DMT Dank Microwave Taco
Let’s take a trip on DMT. Welcome to the Dank Microwave Taco or DMT for short. Anything and everything goes in here. Be sure to share your experience on DMT with your friends, family and social media. @WiggleHard bans nothing and exiles nobody (Dont doxx wolfballs users, no posting of porn/nudes or foot fetish material unless it involves political scandals, no ads for sex sites or dating sites; do that on your own time, no solicitation for pyramid scams, no posting job advertisements unless from official job sites, no posts supporting pedophilia, not all love is love) also: (we cannot allow violations of the patriot act concerning how we speak, no calls for violence, suggesting you are personally harming someone ect. These things are not free speech protected by law but actually against the law and could get the website shut down.) (no spam posting, especially spam posting of what could be considered symbols of hate) examples: guy posting nazi flag 5 times in one day, guy posting “whitey is the devil over and over, im going to use my best judgement on this one rule)
view the rest of the comments
I actually think the tipping mechanism in nostr helps. It's so easy to send someone penny's people will start paying others to say nice things and that will attract more participation. But that could be used on any platform. What nostr solves is decentralized identities which solves deplatforming issues. The fediverse doesn't have any solutions to de-platforming. Because it never tried to solve that problem. When people realize that on both facebook and the fediverse when they are banned they lose all their followers but on nostr they don't I think they will understand the value of spending your time on nostr instead of the fediverse. Why would I invest years posting on a platform that can take away all my followers at a whim when I can instead do it on a platform where no one can? From a user's perspective nostr just destroys activity pub. From the perspective of someone wanting to control narrative it's a nightmare.
As for the deplatforming issues, I'd prefer carring my identity to various places.
In the lemmy case it's rough because they ban instances and identities are tied to instances.
If they have to kick me out, that's fine, I'll take my ID an go elsewhere. Same as if I enter a bar, start some fights, and I get banned.I just go to another bar and, if I have a following, they can go to. Not only can they go, they aren't banned from visiting the old bar again.
If people followed identites, rather than identities of an instance, we may have a solution. Which is why I like SSB, and, if I understand how it works correctly, why I wanted to like nostr.
The fediverse almost does this. I'd like to fire up my own pleroma identity, for example, and then vist other instances of the various parts of the fediverse and check them out, but I'm pretty sure I have to host all the data I view, which is not ideal.
That is exactly how nostr works. And is the main selling point of it. You request a public key from any relay and if that relay has it's data and is willing to share it you get it. Simple.
The fediverse does not do this at all. I'm not sure where you are getting at. They own your identity. Identities in the fediverse are 100% centralized.
Well, the idea that I can create my own pleroma instance, create an identity, and then go check out noagenda or whoever else's mastondon's and the like.
Even peertube iirc. Possibly diaspora?
At that point, blocking me or the instance is the same thing since I'd be the only one on the instance. However, these instances are a bit of pain to setup for the average person, especially if the only point is to create an idenity since that thousands of other people are willing to do it for you.
But yea, that's why I want to like nostr, mehbe someday a different client will work out for me, but with the way this stuff work out...It's usually not what Iwant.
I keep seeing this an as argument for the fediverse. But it really is not and i'll tell you why.
If everyone who used the fediverse hosted their own instance they would indeed have decentralized identities.
But they don't.
So in your example, yes you can create your instance and your identity will be separate from noagenda social. But what happens when noagenda social bans you?
Every single user on no agenda social is banned from seeing you.
This is fair. And i'm not married to nostr. I believe though in a year or two we should have a pretty solid solution. It's an ok mastodon and twitter alternative for now. Uses a lot of data though.
Yep, you've convinced me to give it another chance. I really should try out other clients, but android is what I usually use for reading, entertainment, etc.... I have plenty of other computers though, I have no excuse.
I wonder if there is a way to change a private key. Say, mine gets compromised, without creating a new account.
No private keys are sacred in nostr. Just like Bitcoin. You lose it you have to tell all your followers to re follow the new public key .
I was thinking like how with gpg you can sign a subkey, use that, if it is comprimised you can send something out saying that the key is compromise and painlessly switch over to a new subkey since the master is only used to confirm subkeys.
Like Keyserver notes that this pubkey is bad, in this case nodes, the keyserver also notes that there is a valid new pubkey and transfers it over.
I don't really understand that. Sounds like there needs to be some kinda central authority for that to work. I would have to read more about it. The guy who made nostr is really good with crypto stuff though. Someone said he was a core bitcoin developer.
As I recall back when I did gpg encrypted email.
You can create a master key. You use this master key to sign other keys.
Keep that master key super safe.
The subkey is what you use in general practice.
You upload your public keys to keyservers, which I believe is what happens with nostr nodes.
Your master key can revoke the subkeys at any time. This revocation is sent to keyservers and the public key is marked as invalid so other people don't trust it.
You then make a new subkey signed by your master key to prove it is still you, but with a new key, and upload that public key.
Now that's the key people use to encrypt data for you, as opposed to the old revoked one.
Now, I'm not sure exactly how it works either with the keyservers or nostr, but it seems like it should be doable. Have an air gaped master key that is only used to sign the keys you use day to day, and it's that master key's signature that is the verification of your identity.
Bonus points to this system, I can have five different nostr apps each create their own key. I could later verify all those keys with my master key to prove each of these different keys belong to the same identity. With that verification, if implemented of course, the noster nodes could link all the pub keys signed by the same master key to help people follow an identity across different types of content.
I know I'm somewhat confusing different points I was trying to make, but it should all be possible.
Ok so the masterkey and the key server are the central authority. You can implement the same thing in nostr. For example, someone could just manage your key for you. And you interact through a normal username and password. I'm sure those kinda service will come about.
Well, you do all this on the client side. It's just that the nodes would manage your pubkeys. (Which the might already do?)
If your key gets hijacked by someone, it's nice to be able to push a revocation certificate, if nothing else.
Well, what is the key server? It has to be a person, computer, blockchain. Something right?
Like a nostr node, anyone can set one up and they can share information with each other.
If you use Linux, you may notice that the keys are updated from time to time, that's your system contacting keyservers to get a copy of the public keys to verify package integrety.
But yea, they have a central authority, kinda, but really it's just a place for people to store their public keys so people can use it to verify cryptographically signed content, or encrypt data meant only for the owner of the key pair that the public key is attached to.
To me, it looks like nostr nodes do this, there's just nothing implemented yet to recover a hijacked key. Tom (if anyone remembers him) could get a following of 10k people, happen to lose control of his private key, and then we are back to the same problem of a central authority banning someone... Possibly even worse because, well, identity theft without a way to proove it.
At this point, at the very least, I'd like the owner of the private key (regular users) to be able to send a revocation certificate to a node which will flag this particular public key as compromised. Other nodes will see this and the flag will spread. Revocation certificats can only be made by someone with access to the private key. So we shouldn't have any censorship issues here.
tl;dr of everything I'm going on about here so far
I'd like nostr to implement a way for users to print out revocation certs, just like how we can backup our private keys, so that users have the ability to report compromised accounts to the nodes.
I'd also like there to be a system where we can recover from the above situation without having to start over and rebuild trust under a new identity. Such as having a backup key that can veryify a new key belongs to the person who's claiming it.
We already have a solution for all this, it's just a mater of nostr nodes supporting it.
Back up isn't really a problem atleast. You can access everyone's followers on nostr. Everything is public. Person to person messages are kept private with encryption. If you lose your PK though those all become public.
My problem lies with the identity theft and recovery.
It's the public followers I lose.
If Masterofballs says, "Hey, I lost my old key, this is my new one, everyone follow me!" How do I know you are you? How do I know that the identy was even lost? How do I trust you are who you say you are? Especially if someone else has your old key and is impersonating you? Or, mehbe this new account is the impersonator.
It's a real problem for someone trying to maintain some sort of identity, which, to greater or lessor extents, we all are.
If you just want to be anon, this system works well enough, but if you want to maintain your reputation... there are challanges we need to overcome.
Or, since I really don't know much about nostr, mehbe they are already working on this problem.
Trustless systems need to be robust.
I mean I know this isn't a answer for everyone but I maintain like wolfballs.com . And I can post my information there. domain names are reasonably anonymous and so far has not been attacked by censorship. Other than that, keep your shit secure I guess. But yeah I can see the value in increasing that security.
Yea, but how do I know you control that anymore either? Back to trusting central authorities, but that's certainly a way around the problem. Not a perfect way, but I can be reasonablly sure that Linus owns Linus Tech Tips, and if he says from there that his key leaked, it's probably true. But then again, his site has been hacked before. Heck, even then he has to convince everyone to follow his new key. That's no small task.
Keeping your shit secure is hard. I'm mostly using Android for this stuff at the moment and I have no trust that anything I do here is secure. Copying it to the clipboard, as these apps do, may be enough to have the key compromised.
And, maybe, I'd like to keep a copy of my key on my person via flash drive. Flash drives get lost sometimes. People get mugged. Even if my key is encrypted on the drive, I have to treat it as if it's compromised.
Or perhaps I have a print out in my files. Files get stolen sometimes. And for big time content creators, all threats increase as the keys are more valuable than some rando's.
So we have many software threat vectors and some physical ones. Mehbe my app gets compromised, they push an update, everyone's keys start getting yanked. It happens. We need disaster recovery options. Until we do, everyone's reputation on the system is at risk.
I'm not sure how much tipping helps. Do we have an evidence of it working before for a social network of sorts? I suppose there's twitch subs, superchats, and podcast 2.0 type things that seem to be working, but the traction really isn't there.
Well, and cam whores, but I don't think money people spend on sex translates well to other things.
If you think about it it helps drastically in content creation. Patreon and subscribe star have created whole businesses off the idea. If you get a little money for posting you will be more likely to post. That's why twitter is trying to bribe people to stay by paying top posters with money people have spent signing up for xeeter premium.
Yea, it's true that locals, rumble, and the one's you mention support content creators.
I was thinking on a smaller scale. Like, if I send you cash for a pleasant discussion rather than I send someone cash who is trying to appeal to be a content creator specifically for income.
It like directly goes to your nervous system. We are hard wired to repeat behavior that has rewards.
True, but often times, when we do something a lot of people enjoy, it's a chance happening. Unless we're hyperfocused on the point of making money in the first place, like designer bands and the like.