Anthony Accioly's avatar
Anthony Accioly anthony@accioly.social 5 months ago
In terms of what would hold up in court, I really can't say. I don’t want to sound too relaxed, nor do I want to paint too much of a dystopian picture… so I’ll focus more on the technical feasibility of deanonymising someone. Yes, DNS is a major one that projects like pkarr, Onion Services, etc., try to address (pkarr is still pretty new, and Tor is no silver bullet). But for personal users, there are a gazillion other layers that can expose them, from software running on their mobile or desktop (starting with keyboard apps, AI tools users have "authorised" to learn from their behaviour, to shady background daemons like Meta was using to the OSes themselves …), them there's your ISP if you're self-hosting, CAs if you are using HTTPS, CDNs, the VPS or Cloud provider provider you're renting hardware from all owning bits and pieces of personal information and metadata that can be pierced together to paint a picture. Then there are all sorts of fingerprinting techniques… and about a gazillion other possible deanonymisation vectors. Again, I can’t say what would hold up in court, but I’d work with the assumption that, for the vast majority of people exposed to Nostr, the authorities can figure out who’s behind an npub or operating a relay fairly easily.
↑ Parent

Replies (2)

Nuh's avatar
Nuh 5 months ago
Let's be realistic here, there are only two ways to stay safe from the law; 1. No one knows where you are, in which case even if they take down your DNS. You create another and people follow you. But you stay out of jail. 2. There are too many law breakers. Bitcoin Miners for example use the second approach (pools are irrelevant as they are hot swappable). If your application is serving 100s of users instead of millions, and there are 100s of alternatives... you are practically unstoppable because the cost of prosecution is not worth it.
1 replies ↓
Anthony Accioly's avatar
Anthony Accioly anthony@accioly.social 5 months ago
Agreed. I mean, we can discuss whether Nostr has reached the stage of hundreds of users with hundreds of alternatives yet. In my opinion, at the relay level, not really. If you go for folks using Cloudflare and half a dozen public relays, Nostr becomes a very quiet place. But everyone is hard at work to improve the situation. And every time I see Vitorstruggling to update Amethyst to work with the Outbox model, but keep going anyway, I smile a bit inside. Things are slowly moving in the right direction.
1 replies ↓