Replying to Avatar rabble

Permanence in social media is a bug not a feature.

This is why we added a expiration date to posts from nos.social.
Avatar
Ben Arc 2y ago

Social media that pretends to be conversational, but messages are permanent, relies on surveillance capitalism for server costs, and empowers obnoxious people who don't care about unthoughtful comments lasting forever. They appear more "real" on twitter, as the rest of us treat posts as a permanent publishing platform

nostr:nevent1qqs82x3kyfgpm9fjs6ctrwsdu4h8e87vyqkuf06stsjlp25p427c5lspz3mhxue69uhhyetvv9ujumn0wd68ytnzvupzqak8r2hr5jglrk0wc37t59lz98x6gyf6pwaku6hpwakhvslznjh6qvzqqqqqqynjxe4g

Reply to this note

Please Login to reply.

Discussion

Avatar
CB 2y ago

Shouldn’t we consider all posts permanent until webs of trust develop in private channels. A new user may have a false sense of security thinking something isn’t permanent. It’s out there, and will be collected if it can be collected.

Sort of presses on a need for private torrents/galaxies/channels so people can distinguish the difference. Public commons vs encrypted webs of trust.

TTLs would be extremely useful! They just don’t protect against surveillance and to some extent permanency.

Avatar
rabble 2y ago

I agree we need real private messages and groups.

I’ve looked at lots of ways to do this and I believe this is most promising.

https://p2panda.org/specification/encryption

We’ll need to figure out how for clients to store a set of keys for the groups they’re in. We can do it by encrypting a key collection in an event for the client itself.

MLS is a pretty well thought out of way of doing encrypted groups. In particular p2panda has found a way to do it in a decentralized architecture where the servers simply are dumb data stores like exists with nostr.

From the notes:

Private groups with Sender Ratchet Secrets

Ephemeral AEAD secrets, derived from MLS Secret Tree of current group epoch, used on a per-message base, gives Forward Secrecy (FS) and Post-Compromise Security (PCS).

Advantages:

* Provides strong security for any size of group, even very large groups

* Every message is encrypted with an individual key, attackers will not be able to read past data or future data when a key got compromised

Disadvantages:

* Members joining a group later will not be able to decrypt past data

* Clients have to store decrypted messages somewhere on their end as keys get useless soon

Avatar
CB 2y ago

🔥 Now I feel like I’ll sleep well. Pretty remarkable environment. Nostr is a whole other Wittgensteinian language-game. 🤯

You all are amazing!