Replying to Avatar arkinox

I got the impression from some nostr people that nsec login should be completely abolished. I agreed, so I have only provided 2 login options on every nostr app I've made: create new identity w/ export options, or use extension.

However, with such limited options for signing extensions on Android, I basically can't use my own apps on my phone. 🤔 I've looked at the available signing extensions according to NIP-07 and I don't really trust any of them except maybe Spring, but that's self-contained and doesn't have my apps in it.

What is your opinion of using heavy warnings on nsec logins? **ducks**
Avatar
mleku 2y ago

i think they are stupid. password breaches due to browser and mobile device app caches are the smallest problem compared to the cleartext storage of your private data on siloed trusted third party "cloud" apps.

having said that, i wish more people would realise that airgapped, NFC and USB connected devices like yubikeys and tapsigners are the only serious security.

nsecbunker and xnos and all this sort of thing, they don't fundamentally change the equation in terms of the fact that any app running with your permissions with filesystem privileges is vulnerable.

android devices already partition app filesystems hard using kernel namespaces.

no other app is going to easily gain access to any profile data stored by the app in the standard location. the only concern is if it for some reason writes such data outside of that with general filesystem access permisisons. those permissions are not very clear, to me they seem to give read and write access outside of app profile folders, but should have more clear control - that you can only READ outside of the profile folder, so you know it can't possibly be writing your key somewhere another app could access it.

Reply to this note

Please Login to reply.

Discussion

No replies yet.