People have predispositions. That doesn't mean you can't overcome them. It will just take longer. I think time is the only real limit.
I think it's possible to become good at everything. I think there's no limit to how much you can learn. People think if you learn one thing you can't learn another thing. Not with that mindset you can't.
One last thing. I'm always tempted to blame these online interference things on foreign nation trolls. But more and more as I'm proven wrong, I realize the call is coming from inside the house.
Also, this has lead people on Reddit and TikTok to believe this is in fact a popular opinion that spans political divides, when the reality is that the vast (silent) majority of people probably have no clue how the world works, and just think killing is wrong under all circumstances because Jesus said so, and two wrongs don't make a right, etc.
Conservative commentators like Ben Shapiro will see this as an opportunity to "call out Liberal hypocrisy" and ensure people stay divided, I guarantee you. Libtards just can't see that yet.
Nothing ever happens? Something ever happens.
I have a paranoid delusional theory about the United Healthcare CEO. It stems from cognitive biases such as "jumping to conclusions," so take it with a grain of salt, but I like to share my thoughts so here we go.
The killer is legit, American citizen, denied healthcare etc.
However, the initial online reaction to him was almost entirely fabricated by internet trolls seeking to divide the United States.
But they struck a chord, and now many Americans are on board with a violent revolution. This is exactly what the trolls want.
Would a violent revolution harm us more than it helps us? It's hard to say. But if internet trolls are pushing us into it, they will be prepared to sabotage it at every step to ensure the worst possible outcome for everyone.
See: https://gitlab.com/soapbox-pub/soapbox/-/issues/1599#note_2216625667
Sadly it's a failure of web browsers.
What the fuck
Starting the day off right with everything crashing and burning around me.
Well that was fun, here it is: https://gitlab.com/alexgleason/nostr-http-signer
I was thorough in the README so give it a read.
I wasn't very focused today anyway so maybe I'll invent an HTTP signer real quick as a research project.
Run `nak req --stream eclipse.pub/relay` and you will see there is no limit to the speed of relay messages
I think the main performance bottleneck would be CPU usage due to signing events. The NSecSigner itself (from Nostrify, used in knox) is benchmarked. I think you should be fine with it. But when I need much high performance I will throw together a wasm signer like this one: https://gitlab.com/soapbox-pub/eclipse/-/blob/main/src/NSecSignerWasm.ts?ref_type=heads We could switch knox to that if needed, as well as distribute load across multiple cores. It would need modifications, but I still think you're unlikely to hit that limit.
It sounds like what you want is actually an HTTP signer, not knox. I started working on something like that for the Mostr bridge a while back but never finished it. The idea being that you leverage firewalls and local network security so this thing is only accessible to internal services, then they can just POST to it from your services without authorization to get events.
I also disallowed ws:// as security precaution. If you connect to localhost for example, and then move the bunkerfile to another computer, "localhost" now refers to the new computer and not the old one. You could say that's what it's supposed to do, but I have taken an abundance of caution to prevent potential footguns.
Can you explain more about your setup and what you're trying to do? Are you trying to use this for custodial auth? If it's just for yourself, there are other solutions.
I thought this through (specifically systemd support) and made a deliberate choice not to support it. I'm running in a `screen` session. It's been working like that for me for a month, and this is what I recommend.
But I hadn't heard of "systemd-ask-password" before, and I'm still not sure how to do it or if it does what I expect.
The attack surface of knox is filesystem access and direct memory access. To protect against filesystem access, the user must enter a password every time knox starts. If you store the password in plaintext on the filesystem, you have negated the FS security because an attacker who gains access to the filesystem can now access both the file and the secret. It's similar to not using encryption at all.
It doesn't need systemd. It should never crash. Having to manually restart start it again if the whole server restarts is a small price to pay for security. But it would be nice if it could integrate with systemctl and journalctl. So how does systemd-ask-password work? Does it save the password in plaintext, or does it prompt you?
Fuck Oracle. I love that you're doing this. We need more activism in Open Source.
The truly interesting difference is in authentication.
In traditional servers, OAuth tokens are used to protect database write access, because all the rules of the app are made up and stored in the database itself. So the database itself is the "protected resource".
On Nostr, the database is public and open. It has no fantasies, just data. The "protected resource" is actually the user's private key. So authentication is reversed. The server demands authorization from the client rather than vice-versa. Truly mind blowing for anyone stuck in web dev for the past 20 years.
This guy almost gets Nostr.
