Conversation

Notices

1. hyolobrika@berserker.town's status on Thursday, 06-Apr-2023 07:46:34 JST Hyolobrika

   The thing I like about #Nostr compared to #ActivityPub is it's secure by default. No need to put public keys in your bio and hope your admin doesn't MITM your conversations.

   • Disinformation Purveyor :verified_think: (thatguyoverthere@shitposter.club)'s status on Thursday, 06-Apr-2023 07:46:33 JST Disinformation Purveyor :verified_think:

     in reply to
     @Hyolobrika I just wish it wasn't so zap zap zap
   • silverpill (silverpill@mitra.social)'s status on Thursday, 06-Apr-2023 09:48:25 JST silverpill

     in reply to

     @Hyolobrika ActivityPub doesn't forbid client-side signing, as far as I know. You can sign activities with your own private key (see FEP-8b32) and POST them to your outbox. Instance admin won't be able to tamper with your message in any way.

   • silverpill (silverpill@mitra.social)'s status on Thursday, 06-Apr-2023 09:55:38 JST silverpill

     in reply to

     @Hyolobrika Other users can pull messages from your outbox. You can also have multiple outboxes, and POST to them from a single ActivityPub client.

   • silverpill (silverpill@mitra.social)'s status on Thursday, 06-Apr-2023 10:09:00 JST silverpill

     in reply to

     • mia

     @mia @Hyolobrika I'm certain that he can spin an instance, but for many people this task is insurmountable. So, one way or another, these concerns are going to be addressed. Either by ActivityPub devs, or by some other protocol.

   • mia (mia@freespeechextremist.com)'s status on Thursday, 06-Apr-2023 10:09:01 JST mia

     in reply to

     • silverpill
     @silverpill @Hyolobrika
     
     Hylo likes to concern troll, but he absolutely refuses to spin his own instance. Requires an infinite and unsatisfiable litany of concerns addressed though.
   • silverpill (silverpill@mitra.social)'s status on Thursday, 06-Apr-2023 22:05:08 JST silverpill

     in reply to

     • mia

     @Hyolobrika @mia FEP-c390 describes how to attach public key to user profile in a verifiable way. Clients might use this information to encrypt and decrypt messages.

     Admin still can replace your public key with some other key he controls. If we haven't met before and I don't know your real key, I would assume that communication channel is secure. But this attack vector likely exists in other systems too

   • hyolobrika@berserker.town's status on Thursday, 06-Apr-2023 22:05:09 JST Hyolobrika

     in reply to

     • silverpill
     • mia

     @mia
     I was thinking more about end-to-end encryption using public keys / contact info in bio, which isn't solved by just being self-hosted on my end as the admin of the other person's instance could still be MITMing.
     Also, isn't the other person still relying on their instance to verify my signature?

     Also, @silverpill's point about it not being feasible for everyone still stands regardless of if it's E2EE or signing. Communication is less useful the fewer people can do it and so the same goes for communication privacy and security.
     This needs a more general solution.

     That being said, I am planning on making my own instance one of these days for various reasons.
     I guess what's stopping me is partly perfectionism (I want it to be home-hosted and I can't get my RPis to boot up consistently) and partly I haven't gotten around to it (I haven't even gotten around to getting a new PC yet; I'm using a smartphone right now).
     The latter is probably ADHD lol.
     Also, if I'm not hosting on my own hardware, I'm just trusting my VPS provider instead of my instance admin, which doesn't change much.