con­fig­u­ra­tions of your AWS re­sources

Manage list of items/​codes etc you have in the cloud

View data from your re­sources grouped in ways you like (like ap­pli­ca­tion spe­cific etc)

Generate ques­tion­naires about your ar­chi­tec­ture to see if you fol­low best prac­tices

Finds your re­sources and ad­vices on how to save costs

Encode files from S3 into dif­fer­ent other for­mats and store back at S3

cre­ate videos on-premise. Basically a mix of all of the above ser­vices. Seems ex­pen­sive. Probably is.

in pre­view so no idea.

Search ser­vice where you can ask ques­tions

Convert text to speech in dif­fer­ent lan­guages

Translates text from one lan­guage to an­other

Some kind of game where you pro­gram a race­car to race against oth­ers.

Let hu­mans in the loop to make AI learn things bet­ter

Computer gen­er­ated mu­sic. It’s as hor­ri­ble as it sounds.

Collect mas­sive amount of data so you can do an­a­lyt­ics (like ELK?)

Find APIs which data you can con­sume, which can be very ex­pen­sive

AWS’s per­mis­sion sys­tem that can con­trol users and AWS ser­vices.

Share cer­tain AWS re­sources like Route53, li­censes, ec2 with other ac­counts.

User and pass­word man­age­ment sys­tem. Useful for man­ag­ing users for your ap­pli­ca­tions.

Automatically find (security) is­sues in your net­work and ma­chines.

Analyzes data in your S3 buck­ets and check for PII data.

Allow sin­gle-sign on to your ap­pli­ca­tions.

Hardware se­cu­rity mod­ules. Allows you to gen­er­ate and op­er­ate on cryp­to­graphic keys.

Web Application Firewall (for load­bal­ancers, cloud­front, api gate­way). Can setup your own rules or use pre­de­fined ones

Firewall man­ager for dif­fer­ent ac­counts in your or­gan­i­sa­tion

Overall se­cu­rity checker that uses guard­duty, in­spec­tor, ma­cie etc

Let AWS au­to­mat­i­cally gen­er­ate fron­tend & back­end apps and de­ploy them au­to­mat­i­cally.

Create API back­ends that you can con­nect to. Can be cre­ated through AWS Amplify as well.

AWS BrowserStack. Automatically test apps on many dif­fer­ent mo­bile de­vices and browsers.

No idea. The dash­board crashes in my browsers

Automatically con­nects apps to­gether (zapier?). For in­stance: slack to s3 buck­ets.

Notification sys­tem that can no­tify through email, api end­points, sms etc.

Gives an overview and pro­jec­tion of your bud­gets

Connect Alexa to your busi­ness needs.

Store your doc­u­ments and man­age them on­line.

RTOS op­er­at­ing sys­tem for mi­cro­con­trollers to au­to­mat­i­cally con­nect to IOT-Core or green­grass.

Manage 1-click but­tons that can be con­nected to other sys­tems like Lambda

Clean up and save mes­sages from top­ics into a data-store for an­a­lyt­ics

Detect un­wanted is­sues on your de­vices and take ac­tions

Organize IoT de­vices into groups, sched­ule jobs on the de­vices and con­fig­ure re­mote ac­cess

Monitor teleme­try from de­vices and then trig­ger other AWS ser­vices or jobs on the de­vices them­selves

A mes­sage bro­ker can buffer mes­sages for groups of up to 200 de­vices which can com­mu­ni­cate and process data lo­cally if con­nec­tiv­ity to IoT Core is in­ter­mit­tent.

Collect, or­ga­nize, an­a­lyze and vi­su­al­ize data from in­dus­trial equip­ment at scale

Cloudformation-like de­signer for graph­ing how de­vices should com­mu­ni­cate with other AWS ser­vices

Run con­tain­ers, ei­ther on your own EC2 ma­chines, or on man­aged ma­chines called Fargate.

Thanks to Brian Thomas Smith for fill­ing in the blanks on IoT. Thanks to all the oth­ers from #HN who sug­gested changes and up­dates on the dif­fer­ent ser­vices.

With over 150 ser­vices run­ning on Amazon AWS, it’s near im­pos­si­ble to be an ex­pert on all of them. And that’s ok: when you deal with large EKS or ECS clus­ters, changes are you never will touch the IOT ser­vices for in­stances. I found that most ser­vices are pretty well ex­plained and easy to start with.

One of the biggest is­sues are the IOT ser­vices: since I have no ex­pe­ri­ence with smart de­vices, MQTT or IOT in gen­eral, i fi­nally man­aged to get a sim­ple GO ap­pli­ca­tion to con­nect to IOT-core, and con­nect dif­fer­ent rules, pipelines, an­a­lyt­ics etc to it. But even still it’s very un­clear what the dif­fer­ent ser­vices ac­tu­ally do. Hopefully there will be AWS IOT ex­perts out there that can en­lighten me.

Skip to con­tent

This is the legacy ver­sion of twit­ter.com. We will be shut­ting it down on June 1, 2020. Please switch to a sup­ported browser, or dis­able the ex­ten­sion which masks your browser. You can see a list of sup­ported browsers in our Help Center.

Let us not seek to sat­isfy our thirst for free­dom by drink­ing from the cup of bit­ter­ness and ha­tred. ― Dr. Martin Luther King, Jr.

You can add lo­ca­tion in­for­ma­tion to your Tweets, such as your city or pre­cise lo­ca­tion, from the web and via third-party ap­pli­ca­tions. You al­ways have the op­tion to delete your Tweet lo­ca­tion his­tory. Learn more

Public · Anyone can fol­low this list

Private · Only you can ac­cess this list

Here’s the URL for this Tweet. Copy it to eas­ily share with friends.

Add this Tweet to your web­site by copy­ing the code be­low. Learn more

Add this video to your web­site by copy­ing the code be­low. Learn more

Hmm, there was a prob­lem reach­ing the server.

By em­bed­ding Twitter con­tent in your web­site or app, you are agree­ing to the Twitter Developer Agreement and Developer Policy.

Why you’re see­ing this ad

Not on Twitter? Sign up, tune into the things you care about, and get up­dates as they hap­pen.

» See SMS short codes for other coun­tries

This time­line is where you’ll spend most of your time, get­ting in­stant up­dates about what mat­ters to you.

Hover over the pro­file pic and click the Following but­ton to un­fol­low any ac­count.

When you see a Tweet you love, tap the heart — it lets the per­son who wrote it know you shared the love.

Add your thoughts about any Tweet with a Reply. Find a topic you’re pas­sion­ate about, and jump right in.

Get in­stant in­sight into what peo­ple are talk­ing about now.

Get more of what you love

Follow more ac­counts to get in­stant up­dates about top­ics you care about.

See the lat­est con­ver­sa­tions about any topic in­stantly.

Catch up in­stantly on the best sto­ries hap­pen­ing as they un­fold.

Google ap­pears to be phas­ing out the abil­ity to visit the orig­i­nal URL from an AMP page. Tapping the info icon in the top left used to pro­vide the op­tion to visit the real URL. Currently only an is­sue in Image Search.pic.twitter.com/slWgaqvEi4

Thanks. Twitter will use this to make your time­line bet­ter.

Thanks. Twitter will use this to make your time­line bet­ter.

Loading seems to be tak­ing a while.

Twitter may be over ca­pac­ity or ex­pe­ri­enc­ing a mo­men­tary hic­cup. Try again or visit Twitter Status for more in­for­ma­tion.

A Facebook Inc. team had a blunt mes­sage for se­nior ex­ec­u­tives. The com­pa­ny’s al­go­rithms weren’t bring­ing peo­ple to­gether. They were dri­ving peo­ple apart.

“Our al­go­rithms ex­ploit the hu­man brain’s at­trac­tion to di­vi­sive­ness,” read a slide from a 2018 pre­sen­ta­tion. “If left unchecked,” it warned, Facebook would feed users “more and more di­vi­sive con­tent in an ef­fort to gain user at­ten­tion & in­crease time on the plat­form.”

What if I say, your Email ID is all I need to takeover your ac­count on your fa­vorite web­site or an app. Sounds scary, right? This is what a bug in Sign in with Apple al­lowed me to do.

In the month of April, I found a zero-day in Sign in with Apple that af­fected third-party ap­pli­ca­tions which were us­ing it and did­n’t im­ple­ment their own ad­di­tional se­cu­rity mea­sures. This bug could have re­sulted in a full ac­count takeover of user ac­counts on that third party ap­pli­ca­tion ir­re­spec­tive of a vic­tim hav­ing a valid Apple ID or not.

For this vul­ner­a­bil­ity, I was paid $100,000 by Apple un­der their Apple Security Bounty pro­gram.

The Sign in with Apple works sim­i­larly to OAuth 2.0. There are two pos­si­ble ways to au­then­ti­cate a user by ei­ther us­ing a JWT (JSON Web Token) or a code gen­er­ated by the Apple server. The code is then used to gen­er­ate a JWT. The be­low di­a­gram rep­re­sents how the JWT cre­ation and val­i­da­tion works.

In the 2nd step, while au­tho­riz­ing, Apple gives an op­tion to a user to ei­ther share the Apple Email ID with the 3rd party app or not. If the user de­cides to hide the Email ID, Apple gen­er­ates its own user-spe­cific Apple re­lay Email ID. Depending upon the user se­lec­tion, af­ter suc­cess­ful au­tho­riza­tion, Apple cre­ates a JWT which con­tains this Email ID which is then used by the 3rd party app to lo­gin a user.

A de­coded JWT’s pay­load looks like this:

I found I could re­quest JWTs for any Email ID from Apple and when the sig­na­ture of these to­kens was ver­i­fied us­ing Apple’s pub­lic key, they showed as valid. This means an at­tacker could forge a JWT by link­ing any Email ID to it and gain­ing ac­cess to the vic­tim’s ac­count.

Here on pass­ing any email, Apple gen­er­ated a valid JWT (id_token) for that par­tic­u­lar Email ID.

The im­pact of this vul­ner­a­bil­ity was quite crit­i­cal as it could have al­lowed full ac­count takeover. A lot of de­vel­op­ers have in­te­grated Sign in with Apple since it is manda­tory for ap­pli­ca­tions that sup­port other so­cial lo­gins. To name a few that use Sign in with Apple - Dropbox, Spotify, Airbnb, Giphy (Now ac­quired by Facebook). These ap­pli­ca­tions were not tested but could have been vul­ner­a­ble to a full ac­count takeover if there weren’t any other se­cu­rity mea­sures in place while ver­i­fy­ing a user.

Apple also did an in­ves­ti­ga­tion of their logs and de­ter­mined there was no mis­use or ac­count com­pro­mise due to this vul­ner­a­bil­ity.

A huge thanks to the Apple Security Team.

Thanks for the read, see you in next ar­ti­cle :)

Skip to con­tent

This is the legacy ver­sion of twit­ter.com. We will be shut­ting it down on June 1, 2020. Please switch to a sup­ported browser, or dis­able the ex­ten­sion which masks your browser. You can see a list of sup­ported browsers in our Help Center.

You can add lo­ca­tion in­for­ma­tion to your Tweets, such as your city or pre­cise lo­ca­tion, from the web and via third-party ap­pli­ca­tions. You al­ways have the op­tion to delete your Tweet lo­ca­tion his­tory. Learn more

Public · Anyone can fol­low this list

Private · Only you can ac­cess this list

Here’s the URL for this Tweet. Copy it to eas­ily share with friends.

Add this Tweet to your web­site by copy­ing the code be­low. Learn more

Add this video to your web­site by copy­ing the code be­low. Learn more

Hmm, there was a prob­lem reach­ing the server.

By em­bed­ding Twitter con­tent in your web­site or app, you are agree­ing to the Twitter Developer Agreement and Developer Policy.

Why you’re see­ing this ad

Not on Twitter? Sign up, tune into the things you care about, and get up­dates as they hap­pen.

» See SMS short codes for other coun­tries

This time­line is where you’ll spend most of your time, get­ting in­stant up­dates about what mat­ters to you.

Hover over the pro­file pic and click the Following but­ton to un­fol­low any ac­count.

When you see a Tweet you love, tap the heart — it lets the per­son who wrote it know you shared the love.

Add your thoughts about any Tweet with a Reply. Find a topic you’re pas­sion­ate about, and jump right in.

Get in­stant in­sight into what peo­ple are talk­ing about now.

Get more of what you love

Follow more ac­counts to get in­stant up­dates about top­ics you care about.

See the lat­est con­ver­sa­tions about any topic in­stantly.

Catch up in­stantly on the best sto­ries hap­pen­ing as they un­fold.

Twitter just hid & dis­abled en­gage­ment with Donald Trump’s tweet for vi­o­lat­ing terms of ser­vice.pic.twit­ter.com/​6hyYYY­ROZB

Thanks. Twitter will use this to make your time­line bet­ter.

Thanks. Twitter will use this to make your time­line bet­ter.

Thanks. Twitter will use this to make your time­line bet­ter.

Thanks. Twitter will use this to make your time­line bet­ter.

Thanks. Twitter will use this to make your time­line bet­ter.

Thanks. Twitter will use this to make your time­line bet­ter.

Loading seems to be tak­ing a while.

Twitter may be over ca­pac­ity or ex­pe­ri­enc­ing a mo­men­tary hic­cup. Try again or visit Twitter Status for more in­for­ma­tion.

Follow us on GitHub. Watch the re­leases of each repo to get no­ti­fied when we are ready for Beta launch.

Obsidian is a pow­er­ful knowl­edge base that works on top of

a lo­cal folder of plain text Markdown files.

Also avail­able for macOS, Linux (AppImage), and Linux (Snap).

The hu­man brain is non-lin­ear: we jump from idea to idea, all the time. Your second brain should work the same.

In Obsidian, mak­ing and fol­low­ing [[connections]]

is fric­tion­less. Tend to your notes like a gar­dener; at the end of the day, sit back and mar­vel at your own knowl­edge graph.

Note-taking is in­cred­i­bly per­sonal. Tried every app, but there’s al­ways something not quite right? You de­serve bet­ter.

Obsidian is built to be ex­ten­si­ble. With 18 core plu­g­ins

and count­ing, set up your own toolkit and get run­ning in min­utes.

You’ll even be able to in­stall third party plu­g­ins or build your own once Obsidian reaches v1.0. Sky’s the limit.

In our age when cloud ser­vices can shut

down, get

bought, or change

pri­vacy pol­icy any day, the last thing you want is pro­pri­etary for­mats and data lock-in.

With Obsidian, your data sits in a lo­cal folder. Never leave your life’s work held hostage in the cloud again.

Plain text Markdown also gives you the un­par­al­leled interoperability to use any kind of sync, en­cryp­tion, or data pro­cess­ing that works with plain text files.

Also avail­able for macOS, Linux (AppImage), and Linux (Snap).