Sunday, November 19, 2023

Pro/Con of Nostr Clients

Bitcoin tech is winning! Nostr is a decentralized social media protocol that allows for Bitcoin lightning tips. Because it’s decentralized, it allows for a variety of different clients. Some new users may be unaware of the privacy or security risks of different clients.

Here’s the Pro/Con of some Nostr Clients

Iris.to (website) Pro: Everyone has a web browser, so it’s easy for beginners to on-board. Simple easy layout. Con: They use CloudFlare, so do NOT let the website see your private key. You need to use the Flamingo browser extension to sign events because CloudFlare strips away httpS encryption. Without a browser extension, it should be treated like you’re handing your private key to the US government. You can’t view DMs using a browser extension only. Also CloudFlare will browser fingerprint you and block Tor.

Primal.net (website or mobile apps) Pro: Fast for Tor. I recommend this only for Tor browser. The reason it’s fast is because you’re not getting the content from each individual relay, but it’s aggregated to their database. Con: Primal’s model is closer to traditional social media, where they can censor content. Beyond using this for speed on Tor, it’s dangerous centralization.

Amethyst (Android) Pro: FOSS Android client in the F-Droid store that works on degoogled phones. Not only is the interface just like Twitter, but they added in “sealed sender” style DMs, similar to Signal to hide metadata. Con: Be aware that if you’re not using a degoogled phone, then Google and therefore the government can probably get your private key.

Gossip (desktop) Pro: This is what I’d use for famous or controversial influences with a high threat model. Desktop Linux is supported, and it’s programmed in Rust which could potentially add security against memory corruption for poorly vetted third party images downloaded off relays. Password lock on posting is good. Con: No sealed sender DMs yet. Hard to use. Tip: You want to first try Amethyst, then graduate to Gossip when you understand that you have to enter a relay where someone posts to find them. (hint: lookup their relays quickly on Tor via primal.net.)

Lume (Desktop) Pro: This is supposed to emulate Tweetdeck. Lots of features such as mapping relationships, good widgets for hashtags and topics. Password lock is good. Go for this on Microsoft Windows. Con: There’s still Linux bugs. I can’t recommend it for Linux, as I had issues. However, the developer has significantly improved Linux builds from just a few months ago, but it’s not there yet.

Damus Pro: iPhone Client for less tech-savvy users, very easy to on-board people and get started Con: Apple (and therefore the government) can probably get that private key, but again for the average person it’s ok.

This is reposted from Simplified Privacy’s Nostr feed: npub14slk4lshtylkrqg9z0dvng09gn58h88frvnax7uga3v0h25szj4qzjt5d6


No comments:

Post a Comment