What are other nostr app developers and relay operators doing with regard to the UK Online Services Act?

Apparently there is no legal exception for open source or apps that are not connecting to servers you control or apps that are entirely encrypted and peer to peer.

Basically they want us to KYC anyone they think might be based in the UK, and implement content filters.

There seems to be no way to be in compliance in Nostr without limiting all connections to a single gateway relay the way Primal does, and with geo location, including blocking tor and vpn connections, and content analysis of all text and media.

Basically insanity which is completely counter to the entire Nostr project. I knew there was some of OSA coming but I hadn’t paid attention to it. None of us want to KYC our users or build a content filtering system. I mean how do we know if a post is about a knife? Yes we can’t have content about knives! Or how do we determine who considers content hateful?

ANDROID 16 BUILDS OF #GrapheneOS ARE NOW IN STABLE!

how being ND affects my career 🪿

(i always hesitate to self diagnose & refuse to speak for anyone else, but what i can talk about are my symptoms + how it shows up for me personally)

Recommend getting apps straight from their repos and bypassing the app stores with Obtainium:

Revolut insecurely checks the ro.boot.verifiedbootstate property and forbids it being yellow, which means a locked device with an aftermarket OS that's being cryptographically verified by the firmware. They permit it being orange, which means an unlocked device with any OS.

They're specifically banning having a device that's locked with an aftermarket OS rather than banning having an unlocked device or an aftermarket OS in general. Similarly, they're specifically banning the value `grapheneos` for ro.build.user/ro.build.host.

Having the verified boot state at orange is unsafe, it means verified boot is disabled. There is no verification of OS integrity after each boot and update. There is no protection against exploit persistence nor a threat choosing to push a malicious update that is not signed with the same key as the originally installed operating system.

Both of these things and other similar insecure, useless checks are being done by several different SDKs. Revolut's app is full of sketchy, insecure third party libraries. They certainly don't take security seriously as they claim in their message about banning GrapheneOS.

We've fixed both of the ways they're banning GrapheneOS for our next release. Since third party SDKs are what's being used to do it, our hope is that this fixes a few other poorly written banking/financial apps doing similar stuff to ban aftermarket operating systems.

These are the full set of changes fixing Revolut's ban on GrapheneOS:

What do y’all think about Stargate? Musk Bashes Trump’s New Stargate AI Initiative. Musk took to his X social media platform to poke holes in the Stargate AI infrastructure deal Trump announced at the White House on Tuesday, a private joint venture funded by American technology giants OpenAI and Oracle, Japan-based SoftBank and Emirati-based MGX investment firms. Musk escalated his criticism Wednesday afternoon, dubbing Stargate “fake” and calling Altman a “swindler.”

The Biden administration, the fdic, Elizabeth Warren, and the sec have been trying to kill Bitcoin and this Bull run for years.

They're doing one final shot before the most Bitcoin friendly administration the world has seen takes office.

Imo this confirms that Trump was planning to do an SBR