You are overestimating the effectiveness of a vpn here. The reality here is that we are focusing on very sophisticated difficult to execute attack vectors. The vpn is your only shield for all identities pushing to the relay here. Sure, https/wss encrypts the content, but an attacker that has compromised a vpn operator will listen to events on nostr relays that the vpn has connections to by its users, and can artificially delay data transfer to do timing analysis on events to correlate which ip sent which events with which pubkeys.
I am not the creator of joinstr, I am just saying why the creator has used the VPN option. The protocol is not even on mainnet and as far as I know, using tor circuits is an expected improvement.
I am aware that the right approach is wabisabi's. My post was mostly to emphasize whirpool's disastrous design in managing network connections.
https://gitlab.com/invincible-privacy/joinstr/-/blob/main/NIP.md?ref_type=heads
Oh sure, i just perceived that the initial post was insinuating "just use a vpn" was the best choice.
And no debate over the whirlpool one 😅
side note:
majority of devices do not have a public IP. So you're also hiding behind NAT.
I'm quite sure that my ISP is incompetent enough to fail to provide information leading to my MAC adress.
It's possible but I doubt it.
Cell phone connections are probably correlated to the imei of the sim card, and nat only hides internal devices but still gets an ip as a collective?
Oh, I meant desktops and home connections.
I'd hasitate to use phone for anything requiring privacy unless it's a pocket cash.
Imei (or a fingerprint) afaik are better way to identify you then ip. but with virtual providers and esims it's probably much harder for analitics.
still plausible
Oddbean new post about login | logout