Oddbean new post about | logout
 nostrapp.link  
 cool, website, but I still don't understand. I don't remember leaving a review, and in fact I haven't. No reviews there, no likes. So why am I recommending something that I don't recommend?

I have shared links from highliter, but that's it. 
 Have you used highlighter before? It might have added automatically  
 yes, but I've used it like 2 times. And to be honest both times I had problems so I wouldn't recommend. 
 Well, you can log into nostrapp.link on a desktop and remove the recommendation  
 Highlighter adds (or added?) the recommendation automatically. 
 is this true nostr:nprofile1qqs04xzt6ldm9qhs0ctw0t58kf4z57umjzmjg6jywu0seadwtqqc75sprfmhxue69uhhq7tjv9kkjepwve5kzar2v9nzucm0d5hsz9thwden5te0wfjkccte9ejxzmt4wvhxjme0qythwumn8ghj7un9d3shjtnswf5k6ctv9ehx2ap0y8qdrm? 
 yeah, there was a bug a few months ago that caused this, no longer the case

fwiw, I think "recommended" is not the right verb for this -- I think we should change it to more like "default handler" or something like that 
 ohh, so it wasn't Amethyst. Okay, gotcha, and thank you. 
 Yeah, this is the kind of user deception I don't want to see in @Zapstore.

When a user publishes something for public use: 
1️⃣  It needs to be clear that he's publishing something 🤷‍♂️
2️⃣  It needs to be very obviously public

Again, this is why I prefer to look at the public actions users already do anyway: replies, zaps, public bookmarking, etc... 
 I absolutely agree. Even for the WoT angle, you can't build meaningful metrics if the user is not aware of what he's publishing.

 
 Agreed.

I know it's not malicious on the part of any dev, but I've encountered several nostr apps prompting for signing multiple events of mysterious kinds.

Including events in a non-interactive context like loading a website an being asked for a signature.

Sign (or prompt to) events only when absolutely necessary. Be explicit about what's not obvious. Maybe we need work on UI/UX design around prompts?

nostr:note1tm93m6cvr2xpnafeschzsp7sgxurqszm0jzxrgar757eeuzanu0sqgv98e  
 Forgot to mention: Some of these events with a huge chunk of  base64 encoded data. Puts the user in a weird spot