Unpopular opinion: Absolutely terrible idea

Nostr-web-services is just ngrok / cloudflared with extra steps and more concerns about safety.

1. The things you expose are public; hackers can find you and see whatever you are hosting.

2. You DO NOT OWN your web service if the name servers are not under your control.

Whoever owns the name server is the prime authority, and they can inject whatever they want into your website.

Imagine out of 10 relays, even one of them injects your website with a code to steal passwords and you happen to use that relay (YOU ARE COMPROMISED!!)

It is as dangerous as port forwarding / dynamic DNS with extra concerns about integrity. 

When I say "as dangerous as port forwarding", I think I am explaining it casually, but in reality, this is far more dangerous and concerning.

Just two days ago when I was looking into issues with port forwarding / dynamic DNS / Nostr-web-services, I discovered: 

1. THREE THOUSAND (3k!!!!) Tesla with open information about their home coordinates, their kid's school, drop location, their workplace, their exact address, if their Tesla is active or not.

2. 6K + Camera with a full recording of the whole month, installed in people's personal—-BEDROOM--, baby monitor. 

There is no excuse for self-hosting irresponsibly; it should be done to increase your privacy and security, not to increase the risk.

Holesail provides a way to achieve this peak self-privacy and security. You expose only what you 🫵 choose, and only the person you want can access it, with no chances of a man-in-the-middle attack from a random relay and their DNS hosting.

I like how enthusiastic people are about Nostr and Nostr-based services, but we should NOT overlook the security and risks some of these ideas might bring!

https://m.primal.net/JWdi.png 

 nostr:npub1h8nk2346qezka5cpm8jjh3yl5j88pf4ly2ptu7s6uu55wcfqy0wq36rpev 

nostr:note12vy8lmphxyfd7np7t503k8fzs3em2h6szfwad0fkgr6prjkjuhxsddyprj