the comment of the day!

nah, just to study more and setup yourself with the best possible OpSec for your specific user case.

true

not easy but good OpSec

love it

no, at least not yet, just learn

ha! good catch, and an important one!

Today, after a long discussion about best OpSec practices I thought it will be nice to share with the Nostr community, and read what others have to say about it, There are many here in #Nostr that are #privacy advocates and believe they know enough, they use what they believe is a secure OpSec: 1. No corporate social networks, that includes LinkedIn or not sufficient decentralized ones (whatever that means for them). 2. No Messenger Chat app that requires a mobile phone number. 3. Linux of course; so they say; although the majority keep using iOS or Microsoft as their default OS... (I am guessing of course, but I am quite positive it is a good guess ... ). 4. A Pixel 7 or higher rooted with the right OS. 5. A VPN, one of the few that do not log (so they say) and you can pay cash or LN BTC or XMR. Most do this wrong BTW... 6. The right Private DNS, never a corporate one... 7. A private email address, so most will use Proton or Tuta... Odd how there are only few options with no KYC, if it is a niche, the fact that there are no more options is suspect, two companies only... they become a honeypot. 8. They use FOSS as much as possible for all their work and location apps. 9. GPS OFF as a norm. OpSec matters here, most people do this wrong. 10. A nonKYC eSIM with only data, few providers, silentlink being one of the favorites. 11. A powerful router with firewall and Pihole or adguard, plus built in support for VPN (most do this wrong) 12. Self hosted cloud, no commercial cloud never (most don't do this, they rely on the usual privacy oriented, the ones very well known, there are about 3...) Are you paying attention? 13. Their own BTC Node 14. A privacy oriented browser, there are not that many, Mullvad Browser, hardened with extension Firefox (requires work), hardened with extensions Brave. Most use the same extensions, for they are the recommend ones, Have you wondered why they are not built in already in the browsers? 14 Tor Browser for research, specially those that are devs or white hats... (no black or grey hats here, right...) 16. Keeping all your software and OS for all devices up to date, which is recurrent workload, failing to do that could lead to exploits and exposure to cybercrime. And more, but this is a simple summary. Now the best part: All of the above, makes you, in a way, a target, for your digital footprint is of a minority, easy to identify, you are decently informed and therefore you follow the same rules and use the same tools as the rest of a small tribe, a very distinct one, not that hard to identify with the right tools that constantly analyze metadata. Is there a better way? In my opinion, yes. 1. If you keep your current OpSec, study and do it right, most do it wrong and generally due to lack of discipline and endurance of the annoyance of cyber security, which is very inconvenient, end up being not only known targets but vulnerable high end targets. 2. To be part of the large noise made by the clueless normies is the optimal play but that is an OpSec very few will have the discipline, time and knowledge to do correctly. Won't discuss the know how here. Hire a #cybersecurity expert if you want this and don't know how is done. What are your thoughts? #asknostr

🚨 A federal jury awarded plaintiffs suing Google $425 million in damages, holding that by collecting the data of users who had switched off an app activity-tracking feature, the tech giant invaded the privacy of millions. More Google lies caught, but... 425 million dollars and all is well, they will keep doing it for sure. I wonder, How many times will take for true accountability? Problem is, there is not a real incentive for them to stop.

- LNVPN (https://lnvpn.net/) - encryptSIM (https://www.encryptsim.com/) both accept cryptocurrency payments (Bitcoin, Monero, etc.). Did you have a bad experience with Silent Link? Please share , IMO they are e excellent, never an issue.

Have to agree, in fact there are already clear signs this is building up, open source is fundamental for this to happen

This

Thanks! When the Android apk repository in Github?

This will be interesting...

Pretty much same results, waiting for new versions to test again. The current version, IMO shouldn't be in production. BTW, 0xChat already supports NIP-EE, only advantage I see is for groups, current implemented EE2E messages in Nostr is good enough.