Thread - Nostr Hypermedia

Someone posted an image of my encrypted nostr DMs on Twitter. Of course I know that it's possible to see the metadata but I didn't realize how creepy it feels. You can see who I talk to and when. You could deduce my social circles, maybe even real world activity related to my messaging patterns. From now on, I will stop using normal DMs on nostr. The traces they leave is horrifying and you shouldn't use DMs either. *Please do not send me any DMs from your npub if you have something to communicate to me.* Use a random npub or a giftwrap or use a different method or use a different network to reach me. Nostr DMs have always been a complete privacy hell and I urge anyone to realize this and act accordingly. I repeat: DO NOT DM ME. I WONT DM YOU.

Replies (38)

Gigi dergigi.com 2 years ago

The doctor has a point. View quoted note →

VictorieeMan VictorieeMan@victoriee.com 2 years ago

Let's attach a @SimpleX Chat recommendation to this

7fqx 7fqx@ditto.pub 2 years ago

Clients could have a little warning when opening DM section about the reality of DMs. 🤔

Laser laser@primal.net 2 years ago

timing attacks can be fairly sophisticated

thepurpose thepurpose@nostr.fan 2 years ago

We should boost @SimpleX Chat imo.

zzxcrg ⚡ 2 years ago

🤔🤔

Unhosted Marcellus _@ordisrespector.com 2 years ago

I don't get why the Nostr community (clients & relays) has given up on supporting NIP-42. It'd prevent random users from doing this (but not the operators of the relays you use). Nevertheless feels like low hanging fruit. @semisol @fiatjaf you authored the NIP, any insights on this?

GitHub

nips/42.md at master · nostr-protocol/nips

Nostr Implementation Possibilities. Contribute to nostr-protocol/nips development by creating an account on GitHub.

Tanksen tanksen@einundzwanzig.space 2 years ago

@NostrTalk 💜

npub1294d...fjul 2 years ago

If you used simplex couldnt someone also post a screenshot of that chat?

VictorieeMan VictorieeMan@victoriee.com 2 years ago

What is a giftwrap?

VictorieeMan VictorieeMan@victoriee.com 2 years ago

you need to be a party of that chat to do that. The nostr dm meta data is public for any third party to map and visualize / track. Messages are encrypted, but reciever and timing is public in nostr dms.

npub1294d...fjul 2 years ago

At the same time i dont see a HUGE problem because.. they are DMs, not PMs. Direct message, not private message.

VictorieeMan VictorieeMan@victoriee.com 2 years ago

Aight, then we got that sorted out :)

VictorieeMan VictorieeMan@victoriee.com 2 years ago

Fair point. The DMs might be a good place to share contact info to private messages, for instance. So I agree with you here.

npub1294d...fjul 2 years ago

DMs are just for sharing SimpleX links. 😅🤣

VictorieeMan VictorieeMan@victoriee.com 2 years ago

Based 🗿

nobody 2 years ago

Does oxchat fix this with private and secret dm?