I was talking with my friend about #Mitnick's death (my friend is a sort of hacker too) and he asked an interesting question: Do you know how many honeypot relays are on Nostr? I said I don't know and I don't care because I always use VPN. But he said a lot of people not... 👀 (He said this with an interesting smile, but he didn't want to disclose any more information) Please use a good VPN service, it's not so expensive. 🙏🤙
Discussion
No vpn works here, they've blocked them all.
Ubless you are expert and can configure some for yourself
This note just makes me want to delete and not use nostr anymore because from the sound of it any social media and yes this is social media is definitely not safe and has definitely no privacy.. really considering no social media completely. I use VPN and all that and password 16 characters all that but still man fuck this internet shit lmao
Unless you go completely offline, Nostr is way better without VPN than any other social platform with VPN. The hidden cookies are some really evil stuff...
Which VPNs are “good”?
iVPN and Mullvad. Maybe Proton, but still I don't trust in any of their services.
Thanks nostr:npub1ww8kjxz2akn82qptdpl7glywnchhkx3x04hez3d3rye397turrhssenvtp
Why is Proton on the naughty list?
Simply just imagine that a service like Proton (Mail, VPN) can work freely without any government intervention when any other privacy focused service is constantly attacked. I think it must be a honeypot, but of course I can't prove it. Anyway my default assumption is that anything written in an E-mail somehow, sometimes can go public... That's why I never use it for sending confidential information.
The thing about the Bitcoin rabbit hole is it pulls you down the rabbit hole of freedom tech.
The thing about freedom tech is you’re battling hydra.
The one you build yourself to confirm no-log and pay for the hosting with a privacy coin or cash
Is it fair to look at this like having bitcoin?
Once someone knows your self hosted VPN all your activity is doxxed because it’s not “mixed” with others whereas with Mullvad and others you can move to another server?
It depends. OpSec is everything with self-hosted. If done correctly, no one could trace back to you in the first place. This would be done in conjunction with a "bulletproof host."
Whereas, the for-profit VPN provider who may take connection logs and if you didn't obfuscate your payment method knows you from that. Not to mention, they hold your private key and could decrypt the traffic. A lot of trust. Corporations always lie.
Does this fit the bill?
OPNSense Firewall running Wireguard VPN connecting to private VPS?
Yea good, how was the VPS paid for? Hopefully with a privacy coin or if you used Bitcoin you could coinjoin it to help conceal it came from you. I've personally been liking Safing.io Portmaster SPN, which is its own onion router. I've contributed nodes to the network and have my entry nodes configured to my own, so I know the transit and exit nodes will definitely not know who I am. Only my own nodes will see my true connecting location, but I've ensured they do no logging of any kind. But that's just me, not claiming it's perfect or anything.
Interesting I’ve never heard of an SPN. Did you use a VPN before. I see a lot of pros vs VPN. As a user what have been the cons vs VPN?
Let's say there is a "honeypot relay". Beyond capturing the IP in access logs and trying to match that to an event timestamp, what more would be a concern? I'd just treat any relay the same as any clearnet service, like an ISP. Except the relay is only seeing a fraction of what you're do as it's only notes. If anything, I'd be more paranoid of the VPN provider...
I would never trust my ISP mostly because I know how they handle my data (have friends there) when they receive a simple E-mail (not a warrant) from my government. But I know for sure that in other (2-3) countries the routine is the same. They just simply give out bulk data based on any governmental request.