words of wisdom! we need true p2p and this requires some sort of content filtering. fortunately there is a way: #peercuration https://github.com/baumbit/peercuration?tab=readme-ov-file#peercuration 

 Is there a running version of peercuration? Or is it a proposal or in development project? 

 No. No-one knows about it. I developed it a few years ago (before Nostr existed) when I designed a network that is pretty similar to Nostr. I realized that for content to properly propagate while remaining true p2p and work even in ultra hostile environments (such local adhoc meshnetworks that were being attacked (think demonstrations etc)) content needed to be filtered. When  Nostr broke through and reached escape velocity, I quit working on it. 

 I’ll add it to my list of interesting p2p protocols that I use to throw at people who decide they’re going to make a new protocol that solves everything without looking at prior art. 

I think we do need better spam filters and wot functionality in Nostr. So maybe we can apply some of what you were working on.  

 Love to hear it. Ive stopped working on it myself (don’t have time to do it any longer), but would love to see someone else at least get some inspirations and what not! 

 Well.. I don't fully get it. No central point of control over Nostr network and protocol is to some degree centralization I think. 

 1984.is hosting is your friend :) non-kyc hosting and other cloud services you can pay for with btc or monero and access only via tor.  

 ✊🏼 

 Better than nothing, sure. But why do you think the hosting company will not take the relay offline if demanded?

Why do you think they will not deliver the IP addresses of the poster’s npubs, if demanded?

Centralized hosting providers are also one throat to choke. 

 Yes they will comply with a court order if they lose appeals but they won’t know who their customers are. 

There are configurations and Debian packages that keep your servers from logging ip addresses and other PII.  

 They might not know who their customers are. But they can take the service offline or they can spy on the users if they want to or are compelled. You won’t know because you can’t verify. This is why I’m saying that the service isn’t decentralized. 

 If it’s not “private by default” then can it ever be safe for regular users?

Or does a newbie introduction to nostr now require a lesson in VPNs and onion routing? 

 Thx. I thought I lost the meaning of decentralization means. I agree with the rest and great that discussions are taking place. 

 Distributed isn’t decentralized. The only reason this is debated is because nostr hasn’t faced any real attacks yet. 

You seem to be saying that the solution for average folks is to understand onion routing and use VPNs. That seems unlikely and impractical. For average folks, if it’s not safe by default then it’s not safe at all. 

 Im pretty regarded and even I can use a VPN and Orbot/Tor.  Heck I can even use Tails and TOR.  

But yes Nostr should be more secure by design.  More to the standards of #Monero which is so secure and easy that my Grandmother can use it and be safe.