Oddbean new post about | logout
 Just use a signer. 🤷‍♀️ 
 None of the most popular applications I've used make it clear that using a signer is even possible. They all just asked me to paste my nsec. I know not everyone values this as a skill, but it is possible to consider people who aren't as knowledgeable as you are about a given topic and the consequences they may face from doing a particular thing. I know I can use a signer. My problem is that the dominant culture currently is to just paste an nsec as if there is no risk to doing so. I have an issue with that and share my opinion, just as you do on things you care about. My issue isn't with nsecs, only with how we are failing to make it explicitly clear to newcomers how dangerous they can be if handed out to anyone who asks for it. My goal is to persuade others to think with security in mind sooner rather than later.

Also, I have most of the major signers that average people are likely to buy (for my own research and education) and none of them are Nostr focused yet (or at least don't make it clear if they are). Hence why I'm so concerned about encouraging everyone to use the benefit of one nsec for so many apps and services. The already technically knowledgeable are the only types likely to use something like a hardware signer or bunker with Nostr at this point. I want to influence people to consider the consequences of that. Fuck me I guess lol 
 Huh, I use nos2x and Amber. And the apps I use regularly always offer them as a login option. Some apps don't even have the option to enter nsec.

You must be using Primal Android. They're still like that, for reasons I don't understand.