Oddbean new post about | logout
 Only if you never use their own servers. 
 I run my own server, but how are the central servers insecure when only the client can locate it's messages? 
 If both of you connect to the same server, the server can see encrypted content being uploaded downloaded by both in similar times. Then it's easy. IP gets location. Location over time gives your home and work address. Home and work address give your name.  
 Not really. There are lots of connections to that pool of servers at any given time. Not really possible to correlate which belong together. They do have my IP but so does any public nostr relay I use unless on Tor 
 I run a server last year and decided to add a huge number of logs into their code. It's definitely possible to map who is talking to who. Especially if you run it over time. The link between users is possible even through Tor if the connection is not constantly refreshed to get a new exit node. The only thing Tor adds is that I can't get your location from your IP. But who is talking to who and when is still fully traceable.  
 I run my own off of my start 9. For friends and family only