Course he could. He could push an update with a sophisticated backdoor, any nostr dev could. That update gets past app review, your app auto-updates, adeiu to your key. Just because there is a commit in github, doesn't mean that code is what's in the IPA. This is not F-droid.
what? no, damus is open-source code running on your device, it's not under the control of anyone else
if nostr:nprofile1qqsr9cvzwc652r4m83d86ykplrnm9dg5gwdvzzn8ameanlvut35wy3gpzdmhxw309aex2mrp0yhx5c34x5hxxmmdqyxhwumn8ghj7mn0wvhxcmmvqyg8wumn8ghj7mn0wd68ytnvv9hxgpywa92 wanted to steal your key he would not be able to
Discussion
That is the same with any software.
Exactly. Except F-droid (mostly).
what does f-droid do differently
F-Droid's servers download the source from Github or Gitlab and compile it on their own server. APK is signed with a unique F-Droid key for that app. Third party can then reproduce the build, the two APKs should be byte-for-byte identical. They have a system where they show the results of these independent rebuilds, or a user can just rebuild it themselves. Gets a bit tricky if the app includes non-deterministic elements that make it hard to rebuild the same each time.
thats pretty cool
that's quite a lot of steps involving multiple people, likely to get caught and lead to real world consequences even if after the fact, at least it would destroy nostr:nprofile1qqsr9cvzwc652r4m83d86ykplrnm9dg5gwdvzzn8ameanlvut35wy3gpzdmhxw309aex2mrp0yhx5c34x5hxxmmdqyxhwumn8ghj7mn0wvhxcmmvqyg8wumn8ghj7mn0wd68ytnvv9hxgpywa92's reputation forever
very different from one employee from the homeserver hosting provider being tricked into giving access to the account of an important person to some malicious entity
like we have seen happen many times in every big platform
worse even is that someone can say something then claim it wasn't them later
lots of broken incentives you're missing
That just reinforces my point that pasted-in nsec security is reliant on social pressures and not technical ones.
everything is like that
but of course the technology plays a big role in it, you're just larping
Lol. No. Some things can be prevented by technical means and not fingers crossed he’s a nice guy means.
you're trying to imply that publishing a confidential message unencrypted but with a preamble that says "do not read" is exactly the same as using signal because signal could technically ship a compromised apk to you and leak your message
everything is social pressure and trust at some level
you're pretending to ignore that the levels of trust required are distinct
It's not though. On Nostr I operate under the assumption that someone already has my nsec, we all should do that. Because it's entirely possible. I bet at least one person has my nsec right now, maybe a few people. I'd never know. Nostr really does rely on social pressure so why bother trying to be secret?
But if I started again on Nostr and did only Frost and bunker and White Noise and all that, in that case it'd be different. That's still a really bad experience, so I'll wait. But the tech matters, you have to admit.
All good points in this thread, but i’ll still take a key i control over some rando server managed by someone else.
If you have lots of money tied to a key i probably wouldn’t use it in mobile apps that are hard to verify… i would read the source code and compile from source and just use notedeck.
Anyone not reading the source code and compiling it themselves has to trust someone, even in the keyserver case. The server case is even harder for people because people have phones, not computers with servers.
We are already lightyears ahead in comparison to legacy social media platforms and protocols, at least users have the ability to choose their risk tolerance levels with different clients. On legacy they can read your DMs and make posts on your behalf if they wanted to.
True. It's not only risk tolerance it's friction tolerance too.
Though to be fair I should give frost/igloo/bunkers and all that another go, maybe the experience is less friction-y than before. Try living on Nostr for a few weeks bunker only, see how it goes.