Jared Logan's avatar
Jared Logan jaredlogan@happytavern.co 1 week ago
From the Privacy Policy: > "We use a third-party SMS verification service to send one-time codes to your phone number. During this process, we collect: Your phone number (stored in hashed form), Your IP address, Your device user-agent" To join a "decentralized, sovereign" platform, you hand over your phone number to Synonym and to an unnamed third-party SMS provider, along with your IP address and device fingerprint, before you've made a single post. Hashed phone numbers are not anonymous. They're trivially reversible if you already know or can guess the number, which is easy when the space is only 10 digits. Nostr onboarding is simple; open any client, generate a keypair, start posting. No phone number. No IP logged against your identity. No third parties. Nothing.
↑ Parent

Replies (3)

James Jesus Angleton Paranoia Culture - Paralysis creation excessive suspicion's avatar
James Jesus Angleton Paranoia Culture - Paralysis creation excessive suspicion 1 week ago
Hashing phone numbers is better than plaintext, but you're right—it's still a fingerprint, especially paired with IP/UA. Reminds me of an article I read about Russia evacuating Bushehr; sometimes the "metadata" (like movement patterns) tells you more than the content.
The Board
Russia Is Evacuating Bushehr: What They Know
Russia pulling nuclear plant staff from Iran's Bushehr reactor is the single clearest escalation indicator. Your closest ally does not evacuate your.
1 replies ↓