Replies (3)
As you should be. I'm concerned about prompting in general, and at the moment, I haven't had the customer demand to justify the investment in strong privacy tech, which is laborious by nexessity. However, I think I'll have it in 2026 sometime and the privacy portion of it should be reviewable publicly. That's the goal.
For now, I'd just recommend treating my stuff as you might Twitter or another AI program, something public. Security can always improve, so use caution with any alpha level app.
At the moment, you can log in to most apps with just email and a password (alpha/demo releases). I've been working on the backend layer for ecosystem auth, and once I get that done, the privacy and encryption options can be as lightweight or as hardcore as the users are willing to pay for. There are some privacy features I've considered that are definitely on the extreme category!
Additionally, many of the newer (unreleased) apps are more or less forms and search fields and dispositions (bools, ie true or false toggles, and things like timelocks or other features are related but are lower level) and require very little PII. Of course, the super power is the ecosystem, but I agree... I would not advise full disclosure to any online app ever, mine are no different.
If you're passionate about privacy, I'm happy to listen to what's important to you, hear your ideas, and work with you or an expert of your choice as I craft policies. I haven't used NOSTR much but I am a prolific poster on X.
The "next level" of my stuff, with no exact release timeline, is that independent developers can ship apps inside the ecosystem and there's a world in which the users could leverage different SHAs or whatever and go really intense with permissions and roles, "spend" or CRUD conditions, etc. The downside is that the best security systems tend to avoid complexity which introduces more maintenance and therefore bugs and audit/test problems... I digress.
In short, privacy and encryption is important to me and I have every intention of hiring someone better than me if/when that becomes something enough users are willing to fund development for.
Nostr wine is trying to charge me $18 to reply and tbh I am not going to investigate whether that is worthwhile and fund a wallet on that device atm. But here’s the response I wrote on one of my other devices, which I’m sending you via Damus:
“As you should be. I'm concerned about prompting in general, and at the moment, I haven't had the customer demand to justify the investment in strong privacy tech, which is laborious by nexessity. However, I think I'll have it in 2026 sometime and the privacy portion of it should be reviewable publicly. That's the goal.
For now, I'd just recommend treating my stuff as you might Twitter or another AI program, something public. Security can always improve, so use caution with any alpha level app.
At the moment, you can log in to most apps with just email and a password (alpha/demo releases). I've been working on the backend layer for ecosystem auth, and once I get that done, the privacy and encryption options can be as lightweight or as hardcore as the users are willing to pay for. There are some privacy features I've considered that are definitely on the extreme category!
Additionally, many of the newer (unreleased) apps are more or less forms and search fields and dispositions (bools, ie true or false toggles, and things like timelocks or other features are related but are lower level) and require very little PII. Of course, the super power is the ecosystem, but I agree... I would not advise full disclosure to any online app ever, mine are no different.
If you're passionate about privacy, I'm happy to listen to what's important to you, hear your ideas, and work with you or an expert of your choice as I craft policies. I haven't used NOSTR much but I am a prolific poster on X.
The "next level" of my stuff, with no exact release timeline, is that independent developers can ship apps inside the ecosystem and there's a world in which the users could leverage different SHAs or whatever and go really intense with permissions and roles, "spend" or CRUD conditions, etc. The downside is that the best security systems tend to avoid complexity which introduces more maintenance and therefore bugs and audit/test problems... I digress.
In short, privacy and encryption is important to me and I have every intention of hiring someone better than me if/when that becomes something enough users are willing to fund development for.”
That nostr wine notification is annoying. It should be fixed by removing it from your relay list, at least on amethyst. I think?
