Oddbean new post about | logout
Rabble | 10 months ago (raw) | full thread 
 The sad part of it is that we probably won’t know. Between 1999 and 2005, and less actively after, I helped run the indymedia.org servers. We got tons of subpoenas and worked with EFF to fight them. Our servers were configured to never log ip addresses or any other PII we could find. Indymedia was something across between an anarchist 4chan, news site, and twitter. 

One thing the court orders often include is language which prevents the recipient from stating publicly they’ve been served. Organizations tried warrant canaries as a way of getting around those restrictions but that only works until the first time you get served. 

We should encourage and enable the easy use of tor in clients and for relay operators. The server part is easy, we should expose onion services with all relays, plus document and promote them. Getting client support is harder, right now you can use the web apps from a tor browser or setup amethyst to use tor. As far as I know none of the iOS apps support it directly yet. Doing this will make nostr:npub1sn0wdenkukak0d9dfczzeacvhkrgz92ak56egt7vdgzn8pv2wfqqhrjdv9have a better user experience as onion services are both faster and more private than connecting from tor through a public gateway. 

It would be great if all relays had clearly accessible privacy policies and they followed riseup’s as a model. They care about privacy. 

https://riseup.net/en/privacy-policy

We should make changes to the relay software so it logs no PII, like ip addresses, by default. Admins can enable those logs for debugging or dealing with a security issue, but they should be off by default. 

We should encourage nostr client developers to use tools and libraries that don’t connect to or log on third party services. I think this is more important for when people are publishing vs consuming. The trade off of using a CDN is probably worth it, but your mileage may vary. 

And when you do get a knock at the door call the EFF or other legal group for representation. Don’t assume your normal lawyer knows the law in this case. 

The EFF has released a legal guide for people running fediverse servers and almost all of it applies to people running nostr relays. 

https://www.eff.org/deeplinks/2022/12/user-generated-content-and-fediverse-legal-primer