Replying to Avatar Javier

I am fully sold in nostr. BUT, people are acting like you can't loose your identity and being hijacked...I have zero ability to fully control Internet providers, clients and dns's...there is no way to know if you have a keyboard logger, or a client miss use your nsecs.

I think we do need to do our best to keep keys secure, and plenty of cold backups. I am super confident on mine.

But we need a way to burn original nsec amd replace with some sort of backup and redundancy.

The whole idea of nostr being your identity and reputation falls apart when you actually are hijacked by nation state agency or something and your digital identity(nsec) taken from you. You always havr a way with your real physical identity to be in one place at a time and provee who you are. Up to this time there are no clones, until then. The digital and physical identity are still distance apart from a security stand point.

I will love to see nostr trying to find a way give key users a way to reclaim digital identity (ay least a limited amount of burner keys).

People always dismiss this worry as "they just don't know how to protect their keys" but the cybersecurity aspect and compromise current Internet infrastructure is beyond most people.

My two cents 😅😅. Love the work you are doing!
Avatar
charek 10mo ago

I would counter, optimistically, that NOSTR allows anyone to have any number of identities. One being hacked does not mean that all are lost, more can be made, and old content remains accessible!

Reply to this note

Please Login to reply.

Discussion

Avatar
Tim Bouma 10mo ago

Agree. What I am designing with #nostr #safebox, each component has its own nostr identity (nsec). As you say, your ‘identity’ does not distill down to a single nsec - you can have many.

Avatar
Javier 10mo ago

Yes this is definitely a pro and not a con.

Specially if it's a anonymous acct.

I have seen some real identity ones, that granted they fair and square loose their keys because poor management , start over. It's not ideal, but it's better than nothing, or trusting another big platform.

I just think the problem of impersonation by bigger players with cyber skills taking over real identity accts is a real one that, if solved, will give even more of an edge to nostr. Still what you say remains an option, no body is limiting me to create some other back up accts in case main one get hacked.