Oddbean new post about login | logout NWS works with and without encrypted transport. There are lots of different flavors to explore. When used without encryption, the entry node must be run by the user themselves because public entry nodes would be able to listen in otherwise. Two options in those cases: run the entry node locally in tandem with your (unmodified) client, or skip the entry node and modify the client so that data is sent through nostr to the exit node directly (the client is the entry node). When used with encryption, the entry node can also be public. If the encryption doesn't rely on certificate authorities, it just works. You have to make sure you're talking to the right person, but that problem is as old as computer science. For example, ssh will ask you to confirm the fingerprint of the server when you connect. If the encryption is https and the certificate was issued for a normal domain, your browser will complain (do you trust this website?) and the user will have to say "let me pass, even if insecure". Without ugly hacks (issuing your own root cert for example), I don't know ways to circumvent this. Note that Tor services doen't support https and they don't have to since transport is always Sphinx-encrypted (even hidden from the entry node). How do you make sure you're talking to the right server if you use https? Couldn't the entry node just send your traffic somewhete else? We can actually do something that is unique to Nostr here: the exit node can publish its own TLS certificate on nostr and sign it. That's right, you don't need an authority to do that for you if you remain within the NWS system. Clients can fetch the cert from nostr before talking to the entry node and verify against that cert. Here is another cool part that we haven't talked about yet: the exit node can also be configured to reach the global Internet and not only a local service (we call this NWS v2). In those cases, NWS can be used a bit like a VPN. You can type "https google dot com" in your browser and your encrypted traffic would flow from your machine to the entry node, to the exit node, then to Google and back to you. on those cases, nobody complains about the certificate because everything is fine. Exciting shit. Gm.
GM☕️☕️💜🌅Operating on a higher level🫡
StOp BrEaKiNg NosTr!!!!
run a relay before you complain 😂
🚀
If it can be broken, it will be 🤷♂️💜
GM 🫡
This sounds both super exciting and like gibberish to my poor untrained pleb brain! Keep it coming
This is naive and someone is going to get burned.
If you want to replace Tor you need to presume an omnipotent adversary that will perform deep packet inspection to correlate requests with response origins. Previously this was unlikely outside of the NSA, but now lots of people can do it for some subset of the net. Every zero day expands their reach, and advances in AI based exploit research will increase the zero day rate.
On top of that, this will generate a huge amount of ephemeral spam for relays. Most will end up filtering it out, leaving you with fewer available nodes and making it easier to correlate connections.
Finally, Tor has become a full browser because unmodified browsers will leak your identity in hundreds of ways, defeating the protections you sought to gain.
The payment aspect is interesting, and maybe this could be added to Tor. The enthusiasm to build is fantastic, and I'm reluctant to criticize it.
I think there's an XY problem here: y'all wanted to anonymously access information on the web, so you built an anonymity layer for accessing the web. This is hard because even metadata will de-anonymize you, and transport generates a lot of metadata.
The better path is to provide web information without HTTP at all by serving static page archives. This is what services like archive.ph ("archive.today") provide. Not only does it reduce the number of request objects, they could be viewed without JavaScript and with simpler rendering engines.
We balked at "mobile web optimization" decades ago because it couldn't provide feature parity, but now we see that these features are most often used for tracking us. I don't need to see the absolute latest Document Which Used To Be Called The MIT Lockpicking Guide, virtually any copy will do. And, if it happens to already be cached in the first relay I connect to, even better. Relays might even proactively share popular archives with each other so that even the first request can't easily be de-anonymized.
Ok, that's a lot more than I intended to say. Privacy is the goal. Building is the way. Data is valuable. Hack the planet. 