Replying to Avatar Tim Bouma

Ironically, the best way to solve the problem of massive data breaches is to have the data out in the open to begin with. Relays can do this job.

How you protect the data is to not view the data as being in a single container protected by a single key, but as millions and millions of little containers (events) signed and encrypted by keys that you don’t actually hold.

If there is a breach, it’s an issue contained to an individual holder, not and issue for the entire dataset, or for the broader society as a whole, who now has to deal with massive breaches on a daily basis.

In keeping with my earlier theme, #nostr turns the whole architecture and approach inside out. It will take some time for this to catch on (too much money to be made fighting the traditional cybersecurity fires), but we’ll get there.

#nostr #cybersecurity
Avatar
Crusty 👨‍💻 1y ago

Don't you think that nostr at the moment is relatively unsafe in a way, that if your privkey is leaked, every of your data is leaked?

Scattered layout is nice, but if every relay "protects" your data with one key, then it is not that safe.

So I think we still need a key management to solve this problem, then we are good to go.

Reply to this note

Please Login to reply.

Discussion

Avatar
Tim Bouma 1y ago

Agree. Private key management has to improve. But at least, if one key if breached, the entire dataset isn’t breached.

Avatar
Tim Bouma 1y ago

The market will figure that out. If someone needs an industrial or military-grade client to protect an #nsec,they will build it.