Close family member got cancer diagnosis today.

Life is precious and scarce.

Even if the protocol very strictly mandated, in NIP-01, from the very beginning of Nostr, that relays delete events upon request, how would you ever be sure that they do? Anyone can develop a relay that doesn't. You could argue that such relay wouldn't qualify, technically, as a "Nostr relay", but so what?

Also, even if everyone avoids such relays (how would you? They could just selectively refuse to delete some of the notes. They could even hide them for two years, just to trick you, then put them back online), anyone can build a Nostr archive which pulls from public relays, then publishes all notes and refuses to delete them.

You could rely on the law and sue such relays, but they can be in any country and/or behind a darknet.

> Nostr, as it is right now, is a permanent record that seeks to tie all of your apps and your coin transactions to one key pair.

Don't use it for anything related to "coins". Use it for things you want to stay published.

> Relays must use the protocol to participate in the network.

No, they do not have to. They can break the protocol in tactical ways that will still allow clients to interact with them.

> If the protocol requires honoring event deletion requests to participate in the network, then Nostr will have avoided this festering security and safety issue.

Absolutely not. You can just build a non-compliant relay.

In the context of security you *NEVER* assume that your "attacker" will comply with any rule whatsoever.

Every party gets to decide everything about their own behavior and you must act in a way which will be secure regardless of the ways in which others will act.

You can't "defend" yourself from "bad" relays by telling them to delete events. There is nothing you can do that will make them do so, unless they are well-meaning.

But even if all relays you use behave the exact way you want (which you can only know if they are run by parties you know and trust), anyone can and will do whatever it is that you hope won't happen: get on Nostr, fetch notes and publish them again, refusing to delete them.

If you aren't assuming someone *will* act against you, in the smartest way they could, you are not doing security.

Dumb tv, dumb fridge, dumb appliances, dumb car, dumb doors.

True story, looked at doors and it seems all doors are now “smart”. I’m like … where are the dumb doors? 😅

I mean the power available to do that from inside a hardware wallet is probably not gonna make it far enough for much anyone to do much with it, doubly so if you only have a relatively limited time to get it through before you run out of power.

is reasonable truth that Bitcoin is not a cryptocurrency?

When someone says Bitcoin is not crypto, I know they are just parroting something they don't understand.

Bitcoin uses cryptography to create digital currency. It is a cryptocurrency. Saying it's not is like saying air is not gas. Yes, many types of gas are toxic and dangerous.

When people say Bitcoin not crypto as their focus, it's like saying that for example a conference is about air and not the general category of gas. But that does not mean air is not a gas.

Bitcoin not crypto means that whoever says is focusing on this particular one, most of them think that other representatives of this category are junk, but this should not mean denying reality. Bitcoin is a cryptocurrency. Pretty good one, maybe even the best one. But a cryptocurrency.

And there are hacks to make other components work as antennas, so there it is again, the dependency on a clean firmware. But the range without a dedicated radio chip is considerably less, reducing the risk in theory for many users.

Well, I am a little afraid I loose control with multi sig 🥺

I'm just wondering if something like the AirTag infrastructure could be used for minimal power antennas. By Apple I'm pretty sure the answer is yes. All the phones are spying on us in more ways than we imagine.

In theory, but I’m not sure if you can transmit arbitrary messages over that without being Apple.

I wonder how you would pull that off. How small is the smallest GSM and how would it know when to strike as GSM is quite detectable. If it blares out its presence on every power-up, that hardware would make the news in a week. So ... scaling is a problem with GSM, too.

That’s not a scalable attack. In that model the attacker has to be kinda nearby when you use the HWW.

Unless it was compromised while shipping through Amazon/UPS/five factories in China ...

They bothered to implement anti-exfil (provably random nonces). This means that a malicious firmware or even malicious hardware wallet can’t steal your coin! For every other hardware wallet, you’re blindly trusting Amazon/UPS/five factories in China/the webserver you got the firmware from/etc/etc. The idea that none of these parties have anyone working there who might want to go steal people’s coin is absurd, frankly.