But is that still a problem with them using blossom now?
Discussion
Post an image from another client and go to primal and copy the image link and verify for yourself
That's nice. It messes with analytics for uploads on nostr.build.
It's good for their analytics subscription product though 👌
Yeah. I think they also have it set up in a way to intercept all media requests, so for all you know the media is tampered with and Blossom is useless
They also could tamper with content from relays.
The fact that they are trying to EEE nostr is becoming clearer every day and everyone is a frog getting closer to being boiled…
Why would they do that?
Because they want to monetize you
*shocked*
I guess if you host all the images that makes it easy to track what people are viewing. Could be useful for implementing ads.
Might help for censoring things too.
Well yeah they’re a business. I would expect them to monetize something. They can’t operate on grants and donation zaps forever. But how does doing this help them make more money? How does frustrating their users by fucking with their media posts make more money for them?
Their actions don’t make sense. What if they’re just retarded?
Hanlon's Razor: “Never attribute to malice that which is adequately explained by stupidity."
The link says nostr.build
What link? I just tested it and see the url changes
Copy paste url below into your browser and remove the dash in front
———
I got this url by going to primal and copying an image url from a note I published in damus.
Posting this image through damus
I went into primal. Tapped and held on the image in primal. Copied the url and pasted it on this note. It’s the same url from damus
Paste from primal into a notepad or text doc and you will see
Same URL
At this point I think you are just being dishonest
Where the fuck did these links come from then?
—-
%E2%80%94-
—%E2%80%94-
——
%E2%80%94%E2%80%94
Remove the dash and post anyone of these links into a browser
Why would I be dishonest????
I copied the first URL and it’s a broken link but if you remove everything after .jpg then it opens to my image. Idk where you got that link from. Are you using primal on android?
Still waiting for nostr:npub16c0nh3dnadzqpm76uctf5hqhe2lny344zsmpm6feee9p5rdxaa9q586nvr to respond here.
Don’t hold your breath
I don’t expect it either 🙄
Something something a caching relay makes the user experience so much better! It’s faster! And more friendly! Something something users can use blossom something nostr wallet connect something something primal is just one options something something we give away sats something something Odell hopes to make lots of sats one day.
Primal’s feeds are faster to load, smoother to scroll, use less of your mobile data plan and occupy less of your device storage than any other Nostr client. This is because we resize all feed images to ideal dimensions for feed display and place them into a CDN, so that your device can get to them with minimal network hops.
Note that we do this for feed display only. Once the user clicks on an image, we download and display the original image in full size. This can be easily verified by checking the image hash.
People who ascribe malice to this practice are clueless. Imagine thinking it’s a good idea to download 1GB images as you simply scroll through the feed. That would be the easy thing to do, but we go through a lot of trouble to ensure that the Nostr feed scrolling experience is competitive with that of the legacy networks.
Clueless? 😝
You have to be kidding me.
Manipulating user data without the users permission is the issue.
There is no reason for *you* to make a decision for the user without the user explicitly agreeing.
The user should be informed and ultimately decide how there data is used and represented.
What’s the point of a user signing every event if clients like Primal are going to tamper and misrepresent user data without consent.
Huge problem across many nostr clients too
For example many people have told me about the apps they use censoring my posts for them without any identifiable reason or way to fix
Look, if UX and data usage are not important to you, by all means use other Nostr clients that download high res images as you scroll the feed.
You can disagree with our approach, but ascribing malice to it is going a bit too far, don't you think?
Just trying to have a conversation. I would hope there is no malicious intent, but How do other clients manage to do it? There has to be other ways to reduce load on the client side for the download other than changing images and URLs? Legitimate questions.
AFAIK, other clients load original images directly from the source. I think some use CDNs. All this produces janky feeds if original files are large.
Note that we never change any URLs at Primal. Users' notes remain unchanged. This is very important. Our clients have additional logic to try to load smaller versions from our CDN, then fallback to the original URL. Once the user selects the image, we always show the original hi-res version.
The URL in the feed is a different URL to what the user posted. Although it ultimately points to the users photo/server. It’s still an alternative URL until the post is interacted/clicked. Correct?
Am I understanding this correctly?
The url is the same as what the user posted. Our clients interpret that url by trying to load an optimized version from our cdn, then falling back to the original.
You are dodging the issue.
You are taking user’s media files and uploading to *your* cdn.
You are now in control of the media displayed on primal not the user.
If the user changes the media associated with their media url (not the url just the media) primal would be displaying incorrect / out of date content.
Primal at any point could change the content associated with its media links.
The charade of ignorance on this subject is alarming.
Since we are using Blossom, the user can't change the media file after the note referencing it has been published.
Since Primal shows the original image once the user selects it; it is easily verifiable if Primal altered the image.
I've outliend the multiple benefits of our approach above, but if you don't like those tradeoffs, use another Nostr client. 🤷♂️
Dude what the fuck is wrong with you?
Your answer here is once the user clicks on the primal thumbnail they will see the real image?
What happens if users don’t click on Primal’s thumbnail image and never see the “original” image.
You are obscuring and manipulating media not of just your own users but of all Nostr users.
The entire point of Nostr is for the users to control their content not the clients/platforms.
Puzzles, dude. I think you’re missing the bigger point.
The freedom to choose, from a variety of valid choices, is the single thing that empowers true sovereignty for end users. Anything more (like enforcing best practice) requires market manipulation by centralized forces.
Nostr protocol simply provides a means for app developers to build in a more sovereignty respecting manner. The freedom to choose the “most sovereignty respecting app” MUST be in the hands of the user, if Nostr network is to remain “decentralized” and sovereignty respecting as a whole.
OFC Nostr protocol has a long way to grow to keep users informed of predatory apps and the choices they make … but that is a matter of user education and NIPs for transparency.
Shaming of app developers to get them “in line” is all fine and good … but there’s a fine line to cross before we hear calls for banning and such. That would just be a missed opportunity … when a focus on user education would go lots further than app shaming.
Creators and Nostr users are being misrepresented on platforms like primal.
This is where I personally draw the line.
I have a zero tolerance for bullshit policy.
How would you suggest I help educate users of poor nostr ethics?
Personally … I think a NIP for transparency will go a long way to help.
After this … then any education material that lays out “what to look for and care about when choosing apps on Nostr” will be helpful. Even like “client reviews” articles on Nostr, from a number of different perspectives, would help. I’d zap that.
Users don’t know what they’re doing, they’re Uploading giant files for people to see on small screens. All primal users are idiots and primal needs to help them make their content more accessible!
Primal is just helping users out! No malice!
mart.com/files/22/Borat-PNG-Photo.png
So you Change the “thumbnail” to display a different version of the photo. Which could theoretically be any image you want it to be? This still does not sound okay to me.
Oh really? So the events with images are being swapped with a new URL when viewed from Primal?
Miljan just gave us a master class on primal thumbnails 😝
Yeah I don’t like that.
This also means if I post my nostr.build. Then kill the link, Primal already cached my image and will probably continue to serve it to people, although I deleted it.
I understand that everything on the internet is saved forever. But I don’t want the URL to go to nostr.build anymore.
Nobody can stop them from doing what they are doing but if you are a user of primal how can you trust what you see?
Advocating for and or using primal is cringe af.
Yup. I never enjoyed the experience on primal.
We need to shame these primal influencers for bad Nostr etiquette
Why is okay to talk shit about X for bad policies but not Primal?
The double Bitcoin standard
Can you explain a bit more about how you say Primal changes user notes?
I did a test just now, publishing an image that was uploaded to nostr:npub1nxy4qpqnld6kmpphjykvx2lqwvxmuxluddwjamm4nc29ds3elyzsm5avr7 but pasting the URL into a note on Primal.
When I viewed the source of the published note, Primal had not changed the location of my image.
Help me understand what the problem is.
They are displaying a “primal thumbnail” and once you click on the media it directs to the original file. nostr:note179eu4er5nwde857484ewk99f5xhw766qvxtj5tlz8a8daq2u95gquaqfzt
OK, so it’s a CDN that caches a smaller display version for scrolling the feed faster, but the original note is unchanged. I’m not seeing how this is an intentionally malicious attack against Nostr, but it is definitely cause for concern that one might choose to delete an image from the source, such as nostr.build, but the cached version stays live.
What happens when the server is hacked and shows porn or worse for every media image on their server 🤷♂️
It’s poor functionality at best. And It’s mis representation of what the user intended to be posted.
That’s a valid point.
I’ve honestly just been trying to put into context for myself the arguments for and against. When I say I’m against it the primal army just says cuz it’s faster and I’m retarded. But it’s seriously starting to feel like and issues. (Or it will be one day).
But what’s to prevent any media host you use from changing the source image from the URL?
I asked this yesterday and it’s above my technical understanding. Nostr build could be attacked or go rogue. However, the way they implemented blossom protects that. There are mirrors that have hashed the media and it’ll go to those mirrors to retrieve it. Primal also implemented blossom. So the issue is the cdn thing. Which seems like it is really only a risk to primal’s business. Maybe I’m wrong about that though 🤷♂️
As I explained to mahdood yesterday, Nostr.build requires you to sign every upload/ event. If Nostr.build got hacked they don’t have your keys and cannot change your content.
Primal is centralizing users content and displaying their screenshots in the name of speed instead of fetching your content from relays.
People will leave primal and go to a different client. Will said this the other day
nostr:note15klxt0vek7klcgal47uv506v7lvfe8pkzngjm0v2q4awj5c5yp0qyl3cra
This is currently my view. Is it bad practice? Probably.
Is it malicious? Are they trying to attack nostr or intentionally harm users? That’s a big claim that I’m not willing to make at this moment.
Time will tell. If primal goes down or gets attacked and the images get fucked up, they will have to scramble to try and fix it before losing most of their users. The market will correct itself and punish them if they face that type of attack. People will leave primal and go to something else like damus.
On a free and open protocol, just like on a free and open market, the successes and failures of these clients is an overall win for the protocol. It sends a signal to everyone about what works and what doesn’t.
Is it the same argument for Microsoft, Google, Apple, AOL, Dropbox, hosting providers, image hosts?
If so, I respect you for holding ground.
But the scale of the issue needs to be agreed.
They should be responsible for conceding the tradeoff involves a sacrifice of certainty, sovereignty, debatably, they are doing that already. Users should be aware of the sacrifice. Debatably you need to do what you are doing because their actions aren't sufficient to ensure that they are.
On the other side, you should be responsible for conceding that you are in the minority opinion. But arguing a principled position. It should be Agreed by both sides that your position is technically right! Your argument should be able to be focused on the fact that you believe those trade offs to be misguided.
And the minority position should have more respect than it does. All ideas begin there.
Then we can decide how cringe that is. I mean watching CNN at the airport is one thing but subscribing to Don lemon's fit bit is something else.
I just copied an image link from primal from a note I published on damus
———%E2%80%94%E2%80%94%E2%80%94
This is not the image url I posted.