- Note: “relay” is the nostr term while “instance” is the AP/Mastodon/Lemmy term. They are functionally very similar and offer the same abilities to ban annoying users from “public square” type spaces. Moderation works identically.
- In AP/mastodon/lemmy you are connected to one “main instance” and then connect to other instances “through” that instance. In nostr, you are typically connected to multiple relays and access content more directly.
- Nostr is an underlying protocol like AP is for Mastodon/Lemmy. The main use of nostr currently is as a twitter/mastodon clone, but it has other interfaces as well (calendaring, video sharing, etc) that I am less familiar with.
- Both networks are decentralized in nature
AP/Mastodon/Lemmy
- Instance admins on your instance and the instance of the user you are DMing can read your DMs, block them, or modify them without your knowledge or the knowledge of the receiving user
- If your instance goes down, so does your access to the wider network. It will take your DMs with it, and your identity.
Nostr
- Relays cannot read the content of your DMs as they are encrypted. They can only see that user A is DMing user B and approximate DM size. (This upgrade reduces that visibility further)
- Relays cannot manipulate DMs as they are encrypted and will fail a signature check
- No relay can prevent you from DMing another user as your client will automatically route the DM through another relay (unless that user has blocked you, which they can do).
- You can receive DMs from anybody as long as one relay lets your DM through (and you are usually connected to several)
- Your DMs and other content is replicated across multiple relays. Downed relay? No problem. You don’t lose your content or your identity as your identity is a private/public keypair not “user @ instance dot com”
Bluesky
Idk anybody care to fill this section in?
Image source: nostr post
You must log in or register to comment.
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 57 users / day
- 383 users / week
- 1.5K users / month
- 5.7K users / 6 months
- 1 subscriber
- 2.97K Posts
- 74.6K Comments
- Modlog
DMs aren’t as relevant in Lemmy so I get why securing them isn’t a priority, but in Mastodon or any twitter clone it seems like a relevant feature I’d like to have some security/privacy with. Instance admins, and anybody who breaks into their server, being able to see all DMs seems like a security flaw that should be engineered away. Even Facebook, the place with the worst privacy, has E2E encryption (or so they claim, who really knows)
Direct messages shouldn’t be private. It’s just a person commenting to another person rather than to a post. It should be possible, and the default that conversations are public.
If you want privacy, use private messages
I think there was a E2E spec being worked on with Activity Pub. I’m not sure what happened to it.