140
Nostr continues to raise the bar on private, uncensorable online discourse (lemmy.ml)
submitted 3 months ago* (last edited 3 months ago) by makeasnek@lemmy.ml to c/privacy@lemmy.ml
52 comments fedilink hide all child comments
  • Note: "relay" is the nostr term while "instance" is the AP/Mastodon/Lemmy term. They are functionally very similar and offer the same abilities to ban annoying users from "public square" type spaces. Moderation works identically.
  • In AP/mastodon/lemmy you are connected to one "main instance" and then connect to other instances "through" that instance. In nostr, you are typically connected to multiple relays and access content more directly.
  • Nostr is an underlying protocol like AP is for Mastodon/Lemmy. The main use of nostr currently is as a twitter/mastodon clone, but it has other interfaces as well (calendaring, video sharing, etc) that I am less familiar with.
  • Both networks are decentralized in nature

AP/Mastodon/Lemmy

  • Instance admins on your instance and the instance of the user you are DMing can read your DMs, block them, or modify them without your knowledge or the knowledge of the receiving user
  • If your instance goes down, so does your access to the wider network. It will take your DMs with it, and your identity.

Nostr

  • Relays cannot read the content of your DMs as they are encrypted. They can only see that user A is DMing user B and approximate DM size. (This upgrade reduces that visibility further)
  • Relays cannot manipulate DMs as they are encrypted and will fail a signature check
  • No relay can prevent you from DMing another user as your client will automatically route the DM through another relay (unless that user has blocked you, which they can do).
  • You can receive DMs from anybody as long as one relay lets your DM through (and you are usually connected to several)
  • Your DMs and other content is replicated across multiple relays. Downed relay? No problem. You don't lose your content or your identity as your identity is a private/public keypair not "user @ instance dot com"

Bluesky

Idk anybody care to fill this section in?

Image source: nostr post

top 50 comments
sorted by: hot top controversial new old
[-] SorteKanin@feddit.dk 54 points 3 months ago

I have a hard time trusting something that advertises itself as "uncensorable". Good moderation requires censoring (and this is an okay version of censoring, it's not like your human right to be on a specific fediverse community).

Not being able to censor sounds like an easy way to become the nazi bar. Or in the case of nostr, I guess the blockchain/cryptocurrency bar.

[-] makeasnek@lemmy.ml 22 points 3 months ago* (last edited 3 months ago)

Lemmy is "uncensorable" and offers identical moderation abilities in the "public square" aspect. E-mail is "uncensorable". Uncensorable does not equal unmoderated. It means if you want to publish something, nobody, not the even the government, can stop you (though they can throw you in prison but that's outside the discussion of protocol). It doesn't mean anybody has to choose to listen to what you publish. It does not mean relays have to include you in their list of public tweets. Relays can pick what tweets/etc they show. They can choose what goes through their relay. What they can't do is stop you and another user from using the protocol to DM each other. As long as one relay allows your traffic through, the traffic will flow. They also can't stop you from tweeting, they can just choose not to show your tweets. If I want to follow somebody, frankly, it should be no business of a relay operator or the government or anybody to prevent me from following them, just like it should not be the business of the government to decide what books I am legally allowed to read. By building networks which are "uncensorable" we can guarantee that it remains not their business for future generations. So that they can live as free, or freer, than we do.

The internet, as a structure, is "uncensorable". This is good. Power should be decentralized. The whim of a government shouldn't dictate how the entirety of the internet operates, and it can't. People in power love censorship, it is to their advantage that we are not able to organize among each other using common communication platforms.

[-] SorteKanin@feddit.dk 4 points 3 months ago

I don't agree with that. ActivityPub includes methods of censoring and that is by design, for the purpose of moderation.

[-] Sekoia 43 points 3 months ago* (last edited 3 months ago)

I checked out Nostr relatively recently and it seemed to me it was full of cryptobros and extremely right-wing people (libertarians, Trump fanatics. A ton of racism and queerphobia, also a bunch of conspiracy thinking). Has anything changed?

[-] NigelFrobisher@aussie.zone 14 points 3 months ago

While I can see the value in speech that doesn’t exist at the whim of our corporate overlords, these are people who’d get beaten up if they tried to speak the way they do online in front of real people.

[-] Rose@lemmy.world 5 points 3 months ago

The corporate overlords are inherently right-wing, which is why they fund, build, and embrace those platforms. There's no revolt in joining them.

[-] makeasnek@lemmy.ml 6 points 3 months ago* (last edited 3 months ago)

Still some of those, as with any social media platform. I have come across a few objectionable things, I just blocked and moved on. But you pick who you follow so you pick who shows up in your feeds. Each relay has their own moderation policies, so (like Lemmy), you can pick relays which suit your moderation preferences (which effect the "trending notes"/public square section). Most nostr apps by default upon install will ask you if you want to automatically filter out crypto/nsfw/foul language/etc. I picked at random and didn't enable many of the filters.

[-] Sekoia 7 points 3 months ago

I'll stick with AP for now but I'll keep an eye on it, then.

[-] glowie@h4x0r.host 3 points 3 months ago

Libertarians are not right-wing lmao

[-] poVoq@slrpnk.net 21 points 3 months ago* (last edited 3 months ago)

They are in the USA, just not of the specific MAGA lunacy.

[-] glowie@h4x0r.host 4 points 3 months ago

You must be American. You should research Libertarian. It's one step before Anarchist.

[-] poVoq@slrpnk.net 25 points 3 months ago* (last edited 3 months ago)

No, I am European and I am painfully aware of the right-wing ursupation of the originally anarchist term "libertarian" in the USA.

[-] Sekoia 14 points 3 months ago

Nostr is culturally vaguely american, and it's hard to distinguish the libertarians from the Trumpists there (I've seen several posts saying "Trump will be better for Bitcoin", for example). Libertarians and republicans both sell themselves as "small government".

"Leftist libertarians" generally call themselves anarchists, in my experience.

[-] glowie@h4x0r.host 6 points 3 months ago

Yes, you're thinking of Libertarian Socialism, which is what I predominantly subscribe to.

[-] kenkenken@sh.itjust.works 35 points 3 months ago

For becoming something noticeable Nostr firstly need to go beyond just a bitcoin maxi discussion platform. Currently it's just a decentralized Parler.

[-] makeasnek@lemmy.ml 13 points 3 months ago* (last edited 3 months ago)

It definitely started as mostly crypto bros, kinda like how lemmy was 100% tankies, but it's gotten better. Lots more human rights activists and scientists and even just regular people on there now. A lot of human rights/privacy activists/orgs are joining up to it after nostr got some promotion at their conferences. Ultimately your feed will be who you follow so luckily you're in control of that. The default settings for most nostr apps even include a filter to remove anything crypto, NSFW, and other controversial topics related.

Still very early days for all these platforms.

[-] SnotFlickerman 22 points 3 months ago

There's a reason Lemmy strongly suggests using Matrix for secure direct messaging and has a place for it on your profile. 🤷

Just feels like a slightly disingenuous take on Lemmy since it's made clear in a lot of places that its suggested to use Matrix if you want safe user-to-user communication.

[-] makeasnek@lemmy.ml 8 points 3 months ago* (last edited 3 months ago)

DMs aren't as relevant in Lemmy so I get why securing them isn't a priority, but in Mastodon or any twitter clone it seems like a relevant feature I'd like to have some security/privacy with. Instance admins, and anybody who breaks into their server, being able to see all DMs seems like a security flaw that should be engineered away. Even Facebook, the place with the worst privacy, has E2E encryption (or so they claim, who really knows)

[-] possiblylinux127@lemmy.zip 10 points 3 months ago

I think there was a E2E spec being worked on with Activity Pub. I'm not sure what happened to it.

load more comments (1 replies)
[-] possiblylinux127@lemmy.zip 13 points 3 months ago

I'll just stick with Lemmy as Activity pub is where it is at

[-] greywolf0x1@lemmy.ml 5 points 3 months ago

Nostr isn't a Lemmy alternative, it's a Mastodon/Twitter/BlueSky substitute with more decentralized, secure and private features and i think OP should have pointed that out.

And since Op was comparing the secure and private features of both protocols, ActivityPub surely has improvements to implement for greater privacy and security.

[-] possiblylinux127@lemmy.zip 4 points 3 months ago

I can see mastodon users and communities on Lemmy though. We are one big family.

[-] SorteKanin@feddit.dk 3 points 3 months ago

Nostr is an alternative federated protocol. It can be used to make a microblogging application but there's no reason you couldn't make a Lemmy clone that uses Nostr instead of ActivityPub. But generally I'm not a fan of the stuff I've heard and read about the Nostr protocol so far.

[-] FutileRecipe@lemmy.world 2 points 3 months ago

But generally I'm not a fan of the stuff I've heard and read about the Nostr protocol so far.

Can you elaborate?

[-] SorteKanin@feddit.dk 7 points 3 months ago

First of all, it seems too technical for normal people. It requires users to keep their own public/private keys in order. I don't find this realistic for general users.

Secondly, this kind of "anti-censorship" retoric and features. Yes, of course excessive censorship is bad, especially when done by governments. But a forum moderating users requires censorship and it's not a problem, it is the solution. I'm not sure I like the idea of relays instead of instances.

Lastly, the whole Nostr community is overrun by crypto-bros, which should tell you enough about the kind of people who are excited about Nostr.

[-] thegreekgeek@midwest.social 9 points 3 months ago

Let's not forget that one of the of the core developers is a fascist and Jack gave them 14BTC:

That anonymous Brazilian is Giovanni Torres Parra, a developer who has also built at least two webpages devoted to disseminating the work of the far-right conspiracy theorist Olavo de Carvalho. Before he died in 2022 after contracting COVID-19, de Carvalho — known as Olavo — praised Brazil's military dictatorship, claimed that Pepsi-Cola was flavored with stem cells of aborted fetuses, preached that tolerance for homosexuality was "incompatible" with democracy, and had an office in Virginia decorated with portraits of Confederate generals.

[-] poVoq@slrpnk.net 4 points 3 months ago

That's an interesting point. Where are you quoting this from?

[-] poVoq@slrpnk.net 5 points 3 months ago

I’m not sure I like the idea of relays instead of instances.

Relay operators hold almost the same power as AP instance operators, but are much less visible to public scrutiny and accountability for their actions.

[-] glowie@h4x0r.host 2 points 3 months ago

Instances mean you're at the mercy of the admin not to ban you. No one can ban you on Nostr.

Also, it isn't crypto bros. It's only Bitcoiners. No one supports the degenerate pump and dump crypto scams.

[-] SorteKanin@feddit.dk 6 points 3 months ago

No one can ban you on Nostr.

Thats exactly the problem with Nostr. You can't get rid of the bigots. It's doomed to become a nazi bar.

Also if you don't like your admin on an ActivityPub instance, you can just go to an instance with admins you trust better or make your own instance.

[-] FutileRecipe@lemmy.world 3 points 3 months ago

It's doomed to become a nazi bar...you can just go to an instance with admins you trust better or make your own instance

Ok, how is that different than Nostr? Don't like your Lemmy instance admins rolling against your Nazi views? Join a different instance. Nazi sympathetic instance gets defederated by everyone else? Make your own instance.

[-] SorteKanin@feddit.dk 2 points 3 months ago

Nostr seems to make it much more difficult to weed out the bigots as they don't have a single point of origin (an instance). When you get to the point of making your own instance, it becomes easy to filter out all the users from that instance in one go, if the instance turns into a nazi bar. That is the difference.

load more comments (2 replies)
[-] KLISHDFSDF@lemmy.ml 12 points 3 months ago

Anyone following anyone interesting on Nostr? Tried it for a while and while the tech is cool I felt it was missing a good collection of people. All I ever saw was crypto scams and self referential memes/discussions about how cool Nostr is - which I agree - but that's not what I'm interested in.

[-] makeasnek@lemmy.ml 4 points 3 months ago* (last edited 3 months ago)

Finding good people to follow has been a challenge for me both on mastodon and nostr. But I find just posting and seeing who likes my posts and then following them has got me a decent feed curated at this point. And searching hashtags for topics I'm interested in.

There are some bridges so you can follow mastodon users on nostr and vice versa, but it's not quite the same. We're still pretty early adopters on both platforms at this point.

[-] DavidGarcia@feddit.nl 7 points 3 months ago

Lemmy is absolute garbage on privacy. I would love a private Lemmy with fine grained privacy controls.

[-] Zagorath@aussie.zone 9 points 3 months ago

Lemmy is absolute garbage on privacy

I mean, yeah, it is. But that's because privacy is not what it's trying to do. If anything, privacy is fundamentally antithetical to what it does. Saying "Lemmy is garbage on privacy" is a bit like saying "Microsoft Word is a terrible IDE".

[-] DavidGarcia@feddit.nl 2 points 3 months ago

It doesn't have to be.

You could keep the general structure and functioning while improving privacy.

For example, by obfuscating post history, anonymous posting or assigning a user pseudonym per instance/community, auto-deleting old posts/comments. All optional features of course. Let instances/communites decide which of these features they want.

Keep the structure of Lemmy with it's Reddit-like-ness and instances, but give users, instances and communities more control over data privacy.

Sure it's harder to implement, you need some minimal-knowledge reputation system, but there is nothing fundamental preventing that from being possible.

The nice thing about federation is that one instance/community can stay the same data-leaking privacy mess, if they so prefer. While others could operate analogous to 4-chan (or anything in between).

[-] SorteKanin@feddit.dk 4 points 3 months ago* (last edited 3 months ago)

obfuscating post history, anonymous posting or assigning a user pseudonym per instance/community

These suggestions sound like a moderation nightmare. This is definitely not desirable.

[-] DavidGarcia@feddit.nl 2 points 3 months ago

That's the point of the repuation system.

It's a very hard problem, I'll give you that.

What you need is, each instance and community collects reputation in the federation. then users posting on those instances can collect reputation on those. basically by not being banned or massively downvoted. Your reputation is weighted by the reputation of each you collected it from instance.

Each users identity is tied to some key that collects reputation, that you generate new identities from from for each instance/community/post. Like how some credit card services give you a new credit card number for each new website.

Admins don't know who you are, but they can see and verify your reputation.

Then instance/community admins can decide if they want a different weighting. For example, to completely disregard the reputation by some instance or make one you like 10x more important.

You could get an ordered list of posts or pseudonymous users based on the reputation. Untrustworthy users will glow like a christmas tree.

That would be one way to do it. It's hard to make it water tight, but any improvements would be better than the current fediworse.

[-] pedroapero@lemmy.ml 6 points 3 months ago* (last edited 3 months ago)

It seems to me that there will be much less relays than there are AP nodes. Users won't publish/subscribe to hundred of relays (if they did, relays would not scale). Hence more bad content to less moderators, and poor moderation.

Adding client filters would just shift the censorship power to those maintaining them.

[-] zinderic@programming.dev 5 points 3 months ago

Almost ready for it's prime time I think. We just need a bit more on the UI/mobile app friendliness to make it shine for all.

[-] makeasnek@lemmy.ml 3 points 3 months ago

Almost ready for it’s prime time I think. We just need a bit more on the UI/mobile app friendliness to make it shine for all.

Yep, been using it for a few months now and it's getting really good. Not quite as polished as mastodon (as least in the app I'm using), but still very fully featured.

[-] snowfall@mastodon.social 3 points 3 months ago

@makeasnek "private" as in ownership, not privacy.

[-] smileyhead@discuss.tchncs.de 2 points 3 months ago* (last edited 3 months ago)

Why do we even need relays in the first place? Like, if only someone could create a network that could enable computers to send messages to each other on the layer below apps so apps would just be to display and format those messages, not pass them (ツ).

[-] makeasnek@lemmy.ml 3 points 3 months ago* (last edited 3 months ago)

Why do we even need relays in the first place?

To store message content. To hold message content if you send a message to an offline contact and vice versa. To handle getting things across networks (clearnet to Tor and back if you only are connected to one). To work around NAT etc. To moderate "public square" type features (ie trending posts). Many reasons.

What if one relay is on clearnet and the other one is on Tor?

No problem, relays can communicate cross-network. They relay things between each other so traffic will find a way through as long as one node speaks to both networks.

What if relays I use are not rechable by my contact, that lives in censored country like China and can only connect to relays in there?

As long as there is a relay path between you and your contact, there is no issue. Relays can be run through Tor and other anonymity networks which are very difficult to distinguish from other forms of encrypted traffic.

Why do we even need relays in the first place?

load more comments (2 replies)
[-] RobotToaster@mander.xyz 2 points 3 months ago

Same reason you need an email server, not everyone is online at the same time.

Closest I've seen to something truly serverless is plebbit, which is a Reddit/4chan clone using ipfs.

load more comments (1 replies)
load more comments
view more: next ›
this post was submitted on 14 Jun 2024
140 points (100.0% liked)

Privacy

31279 readers
378 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago
MODERATORS
k_o_t@lemmy.ml
tmpod@lemmy.pt
Yayannick@lemmy.ml
ranok@sopuli.xyz