Avatar
Silberengel 4mo ago

Expiring/disappearing public messages on AUTH relays are the most useful for protecting most people's privacy, whether the message itself is encrypted or not.

That is because the biggest privacy problem most people (and especially **WOMEN!!!**) have is people digging up some shit they drunk-posted 9 months ago and sending it to their boss, or their ex Internet stalking their old posts to figure out where they live, so that they can poison their cat or climb in their window at night.

No sane woman likes the idea that every damn chat she has is forever and archived on 5000 relays, all over the globe. And it being a private group doesn't help as much as the event simply getting hard-deleted in a timely manner because the person who can cause them the most trouble might be in that group.

The nation state is not the primary enemy, it's the apex enemy. The primary enemy is closer to hand.

Reply to this note

Please Login to reply.

Discussion

f8
Deleted Account 4mo ago

Forgive my UTTER technical ignorance here but shouldn't all people run their own node/relay to secure historical reference and anything passing through other public relays expire automatically in a timeframe controlled by the message sender?

Sometimes we write something we destine for eternity and other (most) times we want our words to echo briefly in a room then drift away with the wind to be lost forever.

Avatar
Silberengel 4mo ago

Most relays don't respect expiration tags, and hardly any clients add them. Many relays ignore deletes or are sloppy about them, and the public relays are usually completely obsessed with archiving every 👍🏻❤️🤪⚡ anyone ever posted ever.

Most normal users assume more "monumental" events like longform articles or publications/books will be maintained, at least in the medium-term, so they put The Important Stuff in them. They don't usually realize that ABSOLUTELY EVERYTHING is being logged, catalogued, and archived, so that it can get dug back up in 10 years, to get thrown in their face.

As soon as they realize this, and notice that no client has a delete button, they head for the exit. Universal event persistence is a protocol bug, not a feature.

f8
Deleted Account 4mo ago

100% agree with you on this. There is stuff worth archiving and then there is the 'sandpit' of everyday life where we want to experiment with life without non contextual 'blowback' in a decades time.

Is anyone working on this? It's a really distinction that you raise here.

f8
Deleted Account 4mo ago

'Important distinction' 🤪

Avatar
Silberengel 4mo ago

Our team at #Gitcitadel has been working on it. We just implemented our first expiring events and it feels good. 😂 Been wanting that so bad, for so long, fr.

I know that certain client designs (Amethyst, Jumble, Chachi, etc.) are increasingly focused on helping people take more control of their data, and some of the relay devs and admins are also passionate about this issue.

It's not hopeless, but it goes against the main propaganda and the core concept for the biggest clients.

Avatar
Daniel 4mo ago

Waiting for the day.

Avatar
Technical Debt 4mo ago

To be fair, the internet doesn’t have a delete button. There’s no solution for that.

Failure to acknowledge that leads to an endless cat-and-mouse game and feelings hurt.

Avatar
Danny, the cyber guy 4mo ago

The problem is that with the exception of cases where you only post your notes on private relays, where there isn't much reach by definition, there's no way to guarantee the note won't be broadcast somewhere else and stored till time immemorial

Avatar
Danny, the cyber guy 4mo ago

And to be clear, I'm all for that, I'm building private communities for a reason, but the average nostr user that only uses kind 1 clients may not want that

Avatar
Laeserin 4mo ago

We literally have a 98% defection rate. The average of the remainder is 1% of kind 1 client users.

They are happy with the status quo. Yes.

Avatar
Silberengel 4mo ago

Most people are not influencers and don't expect to have wide reach. And everyone knows that no deletion is guaranteed (any app can be screen-shotted or have entries exported over an API, that's not a unique concern of Nostr).

They want to talk to a larger or smaller subset of users, have lively discussions, occasionally meet new people, be assured that participants can all see their notes, and have the ability to delete or expire their notes.

We know this, for a fact, even with the most-rabidly enthusiastic of the current userbase, as we are almost all also using non-Nostr communication channels, like Discord, Telegram, SimpleX, Slack, etc. so that we can have that user experience.

Avatar
Danny, the cyber guy 4mo ago

I agree! And that's why I'm building community tools, I was just talking about kind 1 clients

Avatar
Neo ⚡️ 4mo ago

If they believe that X and other services actually delete their data, nothing can save them.

Avatar
Silberengel 4mo ago

Nobody believes that. Did you even read what I wrote?

Avatar
Hawk 4mo ago

Anything that you write for public view is persistent. It doesn't matter what protocol or service you use, and it definitely doesn't matter how many times you press the delete key. Once it's out, it's out, so think twice about how you identify (dox) yourself in every situation.

Avatar
purrs_for_Her 4mo ago

exactly, well put~!

there are no terms and agreements for nostr at the moment (as if we'd read them anyway lol) so many of us had no idea of the implications when we first started making notes.

this risk is amplified many times for women.

Avatar
Silberengel 4mo ago

Most of the people (men) running these projects have zero empathy with female users. They always see themselves as Rambo Revolutionary, and all they care about is making sure the EU can't delete their edgy Bitcoin memes.

That's all nice, and stuff, but preventing that does not solve for 99% of use cases, where people would rather have less event permanence, not more.

Avatar
purrs_for_Her 4mo ago

exactly. they essentially become no different than the state, hoarding information.

Avatar
Silberengel 4mo ago

The state also has full and immediate access to the information they store. It's like we're signing up to an NSA subscription.

At least we save the taxpayers the bother of running those big data centers. 😂

Avatar
Silberengel 4mo ago

Also, easiest way to break group encryption is to get yourself invited to a group. If a group never deletes anything from its relays, then someone added much later can see eeeevvvveeerrryyyttthhhiiinnnnhgg.

Avatar
purrs_for_Her 4mo ago

as guys, we don't really truly understand how devastating this kind of breach could be unless we have sisters or cousins or other loved ones who've had to deal with this kind of pyscho stalker behavior.

even then it's only from a second hand account...