Oddbean new post about | logout
pippellia | 1 months ago (raw) | root | parent | reply | flag 
 cool, website, but I still don't understand. I don't remember leaving a review, and in fact I haven't. No reviews there, no likes. So why am I recommending something that I don't recommend?

I have shared links from highliter, but that's it.
Vitor Pamplona | 1 months ago (raw) | root | parent | reply | flag 
 Have you used highlighter before? It might have added automatically
pippellia | 1 months ago (raw) | root | parent | reply | flag +1 
 yes, but I've used it like 2 times. And to be honest both times I had problems so I wouldn't recommend.
Vitor Pamplona | 1 months ago (raw) | root | parent | reply | flag 
 Well, you can log into nostrapp.link on a desktop and remove the recommendation
Don't ₿elieve the Hype 🦊 | 1 months ago (raw) | root | parent | reply | flag 
 Highlighter adds (or added?) the recommendation automatically.
pippellia | 1 months ago (raw) | root | parent | reply | flag +1 
 is this true nostr:nprofile1qqs04xzt6ldm9qhs0ctw0t58kf4z57umjzmjg6jywu0seadwtqqc75sprfmhxue69uhhq7tjv9kkjepwve5kzar2v9nzucm0d5hsz9thwden5te0wfjkccte9ejxzmt4wvhxjme0qythwumn8ghj7un9d3shjtnswf5k6ctv9ehx2ap0y8qdrm?
PABLOF7z | 1 months ago (raw) | root | parent | reply | flag +2 
 yeah, there was a bug a few months ago that caused this, no longer the case

fwiw, I think "recommended" is not the right verb for this -- I think we should change it to more like "default handler" or something like that
pippellia | 1 months ago (raw) | root | parent | reply | flag 
 ohh, so it wasn't Amethyst. Okay, gotcha, and thank you.
nielliesmons | 1 months ago (raw) | root | parent | reply | flag +3 
 Yeah, this is the kind of user deception I don't want to see in @Zapstore.

When a user publishes something for public use: 
1️⃣  It needs to be clear that he's publishing something 🤷‍♂️
2️⃣  It needs to be very obviously public

Again, this is why I prefer to look at the public actions users already do anyway: replies, zaps, public bookmarking, etc...
pippellia | 1 months ago (raw) | root | parent | reply | flag +1 
 I absolutely agree. Even for the WoT angle, you can't build meaningful metrics if the user is not aware of what he's publishing.
franzap | 1 months ago (raw) | root | parent | reply | flag +3 
 Agreed.

I know it's not malicious on the part of any dev, but I've encountered several nostr apps prompting for signing multiple events of mysterious kinds.

Including events in a non-interactive context like loading a website an being asked for a signature.

Sign (or prompt to) events only when absolutely necessary. Be explicit about what's not obvious. Maybe we need work on UI/UX design around prompts?

nostr:note1tm93m6cvr2xpnafeschzsp7sgxurqszm0jzxrgar757eeuzanu0sqgv98e
franzap | 1 months ago (raw) | root | parent | reply | flag 
 Forgot to mention: Some of these events with a huge chunk of  base64 encoded data. Puts the user in a weird spot