this post was submitted on 14 Jun 2024
132 points (93.4% liked)

Privacy

31872 readers
620 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 
  • Note: "relay" is the nostr term while "instance" is the AP/Mastodon/Lemmy term. They are functionally very similar and offer the same abilities to ban annoying users from "public square" type spaces. Moderation works identically.
  • In AP/mastodon/lemmy you are connected to one "main instance" and then connect to other instances "through" that instance. In nostr, you are typically connected to multiple relays and access content more directly.
  • Nostr is an underlying protocol like AP is for Mastodon/Lemmy. The main use of nostr currently is as a twitter/mastodon clone, but it has other interfaces as well (calendaring, video sharing, etc) that I am less familiar with.
  • Both networks are decentralized in nature

AP/Mastodon/Lemmy

  • Instance admins on your instance and the instance of the user you are DMing can read your DMs, block them, or modify them without your knowledge or the knowledge of the receiving user
  • If your instance goes down, so does your access to the wider network. It will take your DMs with it, and your identity.

Nostr

  • Relays cannot read the content of your DMs as they are encrypted. They can only see that user A is DMing user B and approximate DM size. (This upgrade reduces that visibility further)
  • Relays cannot manipulate DMs as they are encrypted and will fail a signature check
  • No relay can prevent you from DMing another user as your client will automatically route the DM through another relay (unless that user has blocked you, which they can do).
  • You can receive DMs from anybody as long as one relay lets your DM through (and you are usually connected to several)
  • Your DMs and other content is replicated across multiple relays. Downed relay? No problem. You don't lose your content or your identity as your identity is a private/public keypair not "user @ instance dot com"

Bluesky

Idk anybody care to fill this section in?

Image source: nostr post

top 50 comments
sorted by: hot top controversial new old
[–] SorteKanin@feddit.dk 43 points 4 months ago (1 children)

I have a hard time trusting something that advertises itself as "uncensorable". Good moderation requires censoring (and this is an okay version of censoring, it's not like your human right to be on a specific fediverse community).

Not being able to censor sounds like an easy way to become the nazi bar. Or in the case of nostr, I guess the blockchain/cryptocurrency bar.

[–] makeasnek@lemmy.ml 17 points 4 months ago* (last edited 4 months ago) (1 children)

Lemmy is "uncensorable" and offers identical moderation abilities in the "public square" aspect. E-mail is "uncensorable". Uncensorable does not equal unmoderated. It means if you want to publish something, nobody, not the even the government, can stop you (though they can throw you in prison but that's outside the discussion of protocol). It doesn't mean anybody has to choose to listen to what you publish. It does not mean relays have to include you in their list of public tweets. Relays can pick what tweets/etc they show. They can choose what goes through their relay. What they can't do is stop you and another user from using the protocol to DM each other. As long as one relay allows your traffic through, the traffic will flow. They also can't stop you from tweeting, they can just choose not to show your tweets. If I want to follow somebody, frankly, it should be no business of a relay operator or the government or anybody to prevent me from following them, just like it should not be the business of the government to decide what books I am legally allowed to read. By building networks which are "uncensorable" we can guarantee that it remains not their business for future generations. So that they can live as free, or freer, than we do.

The internet, as a structure, is "uncensorable". This is good. Power should be decentralized. The whim of a government shouldn't dictate how the entirety of the internet operates, and it can't. People in power love censorship, it is to their advantage that we are not able to organize among each other using common communication platforms.

[–] SorteKanin@feddit.dk 3 points 4 months ago

I don't agree with that. ActivityPub includes methods of censoring and that is by design, for the purpose of moderation.

[–] Sekoia@lemmy.blahaj.zone 40 points 4 months ago* (last edited 4 months ago) (10 children)

I checked out Nostr relatively recently and it seemed to me it was full of cryptobros and extremely right-wing people (libertarians, Trump fanatics. A ton of racism and queerphobia, also a bunch of conspiracy thinking). Has anything changed?

[–] NigelFrobisher@aussie.zone 14 points 4 months ago (1 children)

While I can see the value in speech that doesn’t exist at the whim of our corporate overlords, these are people who’d get beaten up if they tried to speak the way they do online in front of real people.

[–] Rose@lemmy.world 2 points 4 months ago

The corporate overlords are inherently right-wing, which is why they fund, build, and embrace those platforms. There's no revolt in joining them.

[–] makeasnek@lemmy.ml 5 points 4 months ago* (last edited 4 months ago) (1 children)

Still some of those, as with any social media platform. I have come across a few objectionable things, I just blocked and moved on. But you pick who you follow so you pick who shows up in your feeds. Each relay has their own moderation policies, so (like Lemmy), you can pick relays which suit your moderation preferences (which effect the "trending notes"/public square section). Most nostr apps by default upon install will ask you if you want to automatically filter out crypto/nsfw/foul language/etc. I picked at random and didn't enable many of the filters.

[–] Sekoia@lemmy.blahaj.zone 7 points 4 months ago

I'll stick with AP for now but I'll keep an eye on it, then.

load more comments (8 replies)
[–] kenkenken@sh.itjust.works 34 points 4 months ago (1 children)

For becoming something noticeable Nostr firstly need to go beyond just a bitcoin maxi discussion platform. Currently it's just a decentralized Parler.

[–] makeasnek@lemmy.ml 7 points 4 months ago* (last edited 4 months ago)

It definitely started as mostly crypto bros, kinda like how lemmy was 100% tankies, but it's gotten better. Lots more human rights activists and scientists and even just regular people on there now. A lot of human rights/privacy activists/orgs are joining up to it after nostr got some promotion at their conferences. Ultimately your feed will be who you follow so luckily you're in control of that. The default settings for most nostr apps even include a filter to remove anything crypto, NSFW, and other controversial topics related.

Still very early days for all these platforms.

[–] SnotFlickerman@lemmy.blahaj.zone 21 points 4 months ago (1 children)

There's a reason Lemmy strongly suggests using Matrix for secure direct messaging and has a place for it on your profile. 🤷

Just feels like a slightly disingenuous take on Lemmy since it's made clear in a lot of places that its suggested to use Matrix if you want safe user-to-user communication.

[–] makeasnek@lemmy.ml 8 points 4 months ago* (last edited 4 months ago) (2 children)

DMs aren't as relevant in Lemmy so I get why securing them isn't a priority, but in Mastodon or any twitter clone it seems like a relevant feature I'd like to have some security/privacy with. Instance admins, and anybody who breaks into their server, being able to see all DMs seems like a security flaw that should be engineered away. Even Facebook, the place with the worst privacy, has E2E encryption (or so they claim, who really knows)

[–] possiblylinux127@lemmy.zip 10 points 4 months ago

I think there was a E2E spec being worked on with Activity Pub. I'm not sure what happened to it.

load more comments (1 replies)
[–] KLISHDFSDF@lemmy.ml 13 points 4 months ago (1 children)

Anyone following anyone interesting on Nostr? Tried it for a while and while the tech is cool I felt it was missing a good collection of people. All I ever saw was crypto scams and self referential memes/discussions about how cool Nostr is - which I agree - but that's not what I'm interested in.

[–] makeasnek@lemmy.ml 2 points 4 months ago* (last edited 4 months ago)

Finding good people to follow has been a challenge for me both on mastodon and nostr. But I find just posting and seeing who likes my posts and then following them has got me a decent feed curated at this point. And searching hashtags for topics I'm interested in.

There are some bridges so you can follow mastodon users on nostr and vice versa, but it's not quite the same. We're still pretty early adopters on both platforms at this point.

[–] possiblylinux127@lemmy.zip 13 points 4 months ago (1 children)

I'll just stick with Lemmy as Activity pub is where it is at

[–] greywolf0x1@lemmy.ml 5 points 4 months ago (2 children)

Nostr isn't a Lemmy alternative, it's a Mastodon/Twitter/BlueSky substitute with more decentralized, secure and private features and i think OP should have pointed that out.

And since Op was comparing the secure and private features of both protocols, ActivityPub surely has improvements to implement for greater privacy and security.

[–] possiblylinux127@lemmy.zip 4 points 4 months ago

I can see mastodon users and communities on Lemmy though. We are one big family.

[–] SorteKanin@feddit.dk 3 points 4 months ago (1 children)

Nostr is an alternative federated protocol. It can be used to make a microblogging application but there's no reason you couldn't make a Lemmy clone that uses Nostr instead of ActivityPub. But generally I'm not a fan of the stuff I've heard and read about the Nostr protocol so far.

[–] FutileRecipe@lemmy.world 1 points 4 months ago (1 children)

But generally I'm not a fan of the stuff I've heard and read about the Nostr protocol so far.

Can you elaborate?

[–] SorteKanin@feddit.dk 5 points 4 months ago (8 children)

First of all, it seems too technical for normal people. It requires users to keep their own public/private keys in order. I don't find this realistic for general users.

Secondly, this kind of "anti-censorship" retoric and features. Yes, of course excessive censorship is bad, especially when done by governments. But a forum moderating users requires censorship and it's not a problem, it is the solution. I'm not sure I like the idea of relays instead of instances.

Lastly, the whole Nostr community is overrun by crypto-bros, which should tell you enough about the kind of people who are excited about Nostr.

[–] thegreekgeek@midwest.social 9 points 4 months ago (1 children)

Let's not forget that one of the of the core developers is a fascist and Jack gave them 14BTC:

That anonymous Brazilian is Giovanni Torres Parra, a developer who has also built at least two webpages devoted to disseminating the work of the far-right conspiracy theorist Olavo de Carvalho. Before he died in 2022 after contracting COVID-19, de Carvalho — known as Olavo — praised Brazil's military dictatorship, claimed that Pepsi-Cola was flavored with stem cells of aborted fetuses, preached that tolerance for homosexuality was "incompatible" with democracy, and had an office in Virginia decorated with portraits of Confederate generals.

[–] poVoq@slrpnk.net 4 points 4 months ago (1 children)

That's an interesting point. Where are you quoting this from?

[–] poVoq@slrpnk.net 5 points 4 months ago

I’m not sure I like the idea of relays instead of instances.

Relay operators hold almost the same power as AP instance operators, but are much less visible to public scrutiny and accountability for their actions.

load more comments (6 replies)
[–] pedroapero@lemmy.ml 6 points 4 months ago* (last edited 4 months ago)

It seems to me that there will be much less relays than there are AP nodes. Users won't publish/subscribe to hundred of relays (if they did, relays would not scale). Hence more bad content to less moderators, and poor moderation.

Adding client filters would just shift the censorship power to those maintaining them.

[–] zinderic@programming.dev 4 points 4 months ago (1 children)

Almost ready for it's prime time I think. We just need a bit more on the UI/mobile app friendliness to make it shine for all.

[–] makeasnek@lemmy.ml 2 points 4 months ago

Almost ready for it’s prime time I think. We just need a bit more on the UI/mobile app friendliness to make it shine for all.

Yep, been using it for a few months now and it's getting really good. Not quite as polished as mastodon (as least in the app I'm using), but still very fully featured.

[–] snowfall@mastodon.social 2 points 4 months ago

@makeasnek "private" as in ownership, not privacy.

[–] interdimensionalmeme@lemmy.ml 2 points 4 months ago

Moderation belongs client side. Server side moderation is the original sin of sicial media.

[–] smileyhead@discuss.tchncs.de 2 points 4 months ago* (last edited 4 months ago) (2 children)

Why do we even need relays in the first place? Like, if only someone could create a network that could enable computers to send messages to each other on the layer below apps so apps would just be to display and format those messages, not pass them (ツ).

[–] makeasnek@lemmy.ml 4 points 4 months ago* (last edited 4 months ago) (1 children)

Why do we even need relays in the first place?

To store message content. To hold message content if you send a message to an offline contact and vice versa. To handle getting things across networks (clearnet to Tor and back if you only are connected to one). To work around NAT etc. To moderate "public square" type features (ie trending posts). Many reasons.

What if one relay is on clearnet and the other one is on Tor?

No problem, relays can communicate cross-network. They relay things between each other so traffic will find a way through as long as one node speaks to both networks.

What if relays I use are not rechable by my contact, that lives in censored country like China and can only connect to relays in there?

As long as there is a relay path between you and your contact, there is no issue. Relays can be run through Tor and other anonymity networks which are very difficult to distinguish from other forms of encrypted traffic.

Why do we even need relays in the first place?

[–] smileyhead@discuss.tchncs.de 1 points 4 months ago (1 children)

Okey, so relays can pass message to other relay? Didn't know that, so thanks.

But then, why not use network like Yggdrasil? Which would be basically like Nostr, but can relay any TCP/IP packet for any app, instead of just Nostr notes.

[–] makeasnek@lemmy.ml 1 points 4 months ago* (last edited 4 months ago)

Okey, so relays can pass message to other relay? Didn’t know that, so thanks.

Relays currently don't talk to each other. But users are typically connected to multiple relays and publish simultaneously to multiple relays. Likewise, a user pulls in data (tweets etc) from multiple relays. My client is connected to ten. So to give you a more accurate answer to your question, to DM another user, you and that other user need to share a relay. If you are crossing networks (such as clearnet->tor), this means one of those relays needs to talk to both networks. If you want to follow a particular person but aren't normally connected to a relay they are on, your client can connect to a relay just to get content from that particular person. All of this is handled automatically, of course.

But then, why not use network like Yggdrasil? Which would be basically like Nostr, but can relay any TCP/IP packet for any app, instead of just Nostr notes.

Taking a cursory look at this, it sounds more like a general routing protocol not something that is specifically designed to relay message content or other formatted data (ie you build your apps on top of it, it's just a protocol for packet delivery). Nostr could conceivably run on any base routing protocol like Tor, I2P, or Yggdrasil though I don't know of any specific implementations either way. As long as the relay has a way to resolve addresses and send data to them over TCP it should be fine. Hadn't heard of Yggdrasil yet thanks for letting me know about that I'll do some more reading later.

[–] RobotToaster@mander.xyz 3 points 4 months ago (1 children)

Same reason you need an email server, not everyone is online at the same time.

Closest I've seen to something truly serverless is plebbit, which is a Reddit/4chan clone using ipfs.

[–] glowie@h4x0r.host 1 points 4 months ago

Plebbit is dead

[–] DavidGarcia@feddit.nl 1 points 4 months ago (2 children)

Lemmy is absolute garbage on privacy. I would love a private Lemmy with fine grained privacy controls.

[–] Zagorath@aussie.zone 8 points 4 months ago (3 children)

Lemmy is absolute garbage on privacy

I mean, yeah, it is. But that's because privacy is not what it's trying to do. If anything, privacy is fundamentally antithetical to what it does. Saying "Lemmy is garbage on privacy" is a bit like saying "Microsoft Word is a terrible IDE".

load more comments (3 replies)
load more comments
view more: next ›