Their collection of foss (pear i think they call it) is cool. Keet the app is the issue
Keet shares users data with the government. Can you prove me wrong?
Very sus why they never open source it. They are related to Tether who work with the american feds
I'm sure I read somewhere that it was ridiculously low
GM frens βοΈ
Nah, nostr can be good at private things too. Why not? It's a matter of putting in the work
Not sure, is there a way to prove that Keet does not share DMs with third parties?
nostr:npub1m4ny6hjqzepn4rxknuq94c2gpqzr29ufkkw7ttcxyak7v43n6vvsajc2jl are you guys going through with that horrible encoding for 30040? please please please, can you guys switch to tags? decoding json twice is so horrible it hurts my feelings
decoding json twice should be illegal
justo nos quedamos sin tele, sabes online por donde lo pasan?
cease and resist π
Any reasonable product designer will target people who willingly want to use the tool first and try to make it easier for others on the fence.
It's certainly a nuanced discussion and there are tradeoffs. Is making it normie-friendly making it less effective as a freedom tool?
100%. There are a ton of great people out there that probably agree with our principles yet are unaware of freedom tech, or simply is not top priority for them, or not the right moment.
Is my aunt a stupid zombie? I want to think she is not. She understands the principles and ONLY after being banned by Instagram she started to listen what I say about nostr.
nostr:note1unh7nzq6wz84h7mmzh5yygcqqhalck6cn2xg8wyfa4ysnqq5tq0sxatz8s
I'm trying my best to build freedom tech with the masses in mind (and even nerds deserve good UX)
Doesn't mean I care if the masses never arrive
nostr:note1l4exfk3yqfaqr7ck5uqhm4vm07ak4lkf58qdgwfamfsgv4jhafdqpl3rr8
Completely agree on fuck mass adoption (or I should say aiming for it) and meanwhile completely disagree on remaining lazy with UX. I'm a nerd and want beautiful easy to use tools
Aside from all the shitcoinery, is there anything remotely interesting happening in the web3 world?
This is a good point.
Besides key rotation maybe we should be signing in with derived keys? nostr:npub1gzuushllat7pet0ccv9yuhygvc8ldeyhrgxuwg744dn5khnpk3gs3ea5ds still working on that?
That's where OS permissions and software like opensnitch etc can help too
Sure. But besides reproducible builds it's impossible to know if the build is not manipulating the source code. So you got to trust the dev and the build environment
We're definitely interested in being a curator and in fact we already are one (plan is with time to allow other relays and curators). We'll see how everything plays out, for sure there will be tons of developers that will not sign their apps and curators will have to in their place. I don't really like F-Droid's model for non-reproducible builds, I'd rather pull the dev build with their own certificate and stamp a nostr signature on it. Step by step π
Totally. I am not persuaded about zap.store issuing app profiles. Let's say I want to recommend Mutiny Wallet and you follow Mutiny and zap.store... which one are you going to install? What happens when you have multiple curators vouching for Mutiny? To me, the signer is always the dev and then we can overlay trust attestations, badges, external service providers attestations β a DVM market/reputation will emerge for these kind of things
Sure, it's all about striking the cathedral/bazaar sweet spot. Can't something like FROST solve this or do we need to bake it in now? A few weeks ago nostr:npub18z6qteykzjp4czp6uypnnrz3qv2u8gpkdnazwy2ejhneayj9zpvqzvn6df posted videos showing nostr multisig
nostr:npub12vkcxr0luzwp8e673v29eqjhrr7p9vqq8asav85swaepclllj09sylpugg web has the nicest UI but just slow and buggy. They also force media through their CDN that most of the time is slower than the original host. (Sorry I live at the south end of the world)
Nostrudel, especially with nostr-relay-tray, has way better UX. Any plans for nostrudel to be themed nostr:npub1ye5ptcxfyyxl5vjvdjar2ua3f0hynkjzpx552mu5snj3qmx5pzjscpknpr ?
Should zap.store be listed as maintainer of a project? Probably not. We're solving that in a different way: curators. Curators leverage their reputation and create lists and other nostr primitives to recommend apps. I would choose to install an app signed by a random developer but curated by two of my friends
Yes I fully agree, this can definitely become a problem. I think though we're stepping on premature optimization territory. We can always add/migrate to the maintainers tag later if it ever becomes necessary, right?
I think the quote is making a more general point
h/t nostr:npub1dtgg8yk3h23ldlm6jsy79tz723p4sun9mz62tqwxqe7c363szkzqm8up6m. I was not aware of this quote and can't be more true
"If you kill a cockroach you are a hero, if you kill a butterfly, you are evil. Morals have aesthetic criteria." β Friedrich Nietzsche
Definitely agree that attestations can't be placed on mutable events.
> What if the author accidentally included a binary from the previous release? the hashed file would still have trust attestations attached.
Doesn't this go against your point? If the author accidentally points to a wrong binary in a mutable release set event, they can update it.
A user cares about finding an attestation for the actual thing they're installing.