This is true. I would also add that nostr’s use of public keys while lacking IP privacy is dangerous because it could mislead posters to believe that they are anonymous. So not only are relays not decentralized but any govt agent with access to a relay can figure out who you are. nostr:note1lclqwfrrzgaejj7c8kjz85hw8h9uwxdyfk8z8wtgvzjjdg7qrukqs2dydg
I would like us to advertise the onion and dns addresses of relays as a kind of paid and also have the relay setups do Tor and an onion service by default. Then we need more apps to support it of course. That would go a long ways towards better privacy and actual censorship resistance.
yes. i thought about implementing the #treebit network topology (https://github.com/baumbit/treebit?tab=readme-ov-file#what-is-treebit) on #Nostr You could easily do this using a nostr bouncer and wrap it in an onion server.
How come they are not decentralized? They are all over the globe...you can fire one up right, put it behind Tor and that should do it. Am I wrong? @Ava
Because each relay has a single known controlling individual. A single KYC’d throat to choke. Distributed isn’t decentralized
words of wisdom! we need true p2p and this requires some sort of content filtering. fortunately there is a way: #peercuration https://github.com/baumbit/peercuration?tab=readme-ov-file#peercuration
Is there a running version of peercuration? Or is it a proposal or in development project?
No. No-one knows about it. I developed it a few years ago (before Nostr existed) when I designed a network that is pretty similar to Nostr. I realized that for content to properly propagate while remaining true p2p and work even in ultra hostile environments (such local adhoc meshnetworks that were being attacked (think demonstrations etc)) content needed to be filtered. When Nostr broke through and reached escape velocity, I quit working on it.
I’ll add it to my list of interesting p2p protocols that I use to throw at people who decide they’re going to make a new protocol that solves everything without looking at prior art. I think we do need better spam filters and wot functionality in Nostr. So maybe we can apply some of what you were working on.
1984.is hosting is your friend :) non-kyc hosting and other cloud services you can pay for with btc or monero and access only via tor.
Better than nothing, sure. But why do you think the hosting company will not take the relay offline if demanded? Why do you think they will not deliver the IP addresses of the poster’s npubs, if demanded? Centralized hosting providers are also one throat to choke.
Yes they will comply with a court order if they lose appeals but they won’t know who their customers are. There are configurations and Debian packages that keep your servers from logging ip addresses and other PII.
They might not know who their customers are. But they can take the service offline or they can spy on the users if they want to or are compelled. You won’t know because you can’t verify. This is why I’m saying that the service isn’t decentralized.
This nostr:nevent1qqs8thwfgqys8dd7h6e27tt3duwd65rhtn60nnnly0l2m3hzjgvaq9qpzemhxue69uhhyetvv9ujuurjd9kkzmpwdejhgq3qwmr34t36fy03m8hvgl96zl3znndyzyaqhwmwdtshwmtkg03fetaqxpqqqqqqzhtu3au
If it’s not “private by default” then can it ever be safe for regular users? Or does a newbie introduction to nostr now require a lesson in VPNs and onion routing?
Relays can track IPs. This does not mean they are not decentralized. Use a VPN and/or Orbot/Tor. I agree with @rabble, we need to advertise the onion and dns addresses of relays and have and normalize relay setups that use onion and Tor by default.
Distributed isn’t decentralized. The only reason this is debated is because nostr hasn’t faced any real attacks yet. You seem to be saying that the solution for average folks is to understand onion routing and use VPNs. That seems unlikely and impractical. For average folks, if it’s not safe by default then it’s not safe at all.
Im pretty regarded and even I can use a VPN and Orbot/Tor. Heck I can even use Tails and TOR. But yes Nostr should be more secure by design. More to the standards of #Monero which is so secure and easy that my Grandmother can use it and be safe.
Yup. Add that we would need at least two private keys to have proper control over our Nostr identity. One key for regular login/signing and the master key for admin privileges that override the general key in case our regular key is compromised. I never understood why the Nostr devs decided for risking a single point of failure.