Replies (80)
Plz note that relays supporting NIP-09 are sometimes a problem too. Dev of Amethyst is using client to update relays who serve old versions of 'replaceables' due to relays not properly deleting/replacing.
"due to relays not properly deleting/replacing" seems to be the key statement you've made here.
What about repost/boost? Would it not force the note to be copied to another random set of relays?
I have not tested this recently, but if you find any issues on mine please reach out so I can resolve it and keep you on there. π«
Sovbit.host supports nuking your posts on all relays. π
Same.
Do you know how I can delete a note in Damus? Or Primal? Is this possible?
Just checked here and nostr.band don't support NIP-09 π
Yes go to Amethyst or snort.social to delete it.
Sadly with broadcasting services, it makes it nearly impossible to take enough control of your notes. And nothing can really be done to stop it. I agree this is a major safety issue. Best you can do is pick the best relays and hope for the best
No Amethyst on ios & snort.social isnβt opening in my browser. But thanks anyway
Nostur also
How can you check this? I.e. how does a pleb know if their relays support NIP-09 or not? (PSA)
What if I run a relay that does not delete and anyone can still see all your notes?
It's different for different clients. I provided a method above for garnet and Amethyst.
You can check on https//nostr.watch
On the details page for a relay, it lists the NIPs. Link and screenshot provided.
https://nostr.watch/relay/nostr.thesamecat.io
I hear you. It starts educating people and opting out, then verifying and holding relay runners to the new standard. If enough people do this, the tech will evolve to meet user expectations, or privacy-conscious users will just stop using Nostr, and it would be a shame to see that happen.
Mutiny as well.
I completely agree with this! When I first joined Nostr I thought it was weird that I needed to request to delete things. I should be able to have complete control on my accounts.
"Own up to what you said" seems like a method to harass someone for something that was posted previously. Other than Nostr, I use Reddit and every now and then I completely delete my post and comment history. This is to prevent people from reading through my extensive comment history and tracking my identity.
Nostrudel.ninja have it as well
I had actually recommended a NIP for exactly this deletion purpose.
@Vitor Pamplona started working on that after my recommendation, which I was surprised it started to happen.
What NIP are you referring to that you originated?
This you, 18 minutes ago, wanting people to thank you for the idea? Do you have a post for reference showing that you originated the idea? Genuinely curious.
Your comment was from August 10th 2024. Vitor started work on this in May 24th 2024. I believe you have a misunderstanding by what he meant by "on it."
Good point. I cleaned out mine as well.
Now how about Tor relays?
That might be a bug on the client side.
You're asking for a false sense of security. NIP09 does nothing at all for your privacy.
If you dox yourself on a broadcast network your key is burned. Your identity shouldn't be so important to you that youre unwilling to discard it if you're trying to remain anonymous.
Nostr is not just for uber paranoid anons, and if it is, it fails miserably at it, and is also dead in the water as a protocol that anyone else would use.
Unfortunately, it is not.
I have gone ahead and deleted the comment, for I hadn't seen the date it was posted. I thought this was recent.
IMO it would not only be important, but also an effective move for Nostr growth and adpotion to promote 'privacy by default NIP-09 respecting' relays as a main reason to use paid relays.
Event Deletion should be standart on Nostr.
All clients should support the post deletion.
Damus donβt support
unfortunately @nos isnt available on android, but i've laways thought they have clever options like this#nossocial
Yeah I much prefer my posts to be ephemeral online. If I say something I want to stick I have a blog for that.
This place for me is akin to a chat in real life. I donβt want those captured for eternity either, although in this country maybe they are alreadyβ¦
The perfect is the enemy of the good enough.
We also need more AUTH on relays.
Yeah, I had to drop both, but they're aggregators.
@Ava This would be easy to test. Auto-write a note to each relay and then follow with a deletion event and then mark the relays π΄π’
I might try that, later.
That's self-reporting, tho.
Or Nostrudel.
Vitor is solving an important problem.
apparently this "cybersecgirl" doesn't understand one of the first principles of signals intelligence:
if it's too sensitive, don't send it over a public network, even if you encrypt it with GOD level encryption
Irrelevant to the point she's making, to be honest.
There's a wide range between a customer expecting perfect security and wanton negligence from a service provider.
anyone who whatched Johnny Mnemonic would get that one
someone who touts themselves as an expert has a higher grade to pass
But for Ava concerns about privacy/safety and have notes deleted on Nostr, it's either possible or it's not, and it's not, it's just a best try effort, there is no guarantee, all your favorite relays can delete but others won't and anyone can still see it.
No, they don't. You just don't care about the OT and only joined the conversation to insult them.
yeah it's very relevant because if you are really worried about not being able to delete your posts you don't post them
which is elementary signals intelligence
she doesn't get a handicap because she is a "girl" if that even means anything for someone who if you actually follow her stuff you'd see that she is constantly making shit up
Nah, by far one of the most high-signal npubs on here.
Agree, if something can be performed as an "attacker" then you cant just standardize non-forceable good behaviour in participants.
When online-status on nostr based on recent connections to relays!?π
Thanks for this. I didn't even know this is a thing. Some clients like
@Damus don't even support event deletion unfortunately. At least I couldn't find it.
good luck with that
when you come around to grasping the reality we can have conversations again
ava is a disinformation operative, i am absolutely certain of it
Agree. One of my favorite accounts on Nostr. Keep the posts coming.
good to keep abreast of who is a dupe
In the #nostr world you need work with a new set of assumptions. For example how to interact with non-cooperative relays. Either avoid them completely, or not publish anything that compromise you.
If a Note is on 1 node that deletes it, and another node still has it, will it somehow populate back to the node that deleted it if enough users are searching for it?
i guess what i'm asking is are the Nodes interconnected. if this is like a Hub and Spoke network, then sometimes you have to fly from one hub to another hub to get to small towns or small relay villages.
That's like saying we shouldn't bother locking our front doors because someone could break through a window.
There is value in making misbehavior inconventient or counterproductive.
If the front door is really locked by a tech implementation that actually works, then yes.
But internet makes things scale in a hardly to imagine way, and a "mostly locked door" easily become equivalent to an open door.
Imagine exchanging offline paper messages using some sort of Ceaser Cypher to crypt them. In most cases, if you are not an high target or someone is motivated to see the messages, you have a mostly closed door that can work for some situations, protecting messages from accidentally leaks.
Put that exchange-scheme on internet and you have an open door, you can consider your flawed encryption as exchanging cleartext.
the specification is very vague about this but part of the reason is there is no consensus
you basically have to assume two things:
1. anything you publish is probably picked up immediately and stored by somebody
2. any delete or replace event is probably not going to be acted upon by somebody
this is why fiatjaf and the general consensus among everyone who understands the protocol is that delete just doesn't work
i'm one of the small number who points out that the very concept of replacement should involve a reference to chain them and that deleting should not be all or nothing but moving old versions to a state where they can be deleted but usually not immediately
most of the nostr devs do not really understand distributed systems theory adequately, and i'm not a competent expert but they mostly understand less than me (i've been working on distributed systems since 2018 pretty much full time)
anyhow, i hope that helps
this is why rule number one is: don't put sensitive data on a public network. period.
anyone who is trying to sell you any idea that you can ignore that rule should not be trusted and probably is a spook trying to keep the newbies confused about security
there will be so many redundant caches that deletion is pretty much nonsensical on nostr. you can of course try your best but the idea of the note disappearing from every nostr database cache is a pipe dream.
every damus client has a copy... what happens to the caches that are backed up and don't get the delete request. the data is still there.
Distinguished fellow, I implore you to graciously share your expertise on a matter of paramount importance: the identification of malicious Nostr relays. As one navigates the vast expanse of this decentralized network, the ability to discern trustworthy relays from those with nefarious intent is a vital consideration. Your insight and wisdom in this regard would be a beacon of illumination, shedding light upon a subject shrouded in complexity. I would be most grateful if you could indulge my request, and I extend my sincerest appreciation in advance for your forthcoming response.
OK...
Those not uber paranoid people can keep using their keys then even when they broadcast a message they shouldn't have. The feature you want is, first for uber paranoid people in the first place and second, it's not possible.
A scheme to request deletion is fine. But it's always going to be a request. And the relay can always lie to you.
I'm not talking about how nostr should be. What I'm telling you is, there is no scheme whatsoever in any protocol that can ensure that a message you've sent to another machine is deleted by that machine and/or not relayed elsewhere. Event deletion requests for a key that youre trying to remain anonymous with is nothing more than a false sense of security. If you're not uber paranoid then it makes no difference to you, you're still going to use the key. If you are, it makes no difference to you, you're still not going to use the same key if you screw up. You can choose to use relays that honor deletion requests (or at least say they do, again, you can't enforce it or know for sure), and that's a nice thing if they do, but it gets you no guarantees as far as your security is concerned.
Your posts are still saved in Reddit even if you delete them. Also fuck Spez.
it is a great nip
Clients should request deletion events from the author of each note and if there is one, hide the note content in the client and indicate that the author has requested the deletion of this note.
@Huw zapped β‘οΈ10,000 sats
View quoted note β
Rude interactions like this are not Christ-like brother. Iβm guilty of it as well
letting my brothers and sisters be duped by an obvious spook is not helping anyone either, and being afraid to speak that warning is not Christ-like either
Christ spoke out against the scams of the system... and that's all i'm doing here
it doesn't take an expert in espionage to recognise a counterintelligence operative (or loon)
Nothing they have said indicates theyβre a spook
she doesn't know her subject at all and she acted like i was stalking her just because she kept on being replied to by my follows and made threats and shit
she's either a spook or she's got a personality disorder
are you going to tell me it is Christ like to not warn people about someone who is possessed by evil or?
Iβve seen your interactions all over Nostr and what I see is a divisive person with an attitude problem that is chronically online. As I said, how you behave is not Christ-like, I donβt say that for my benefit I say that for yours
Not my main point at all. Those are your words. There are many other reasons. Here is my post from yesterday with another couple of examples of why not having a delete event function is dangerous. There are many more examples.
The inability to delete posts on a platform like Nostr can have serious implications for personal safety, privacy, and overall well-being, particularly for vulnerable individuals or those in precarious situations.
Ava
PSA: If your relay does not support NIP-09 (event deletion), I am removing it NOW.
NIP-09 respects the fact that privacy-conscious folks may not want everything they post on Nostr to be archived on a permanent record.
Did we not learn anything from Snowden?
In garnet and Amethyst, go to your relays and tap on the name to see the NIPs each relay supports.
The ability to delete events is not just about "not owning up to past comments"; it also respects the fact that among many potential issues (including malicious relays), people may accidentally doxx themselves and want that post removed. This can be especially dangerous for women who are dealing with stalkers or abusive exes, etc.
Using relays that do not respect users' requests to delete events poses significant privacy and potential safety issues, and I will not continue to support the reluctance of relay runners to adopt and honor NIP-09 event deletion requests.
View quoted note →
All relays should delete everything after 30 days .. after 90 days if you pay to retain .. only personal relays should have perpetuity option
