Oddbean new post about | logout
Derek Ross | 4 months ago (raw) | root | parent | reply | flag +4 
 This is why protect your private key so that only YOU can post and sign content displayed on your public key.
AbstractEquilibrium | 4 months ago (raw) | root | parent | reply | flag 
 Unless airgapping every event signature is acceptable to you, there's very little you can do to effectively protect your key.
Derek Ross | 4 months ago (raw) | root | parent | reply | flag 
 That would be silky. No one will do that for every single interaction. It's simle. Don't enter your nsec into websites. Use a signing extension or bunker. Done.
AbstractEquilibrium | 4 months ago (raw) | root | parent | reply | flag 
 Trivial mitigation.  Keeping a post-it of your password in a drawer rather than posted on the monitor makes little difference to the cleaning maid.

And Biden has a LOT of evil maids in his orbit 😉