people who use mostly nostr apps are using better auth than normies also. JWT is equivalent but almost none of the big sites use it except devs and infra stuff. this puts us clear out front ahead of this kind of stuff. and devs who understand that you must use PKI for auth also tend to know the attack vectors. so we don't tend to use vulnerable stuff like html and some, at least, understand that zapping is the answer to the problem of advertising which often is an attack vector in normieweb. plain text, asymmetric cryptography and not using cloud LLMs.

shit is gonna get really freakish for normies with LLMs in the mix. they are all gonna get fleeced and a few will actually get some schooling. since normies are too busy in the rat race, i personally only care about the ones who are open to a schooling.