What are peoples tips for security and anonymity using Nostr?
I take it your IP is still attached to all of your broadcasts, but how is it stored?
Can someone help me understand the privacy dynamic on Nostr as a technology?
#asknostr #nostrnewbie #security #privacy
My concern if it is the same as any other kind of online engagement is that people may mistake the 'censorship resistant' architecture for 'anonymizing' if that is not the case.
Use a VPN, at least.
IPs are not attached to your notes directly, but relay operators can if they want, see the ip from which the note is being made. Or what ip a user uses, so a VPN would be recommended if you care a lot about being a nym.
Before uploading a picture make sure you remove all the exif data, some services might do it for you, also make sure not to dox yourself in your images.
There was a whole internet guide someone shared on being a nym. But that’s not only for nostr, it’s for the internet in general. I’ll see if I can find it.
Depends on your threat model you're working with. Just started a great thread on privacy and why one would use a VPN
I'm quite well versed in this but would still love to see the guide.
To add on to your metadata point, you can look at projects like Fawkes for a subtle way to alter your photos so that facial recognition software cannot attach your image to your social media or other things you've inadvertently put online, or terms of service allowed companies to put online.
I'm using Tor so I am not too worried about anonymity, but I just want to get a grasp of what the protocol offers and does not offer in this respect.
Thanks for your response.
You have already received some very good responses. The conclusion is simple: you are responsible for your privacy, and you can make this experience as private as possible using VPN and tor. There are solutions available for all levels of security. Now, you also have access to one of the most private DM protocols, simpleX. Ultimately, you are responsible.
Thanks for raising awareness. Add an LN address man.
I don't have one. I've been meaning to do some research on the lightning network.
It's okay to start out with a custodial solution. Download wallet of Satoshi and your good to go.
Then when you're ready, pay Voltage.Cloud a monthly fee to run your own LN node, and set Zeus wallet up to that node. Or, use Phoenix Wallet which is in my opinion the easiest way to access lightning in a non-custodial trust-minimized way.
Feel free to reach out to me if you need help or just sparring on stuff.
