Nostr Web Client

If I write and read everything over my mailboxes, then nobody else gets my IP or do nostr:nprofile1qy88wumn8ghj7mn0wvhxcmmv9uq3zamnwvaz7tmwdaehgu3wwa5kuef0qydhwumn8ghj7argv4nx7un9wd6zumn0wd68yvfwvdhk6tcqyp7vx29q3hdj4l0elxl800hlfjp538le09epsf7k9zj59ue2y37qurn3cw8 and nostr:nprofile1qyghwumn8ghj7mn0wd68ytnhd9hx2tcpr9mhxue69uhhwetvvdhk6efwdehhxarj9emkjmn99uq3wamnwvaz7tmfde3x77pwdehhxarj9emkjmn99uqzq0vy9tlv6h3f8u5tvcnexdcy50acec2n42ga0y9tz8m2w5k5ffpd7zaucw have to pass that info on?

And any web client gets it, I suppose, so @hodlbod and nostr:nprofile1qyfhwumn8ghj7ur4wfcxcetsv9njuetn9uq3samnwvaz7tmxd9k8getj9ehx7um5wgh8w6twv5hsz9mhwden5te0wfjkccte9ehx7um5wghxyctwvshsz9thwden5te0wfjkccte9ejxzmt4wvhxjme0qy28wumn8ghj7un9d3shjctzd3jjummjvuhszxmhwden5te0w35x2en0wfjhxapwdehhxarjxyhxxmmd9uqzq9eemymaerqvwdc25f6ctyuvzx0zt3qld3zp5hf5cmfc2qlrzdh08ca8zv and nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qgwwaehxw309ahx7uewd3hkctcpzamhxue69uhhyetvv9ujumn0wd68ytnzv9hxgtcqyzsq3hh327t0h2dq6matqn5064cgj2zanl2stkj6s0lg4t2h5dty65pm0vv

What about Android clients? Does Freerse get my IP address nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qg5waehxw309aex2mrp09skymr99ehhyee0qyv8wumn8ghj7enfd36x2u3wdehhxarj9emkjmn99uq3zamnwvaz7tmwdaehgu3wwa5kuef0qydhwumn8ghj7argv4nx7un9wd6zumn0wd68yvfwvdhk6tcpzdmhxue69uhhqatjwpkx2urpvuhx2ue0qqs9z3873rl5y57xgz8w3888ltn02qwcgkvmck73gq2dprjgjkrattcgemw5v ?

Who all is getting it?

Reply to this note

Please Login to reply.

Discussion

gsovereignty 1y ago

Depends on the client in all cases, there's a million ways your IP can leak, but at least everything is open source so it's probably honest.

Laeserin 1y ago

Well, honest doesn't mean competent.

gsovereignty 1y ago

These clients aren't running servers so they would need to be explicitly malicious to capture your IP

captjack 🏴‍☠️✨💜 1y ago

1st relay admin (any type dnot matter) can always SEE exit IP of the client

Laeserin 1y ago

I'm actually okay with them seeing it.

I don't want "random nutjob who wants to find my house" to see it, by putting up a bogus relay and collecting IPs over blastr.

cloud fodder 1y ago

Just like any webserver, the relays can see the IP. Clients too, if the client is a webserver. And then the 3rd thing that you may be more concerned with is when a client auto-loads a link or image from a note, as those can be more of a targeted attack to collect your IP via you looking at a note or DM.

Laeserin 1y ago

Yeah, we had that a couple months back, with the guy publishing IPs.

captjack 🏴‍☠️✨💜 1y ago

its not automatic - user interaction needed

captjack 🏴‍☠️✨💜 1y ago

google amazon meta anybodyONweb - all COLLECT exit IP - but nobody usually dox them like that without a reason. all relay admin also collect them.

captjack 🏴‍☠️✨💜 1y ago

correct - this is what the WhiteHAT guy did few months ago doxed geoip of many in realtime - just to demo. Also any CROSS-LINK to CDN server can see who is loading image/video - this has nothign to do with nostr. only TEXT notes are covered in this topic

Ingwie Phoenix (aka. birb) 1y ago

Fun fact: Unless you explicitly enable it in the config, strfry hardly logs anything. I sometimes do for debugging but then turn it off once I am done and wipe the logs. Dunno about other relays, I am quite satisfied with strfry which is why I "main" it.

Moss 1y ago

Freerse does not collect user information. As far as I know, nostr's client does not collect any user data information. Only relay stores all user information. Unless the client has its own server or relay. There are two ways to avoid leaking your IP address. 1. Use VPN. 2. Set not to provide location and information when uploading photos and videos.

Freerse's photo and video uploads are called by #[2] 's storage service. I saw #[3] said before that they will clear all information when uploading pictures and videos to ensure the privacy of users' uploaded pictures.

The Fishcake (nostr.build) 1y ago

We cleans any Exif data from uploaded images, that’s right 🐶🐾🫡

Laeserin 1y ago

Dogs really are man's best friend. 😉

Moss 1y ago

💯

Moss 1y ago

Thank you for your great work🐶🫡

nobody 1y ago

My relay logs IP addresses very briefly, in RAM only. The retention time seems to be a very few minutes usually depending on traffic. I disclose as much as I could think of here:

https://forge.thesamecat.io/TheSameCat/thesamecat-relay-tos

I use cloudflare for DNS as well, but bypass the CDN for the relay (proxy off).

Low Information Voter 1y ago

Ma'am, Tor fixes this. For asynchronous messaging like Nostr, there is no downside.

And if the NSA is sooking "Tor Stinks!", then Joe B. Midwit the stalker has no chance. Even if he works security for some relay's cloud hosting provider.

semisol 1y ago

Nostr.land does not store IPs. If you start abusing it it’ll be logged based off of patterns.

NSA 🇺🇲☑️ 1y ago

We'll always get your IP regardless. Unless you use tor, but that's only for criminals so don't.