Nostr Web Client

Of course if all eggs are in the same basket and all accounts and keys are compromised, nothing can be done but you're just gaslightning me with a worst possible scenario.

Even in that case, 3rd party curation is at least marginally better since another set of eyes has to vet each release. Yes, it's certainly less censorship resistant, but a tradeoff is a tradeoff.

Vitor Pamplona 1y ago

Makes sense, but I am not sure if the trade off is that much. In the PlayStore, you have to TRUST Google to not fuck around in first-time installs. There is no first install check in the PlayStore as well for those attack vectors.

Reply to this note

Please Login to reply.

Discussion

Optimism 1y ago

#[1]

✅ Optimism Airdrop Round 2 Is Live!

👉 https://telegra.ph/op-01-26-2 Claim your free $OP.

sommerfeld 1y ago

Have you heard of https://github.com/soupslurpr/AppVerifier ?

It's at least an attempt to have a sort of community run trusted attested developer keyring. Obtainium was considering some kind of integration

sommerfeld 1y ago

Like I said, trusting Google/Fdroid to attest first time installs is arguably better (securitywise) than expecting common users to attest each app vendor individually.