Oddbean new post about login | logout One group of devs (daniel, fiatjaf) are putting spyware all over nostr, and other group (Vitor etc.) are adding Tor. End result is that users lose both privacy and speed. Strange to observe. I hope we can get back to serving our users well.
Spyware such as?
what do you mean with the spyware?
Sending user ip addresses to 3rd parties without consent, they've been doing it about a year. Not very cypherpunk. And it puts off a lot of genuine devs.
not agree, they are the third parties in that case, ipleak should be technically addressed, not mitigated by social protection. No serius dev would based any choice on the fact that someone is doing something without consent.
yeah, adding broadcasting to relays could mitigate a lot of the IP leak, and it also reduces bandwidth costs
idk, I dont like the idea to delegate to relays this kind of functions (in general I'd keep nostr client<---->relays, avoiding relays<---->relays).
i have been working for most of this year so far on projects involved in offloading event storage to publicly accessible databases i see events as a public data, and unless the relay is specifically offering to restrict access to the events it stores, they are public, and not being propagated is more of a problem for users than not being propagated you know the saying "better to be talked about than to not be talked about" there is also the matter of public interest in the case of technical and journalistic event content obviously DMs and app specific data should not be broadcast but ... and yeah, i've talked about this and i hope eventually someone will get it, there needs to be a distinction in event kinds where they can and should be broadcast notable event kinds that should be propagated are nip-65 in/outboxes and kind 0 user metadata, these two combined make it possible to find people's notes without requiring distribution at all, but they themselves should be broadcast
ip meta?
IP, URI, screen, width, enough to fingerprint, I think.
If they can ruin the protocol, then it has already failed. Use something else.
An abosolutist attitude is not the way. We built this protocol, we will use it for good. Route round the bad actors. Need a few cypher punks.
What are you referring to regarding Daniel and fiatjaf?
Sending user ip addresses to 3rd parties without consent, they've been doing it about a year. Not very cypherpunk. And it puts off a lot of genuine devs.
Wich client?
njump dot me and nostr dot com, though to his credit, benarc did say he would remove the spyware ... props to that guy, it bodes well that he can put his ego to one side and do the right thing issue is that fiatjaf railroaded those sites into the protocol pages, and when politely asked not to, he threw a temper tantrum, "Its my project, I can do what I want" ... I wish he'd be a bit more like ben and just admit a mistake, and remove it either from the protocol area, or even better from the web site. each to his own, but not very cypher punk.
why don’t you “@“ them…
if tor is a dependency for outbox then nostr is doomed. private relay (masque) is my preferred approach if the user doesn’t want to run a vpn.
It's not a dependency for Nostr. It's a dependency for Amethyst. Connecting to random relays with all of our filters is extremely bad. But that's just us. All the other specialty clients are fine.
It isn't daniel or fiatjaf, this is a false lead planted by the CIA. It is the NSA who has created off.chain.database in operation DharmaBum to pull all the information and meta data of the nostr network into their network. There they can query and cross reference to identify dOmeStiC tErRoriSm!!! So stuff your rainbows back in your pants and get your tin hats back on, it will be a stormy winter for those who don't hide their insanity well enough.