I'm not sure how you reach the conclusion but it's plain wrong. It's like you want this to be the case.
Discussion
Picture this. Let's say you make formstr use Tor exit notes in a way that makes it impossible for any relay to track your user. Great. Formstr is now truly private. But you sold Nostr itself as private, not formstr.
Then your user switches over to another form client that doesn't use Tor and now all his privacy is gone. They will blame the protocol, nostr itself, for leaking their data and will never use any other nostr tool ever again.
The protocol cannot guarantee privacy. Only formstr, as a product, can. We cannot lie to users or it will bite us in the ass.
Yes, let's not say that nostr guarantees your privacy, that would be stupid and a lie.
But saying nostr IS a tool with which you can preserve your privacy is definitely a true statement which should be spread.
When you say nostr is inherently not private you make both these statements false, and that's my entire pain point.
this thread is so funny to me, #only on nostr
the entire internet is not private. including tor. so singling out nostr, yeah can you see how this is not a good marketing technique 😂
poor nostr. we are all too smart for our own good. gg vc funds. 😅
Constant bickering between devs is what will bring Nostr to the masses 🚀🌝
The bickering is what keeps this place minimally acceptable to me. Otherwise, we would have been run over by false promises a long time ago.
Best part of nostr
I think what nostr:nprofile1qqsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqpzamhxue69uhhv6t5daezumn0wd68yvfwvdhk6tcpz9mhxue69uhkummnw3ezuamfdejj7qgswaehxw309ahx7um5wghx6mmd9u2mk7fe is saying is for a normie to 'trust' a nostr relay provider, the relay provider must be a doxxed liable company that promises not to share your IP address with anyone unless they're under duress.
And then if they are under duress, they have a proper canary EULA that can be taken down on a deadman's switch.
If that's what customers want, I can update the EULAs in my next release of relay.tools as we are already mostly there. ⚡zap it if you like it.
Not really. I don't trust single companies to not track things. It is better when they do put that into the eula, but It won't make me call them a privacy tool. I don't trust Signal or SimpleX and in that way I don't call them privacy tool. I think every company will succumb to the desires of the state and trust none of them can truly make things private.
To me, privacy is implemented mostly by Clients through scrambling the transport and application data to "private" relays as much as possible and in ways that there is no way to disable it.
huh, well, sorry to say that technology does not exist.
Agree. But I don't think it is impossible to build. Just that nobody has found a good way yet.
Most of the companies that tried failed not because it was impossible but because it is very difficult to resist the incentives against it.
nostr differs from how similar services on the internet work in that the data is both much public and distributed across servers run by different people. Any one of those server operators could potentially try to violate user privacy.
It's not really singling out nostr, just stating facts.
true. although nostr is still a service where we can hope is decentralized enough to still be allowed to even use vpn.. bigtech services are all implementing vpn blocklists, tearing down that last semblance of privacy. (and cloudflare fogettaboutit)
Also you can just encrypt stuff, in a way that it's impossible for even relays to know who is whom, as long as you use a VPN. I don't think why we are deliberately underselling this, probably because it doesn't meet an imaginary gold standard.
Disagree. Nostr is in itself not private. Like all other tools that are not private, but can be if used in the correct way.
What other tool?
The fact that it defines permissionless cryptographic keys for ownership is the inherent property that makes privacy with nostr even possible, I see no other equivalent.
Which makes it all the more important for us to recommend it to people in search for it, albeit with the necessary caveats.
That doesn't make much sense. There are tons of protocols that define cryptographic keys for ownership. You could use any of them to build a privacy-first stack. Nostr has a lot of benefits over them for other things, but in the privacy realm it doesn't really add much compared to these other protocols.
Maybe, but that is all you need to build a verifiable, open, privacy stack, and it is an inherent property of nostr. I think we've reached the point in discussion where we're just arguing semantics, which is fine. I can agree to disagree here.
But that's like saying a hotel lobby IS a place in which you can have private conversations. Ok that's true, you can both put on a disguise and hold up newspapers, or get lost in the crowd, nobody will know.
But it's still a hotel lobby, designed as a hotel lobby.