Thread

Nostr isn’t private by default. A few things that help: – Use trusted relays – Keep your relay list lean – Separate read/write relays – Choose privacy-conscious clients – Don’t treat Nostr like Tor And most importantly…support the folks working on better privacy tools in the protocol. We need it.

Nostr isn’t private by default. A few things that help: – Use trusted relays – Keep your relay list lean – Separate read/write relays – Choose privacy-conscious clients – Don’t treat Nostr like Tor And most importantly….support the folks working on better privacy tools in the protocol. We need it. View quoted note →

If there is no algo though then how do the servers/relays "know what you want to see and send it to you" - I knew the rest of this information about public zaps, notes, and relays seeing this info, however, does this also apply to searches, profile views, and chats or communities you enter but don't join ? And how safe are the default relays for Amethyst/Primal ? And what are some good trusted relays public and paid/private ? And lastly what if you are forcing Tor while using a VPN on Amethyst since I believe this is the only android client that allows this at the moment ?

Maybe we could encrypt the relayed information...

Any relays you recommend to use and should everyone use a VPN while browsing Nostr?

This fact may be the main reason Nostr may never gain mainstream adoption. Metadata mining and tracking on Nostr is a goldmine for bad actors if there was any meaningful adoption.

there are currently so many factors that make this whole process near impossible to achieve: - it's not only about trust in relays, but also trust in end users as they could re-broadcast what they see. - clients have default big pre-defined relays users are told they "own" their data which is kind of true only under very specific conditions among other major onboarding issues, nostr is advertised with crazy statements: "you own your data" but as many others also mentioned before, data ownership is not real, it has never been. and you can't ever have true control over where your data is going. for this to be real, each user would have their own household relay, all clients would use outbox model and, even then, it would only work for protected events while also hoping your posts don't end up broadcasted to relays that don't care about nip-70. this makes me think there could be data crawlers all over nostr that will find your data and possibly just sell it. PoW and paid relays are solutions yet to be, for the former, deployed on more clients, and for the latter, accepted by people (no one wants to pay) - there's basically no information on the biggest relays rn and who owns them as far as i know what relays to use in order to have the broadest view possible or to help with discoverability? nostr.wine looks okay... but what else is there? if your client doesn't use the outbox model, setting main big relays is the only way for you to discover new content. at this point i have accepted that anything posted on nostr is automatically freely accessible to everyone on earth by default. and we should expect all the companies in the world to track everyone's data. the censorship-resistant aspect is real though.

Been saying for ever #nostr and #bitcoin are open public network .. If you are sharing your real Identity.. behave well If you are anonymous..there is no reason for you to NOT behave well :-)

I want to know what you saw that made you say this? Did I stop too long on a picture of a naked lady? 😂 @Vitor Pamplona like, “Jesus Christ, Guy is just all day scrolling through #NSFW and #PenisButter hashtags, I gotta say something so he knows I can see this shit.” 🤣 WYKYK

Periodic reminder that your relays see absolutely EVERYTHING you do on Nostr. Regardless of which Client you use. They literally see the app downloading zaps, replies, and reactions when you scroll your posts in real time. So... MAKE SURE TO KNOW WHO THEY ARE and that you TRUST THEM with that information. Nostr is just like a browser. The server has to know what you want to see to send it to you, and that gives them the power to track you and see what you are asking for. There is no way around it. I can't stress this enough.

then just run your own relay, its that easy

What did Vitor See ? 🤔To prompt him to write this 😂

Fuck this shit! I'm out! Freedom tech...

But I thought this was freedom tech? 🧐 View quoted note →

This will enable social media feed scrolling as a spectator. Twitch for doomscrolling 😂 Jokes aside, good to remind yourself of. Also something to fix for sure. Can’t we just fix this with smokescreen data? The app asks for way more than it actually is looking for? Separating the calls between relays? Maybe not absolute protection but a lot better than nothing?

It is true, but we already agree to make our actions here public. The only concern is about privacy if the relay can get more information associate to it like ip address... And another interesting point, how can you be sure about "who they are" ? A KYC exist for relays ? It is interesting anyway to remind us this point, thank you for that.

I should probably go on the record now that that was not me in that pic of me I posted of me wearing only a tutu and rhinestone tiara. Personally, I blame AI.

!important View quoted note →

Im just a bot. Dont mind me. No posting too much identifying info.

This is perfect image for this note

Reminder that store owners can see you walking into their store, and can notice how long you stand infront of what products. Their eyeballs can also observe everything you buy at that store. I can't stress this enough

There is no way that we would ever know who is behind relays and even if we do, there is no way of knowing wether or not they do nefarious things with our data. The very nature of Nostr is that everything is open and once posted potentially online forever if you like it or not. Therefore, we must be VERY cautious with what we post, no matter what.

Where is the relay information at??? Need a better experience!!! 😪

And that is why I don't use #Primal : requesting to sign messages at every UI interaction doesn't feel right.

Does running your own relay sidestep this? Do relays share data between each other? Been on nostr for ?2 years.. Still haven't fully wrapped my head around it's inner workings

“MAKE SURE TO KNOW WHO THEY ARE and that you TRUST THEM” any links/advice as to how I do this please?

Are there any up-to-date sources for recommended Nostr relays? Since relays form the backbone of Nostr, having a reliable list would benefit everyone.

Anyone can see this just by logging in with your npub

I'd nuance the privacy part a bit. On nostr, every follow, reaction, reply and post is necessarily public - it goes with the interoperability and portability dimensions. And relays can still infer a lot of a user's interactions from the data they request. See Also, since everything you post is signed, nostr doesn't really have a delete or "forget me" mechanism. Which is something to keep in mind, always.

This is important for people to understand.

It's not just the relays you use. It's ALL relays that are publicly writeable. If you care about privacy, use a VPN or TOR.

a good case for personal WoT relays

What Vitor is pointing out here is extremely important, BUT it is very easy to misinterpret it as: "RELAYS ARE TRACKING YOUR NPUB AGAINST EVERY QUERY YOU MAKE" which is just false, since they can't. They can however see every write that you do. So can everyone else, but they can also associate your IP to it. So use a VPN. Now what this post is hinting at is that relays CAN do meta analysis to figure out who is querying these posts(by looking at follow lists and author filters) or which IP is browsing what content, so they can create a profile to some degree. Which is why you SHOULD connect to trusted relays. Just pointing out the hidden details so people don't get the wrong ideas from it.

Good thing I'm just posting free recipes and dumb cat gifs

Good thing I'm just posting free recipes and dumb cats in GIF form, then View quoted note →

Which relays should you not trust?