Oddbean new post about | logout
melvincarvalho | 11 months ago (raw) | root | parent | reply | flag +2 
 I'm talking about nostr . com.  Yes, to events.  It is spyware in that it sends IP addresses (and other stuff) to a 3rd party.  And not a particularly trustworthy third party.  This is what HTTPS was designed to protect against.  Why do you need this?  If you remove it, it's better for nostr . com, better for nostr, better for users, and better for you.  An easy win.
Ben Arc | 11 months ago (raw) | root | parent | reply | flag 
 This issue you have is with the njump project,. Any tracking they use is restricted to `/<event>` on nostr dot com. 
Lame move hijacking this thread to push a bunch of FUD.
melvincarvalho | 11 months ago (raw) | root | parent | reply | flag 
 It's truth ben.  Verify dont trust.  Dont shoot the messenger.  That is a lame move.  You're a well respected person in the community, and the site is a flagship site.  I'm saying it would be better if you stopped sending user data to third parties.  So much in nostr is going the extra mile to resist censorship, to resist privacy invasion, to build trust.  Adding spyware to your site sends a mixed message.  This is not the time to double down.  And undermines the trust.  I know you didnt cause the problem, but you can fix it.  If you really must count users, do it on your server, rather than sending IP addresses and browsing history to a very questionable third party.  You build good stuff, dont taint it for no reason.