Nostr Web Client

I'm curious what client he's using. #[0] can you let us know which client or clients that you're using?

I wouldn't actually use me as the model for "paranoid user support," because my opsec is pretty casual these days relative to ten years back. I'd say a standard "reasonably private without being a pain" setup would be to connect to Nostr through the Tor Browser (included by default) running on the Whonix VM images. The Tor Browser by itself is probably enough for most people, but Whonix layer helps prevent network leaks in the event of malware or a misbehaving app, for those for whom those are relevant concerns.

Snort.social isn't (yet) working on Tor (without disabling private browsing mode), but I think they have a pull request up on their git, so hopefully soon. I only mentioned it because I saw it during testing and liked the UX. I'm using iris.to right now through the TBB, and it works fine. Only thing I've noticed missing is the NIP-05 profile field.

I don't really *need* a nip05 yet, because my key has a memorable prefix that's not (yet) trivially brutable. Will add one eventually -- and FWIW I really appreciate the offers from everybody who already reached out to help on that.

Realistically, I think 90% of potential users won't becoming from desktop clients, they'll be coming from mobile, so I think the real key is to build mobile apps that have a checkbox to route their traffic through the local tor instance. IIRC, 127.0.0.1:9050

Reply to this note

Please Login to reply.

Discussion

MrHodl 2y ago

Yeah, iris over tor would be ideal. #[5]

/dev/fd0 2y ago

Amethyst app works with Orbot (VPN mode). Posting this from an Android phone using Tor.

Overall I agree privacy could be improved a lot at protocol level and in different nostr clients. I had written a post about nostr privacy recently that youihjt find interesting: https://consentonchain.github.io/blog/posts/nostr-privacy/

Edward Snowden 2y ago

Oh, and nos2x for key management. Thanks #[5]

jgx 2y ago

getAlby also works for holding your private nostr keys.

corndalorian 2y ago

nos2x is great. single purpose and no account to setup to use it. I didn’t need everything else Alby offers so was glad for nos2x.

Derek Ross 2y ago

Yep! That's why I chose nos2x, simple, no frills, and made by #[3]. If I have to trust and extension, it's going to be the father of the protocol.

Sirius 2y ago

I just pushed nip05 default field to edit profile. Note that you can add custom fields freely. Thanks for testing Iris and glad it's worked over Tor!

Derek Ross 2y ago

This is great news! NIP-05 coming to a popular client is always welcomed. Thanks for your continued hard work.

farooq 2y ago

🤙

Dany 2y ago

Awesome!

Doh 2y ago

There is a GPU-accelerated key grinder that is public now, BTW. Re: prefix

Derek Ross 2y ago

Do you have a link for the GPU enabled key miner? I'd like to share that. I wasn't aware that one existed yet.

Derek Ross 2y ago

Vanity keys are nice, I wish I had one, but a NIP-05 makes it easier to remember and identify as eventually someone else could mine a sn0wden key too.

average_bitcoiner 2y ago

https://github.com/mikedilger/gossip

sommerfeld 2y ago

We also need more relays with onion addresses so that we don't even need to touch clearnet.

c317af1b... 2y ago

Hey Snowden. Noob here, is there any disadvantage to using Tor? I'm a bit afraid of using it although I would like the privacy, I am just afraid that someone could know that I use it and immediately think that I am up to no good. I kinda think about it as if I download it I would be more open to people wanting to know more about what I'm doing just because I'm using it. Makes sense? I kinda think that blending with the rest of the world using regular browsers somehow attracts less attention to me, or is this a fallacy?

Thank you!

tom 2y ago

Bro just say iris