I find this default behavior in White Noise slightly disturbing:

GitHub

White Noise encourages using non-auth relays by default · Issue #528 · marmot-protocol/whitenoise

https://nostr.doctor reports this for a newly created account: I believe Marmot clients should use NIP-42 auth-only relays whenever possible and sh...

Not sure why there are not auth-only relays. NIP-42 auth per session doesn't work yet, or/and properly working NIP-42 relays are not really that common yet? Forward secrecy doesn't really work when NIP-42 is not a requirement for NIP-59 gift wraps: either you or your buddy may expose them with these default relays for example. Similar issue with the NIP-46 signers: private events exposed in the wild

GitHub

Add `--auth` for `nak bunker` · Issue #116 · fiatjaf/nak

That would be awesome if the bunker was compatible with auth-only relays, which could hide kind 24133 events from non-authorized users. Is it possi...

If you're building a signer, please consider testing/making it compatible with NIP-42 relays and optionally making it show a warning if it's connected over a non-auth relay (or specifically a relay that exposes kind 24133 events). #devstr #privacy #whitenoise

@npub1al2d...rnuy there might be a few simple ideas you're looking for. But this goes beyond relays. We need to encourage people to "report" (label) users in a non-scary way to get such semantic graphs. View quoted note →

It is possible to issue certificates for IP addresses nowadays, btw.

Six-Day and IP Address Certificates Available in Certbot

This was also posted on EFF’s blog. As we announced earlier this year, Let’s Encrypt now issues IP address and six-day certificates to the gene...

Example: `https://[2602:ff3a:1:abad:c0f:fee:abad:cafe]` #letsencrypt View quoted note → @npub1ye5p...knpr

I'm surprised nobody has reported this yet; at least I wasn't able to find it. If you were wondering why some nostriches choose Firefox-based browsers—for instance because Firefox currently has stable proxy connection support compared to Chromium-based browsers.

Chromium

It's not that obvious it's broken. Most websites work fine because they don't create so many WS connections. It's also sad that none of the browsers currently support the UDP part of the Socks5 protocol. It should be useful for HTTP/3.

Don't overestimate proprietary Trusted Execution Environments. We might never know for sure whether they are another sophisticated NSA honeypots or not. Issues have already been found in them; Nvidia is not excluded. Not that I'm against these technologies, but I'd like to see more solutions based on something open and independently verifiable as well. If it's not something identical to hardware TEE solutions, then at least there's a not-yet-well-known Linux syscall `memfd_secret`, which is basically a way to allocate private RAM regions that are, to some degree, isolated even from the kernel (pages with these regions won't be swapped to disk, core dumps won't include this memory, etc.). It's a limited solution. It's not for GPUs. However, it's open and independent from any particular vendor. Originally it was designed for cryptography. Useful for NIP-46 signers and CPU-only ML models for example.

memfd_secret(2) - Linux manual page

View quoted note → #privacy #linux #TEE

If you're working on a #dating nostr client, please take a look. View article →

Hey #OpenClaw, #ZeptoClaw and other #moltbots, seriously, take a look. I wish there was something like

GitHub

GitHub - huggingface/transformers.js: State-of-the-art Machine Learning for the web. Run 🤗 Transformers directly in your browser, with no need for a server!

State-of-the-art Machine Learning for the web. Run 🤗 Transformers directly in your browser, with no need for a server! - huggingface/transformer...

but also for training. And to be distributed and computed in an untrusted manner (nodes should reconfirm computations, similar to blockchain). And to be used as UPoW instead of stupid CAPTCHAs and usual PoWs. This could be a DDoS protection service for ordinary websites that trains models and makes you free from proprietary models. View quoted note →

Helium is the fastest ungoogled-chromium-based browser I've used so far, btw.

GitHub

GitHub - imputnet/helium: Private, fast, and honest web browser

Private, fast, and honest web browser. Contribute to imputnet/helium development by creating an account on GitHub.

View article →