Nostr Web Client

Fair enough 😁 Would you care to point me to some security concerns?

The biggest is definitely the fact that a vast majority of its relays are run by the company, which is a for profit company that kinda just showed up out of nowhere. The tech itself seems solid but it's concening to me that the relays are overwhelmingly run by the company.

Also, unlike Session, itd be incredibly easy for governments to set up honeypot relays. If I'm not mistaken, there isn't any onion routing in SimpleX, meaning they wouldn't even need to do a sybil attack to know metadata like your IP.

Reply to this note

Please Login to reply.

Discussion

chrizzz 1y ago

Thanks, that’s very informative. I saw that nostr:npub126ntw5mnermmj0znhjhgdk8lh2af72sm8qfzq48umdlnhaj9kuns3le9ll has a nostr:npub1exv22uulqnmlluszc4yk92jhs2e5ajcs6mu3t00a6avzjcalj9csm7d828 server package on their marketplace which means other people could run servers. But that is an issue in itself as you state in your second point 🙂

Jacob | Five Eye Tea 1y ago

No problem! I'm down with people using what they enjoy; as long as they're not using unencrypted messengers or big tech ones (Telegram basically falls under both categories), they're doing good for their privacy. It just irks me when people buy the Signal FUD and rush to act like SimpleX is the ultimate, end-all option haha

chrizzz 1y ago

Got it 😁 thanks again!

fiatjaf 1y ago

You can run your own relay and that should be pretty easy.

Compare that to Signal where there is only one relay that everybody should use and it's already a honeypot.