Oddbean new post about login | logout Yep. Users are free to take the risk. The recommended approach is to use Amber.
Since it’s that risky, it probably shouldn’t be permitted at all, and users should be required to use a local signer. This is essentially the biggest design flaw that exists.
Tried multiple times already. But just look at the replies here nostr:nevent1qqszee98s53cn9ml7cxcuaslmzlx87usq98wd6nedygs8g4ylklej8qpz3mhxw309akx7cmpd35x7um58g6rsd3e9upzq3svyhng9ld8sv44950j957j9vchdktj7cxumsep9mvvjthc2pjuqvzqqqqqqykp88um
I know. This stuff is not user-friendly, which is why Blueksy has millions of users and people here are salty about adoption rates.
Key security is not the reason they have millions of "account creations" (not users).
I think it plays a big part. It’s easy to set up a nsec. It’s nearly impossible to expect people to secure them properly.
everyone is starting out with the wrong premises. nostr's strength was never about beating legacy social media at its own game. here, we can create a conversation space where digital life is not centralized around a single key, anonymity is the norm, and follows don't exist. join me in Corny Chat today to get a glimpse of what this future looks like
I think we should bite the bullet and figure out how to make it work
Yeah, I think on Android it will be about zap.store and figuring out how to recommend signer apps without knowing how the user will install them (PlayStore/Zap.Store/F-droid/Aurora/Obtainium/Apk, etc)