Thread - Nostr Hypermedia

1) Once you have an account established and are following people it is mostly fine, but it's hard to browse the global feed without seeing strongly undesirable content such as lolicon (or worse). This is a natural consequence of being censorship-resistant, but it will scare new users away. I'm excited to see how this can be reigned in without harming the free speech of other users. 2) By "centralized development", I just mean any standard unifying practice for development. Centralizing a core Nostr codebase under GPL would keep it property of the people forever, while making sure all bugs and weaknesses are patched for everyone. Everyone doing things their own way is a recipe for disaster. Death by a thousand cuts. 3) I have never used Damus, so nothing I've uncovered is specific to them. Finding a weakness in Nostr means every affected Nostr project needs to fix it independently. Even I don't want to write that many bug tickets.

↑ Parent

Replies (3)

elsat elsat@habla.news 2 years ago

1) Agree on the anime p*rn being an eyesore for most. Certain relays have more than others. Agree protocol allows for this, and it is the tradeoff of censorship resistance. I see onboarding as the initial part of the challenge here. Specifically on Damus, the current band-aid solution during onboarding is to have a list of suggested profiles to follow thematically separated (homesteading, parenting, media etc.). Discovery post-onboarding, and the "universe view" is the never-ending continuation of this question. Team is aiming to explore the design, and experience here soon ™️ . Further to the **** problem, there's some work done on using opt-in sensitive image scanning on Damus. It's not complete, and not yet tested for reliability and robustness. 2) > Centralizing a core Nostr codebase under GPL would keep it property of the people forever My understanding is nostr code is licensed (verbatim) as "public domain". 3) I got you, and appreciate effectively pointing out a single weakness thus far. I hope you continue exposing weak points. Here is a proposed solution for a single client:

GitHub

damus-io/damus

iOS nostr client. Contribute to damus-io/damus development by creating an account on GitHub.

If you have feedback on this solution, I'd be happy to pass on to the dev team. If it's just the problem statement/issue you want to share, I am happy to put on the radar of various nostr clients by generating a bunch of issues. Lmk if/how I can be of help.

1 replies ↓

Ostrich McAwesome 2 years ago

One fundamental flaw I see with this idea is that if you are addressing the method in which I gathered these IPs (via DM), you would have to send decrypted URLs from a users end-to-end encrypted DMs to the image proxy, which endangers privacy in a new way because it revealed part of the message to the proxy. Now you have to trust the proxy with potential secrets. Link Previews are also a vector for attack here, and it would be even worse to send all DM'd URLs through the proxy. I also worry that image proxies could bloat the cost of running a client, are a form of centralization (this solution only benefits Damus users), and are a vector for DDoS/Abuse.

Mike Dilger ☑️ mike@mikedilger.com 2 years ago

Gossip client doesn't even have a way to see global relay posts. Apparently I missed out on shower girl, 🍆-pic day, and lots of other things. Now that users can mark relays as 'spam safe' (trusted to moderate content - I should probably rename it) I may add in a global feed for those relays.