Why is there spyware all over nostr and nostr dot com and njump dot me. And why do most of the devs simp for fiatjaf and benarc that put it there? Follow the money to get the clue:
Discussion
Spyware?
Yes, check your network tab, they send ip address and browsing history to shitcoin vcs without user consent. It's awful. Just pumping their bags imho. Worse still, they position these sites in the protocol area. Snowden's talk yesterday has inspired me to push back on non consentual privacy invasion.
I'll check it out. I had no idea...
From GPT:
The script collects and sends several types of information to a specified third-party endpoint. Here's a detailed breakdown of the information being sent:
Basic Tracking Information:
Website ID (website): A unique identifier for the website being tracked.
Hostname (hostname): The hostname of the website.
Screen Dimensions (screen): The screen width and height in the format width x height.
Language (language): The browser's language setting.
Page Title (title): The title of the current page.
URL (url): The URL of the current page.
Referrer (referrer): The URL of the referring page.
Tag (tag): An optional tag, if specified in the script attributes.
Event Tracking:
Event Name (name): The name of the event being tracked (e.g., click event).
Event Data (data): Additional data related to the event, if any.
Pageview Tracking:
Sends the same basic tracking information as above when a pageview occurs.
User Identification:
User Data (data): Information related to the user identification event.
nostr:npub10000003zmk89narqpczy4ff6rnuht2wu05na7kpnh3mak7z2tqzsv8vwqk nostr:npub180cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsyjh6w6
Yes, he has been complaining about this cyclically for months and the matter has already been clarified several times publicly, njump collects anonymous basic statistics to monitor the indexing of the site and to understand whether it is, and how, actually being used. For Umami, the choice was made not to use the classic Google Analytics, and thus to be as privacy-friendly as possible. If it is possible in the future, we will find an even more autonomous solution.
Given you have this info, how is njump used?
Will agree, GPT output useless at best. But I will argue "as privacy-friendly as possible" is an incomplete sentence. No analytics would be as privacy-friendly as possible, maybe watching server logs could even be bordering this.
None of my servers have anything but error logging enabled. I don't want a reason for the ABCs to be kicking in my door because I may have a record of someone visiting my site.
Just saying. I think we have a couple different factions here on nostr. Me, I'm on the side of extreme privacy. I hate that I have to run multiple condoms of dns filters, vpns, script blockers, cookie filters, privacy browsers, and get locked out of huge portions of the internet. I block Cloudflare and Google domains, with script and tracking protections I can see maybe 50% of the web, most search results are unusable because of all the tracking. I'm not comparing you to Cloudflare or Google, I'm simply frustrated by any fingerprinting systems (on some level is required in order to get unique visitor count), and want to speak out loud, and voice my concern for people who care about how fucked the web is and want providers to care too.
That being said, it's also fair not to load 3rd party scripts from CDNs as they can also often capture some information about the user that visits your site. Referers, origins, user-agents, Ips and the usual suspects. Maybe consider hosting the script on your own servers as a compromise too.
While personally I don't care for analytics. These scripts can't send your "browsing history" to the sever. The best they can do is try and guess where you can from if there is a ?referee= in the URL
Also looking at the list, this seems like the least invasive analytics script I've seen. Its common now for some of the more popular ones to track every click and keystroke
You’re not very bright are you?
Sorry that was rude of me. I need to learn to think before I speak. But it’s fairly insulting to those who work hard on the protocol to say they’re getting people with spyware, etc without doing your due diligence.
I'm sorry your evidence is ChatGPT output? Are you retarded?
Take what Melvin is saying with a heart attack inducing amount of salt.
Umami does NOT collect IP addresses or browsing history. It’s deliberately designed to not collect identifying personal information.
A lot of tracking stuff... https://builtwith.com/Njump.me
I don't see a problem with your screenshot though.
Ben has been transparent about the selling of the domain since at least one year...
njump is open source, has anyone built a fork without the tracking scripts?