• Note: “relay” is the nostr term while “instance” is the AP/Mastodon/Lemmy term. They are functionally very similar and offer the same abilities to ban annoying users from “public square” type spaces. Moderation works identically.
  • In AP/mastodon/lemmy you are connected to one “main instance” and then connect to other instances “through” that instance. In nostr, you are typically connected to multiple relays and access content more directly.
  • Nostr is an underlying protocol like AP is for Mastodon/Lemmy. The main use of nostr currently is as a twitter/mastodon clone, but it has other interfaces as well (calendaring, video sharing, etc) that I am less familiar with.
  • Both networks are decentralized in nature

AP/Mastodon/Lemmy

  • Instance admins on your instance and the instance of the user you are DMing can read your DMs, block them, or modify them without your knowledge or the knowledge of the receiving user
  • If your instance goes down, so does your access to the wider network. It will take your DMs with it, and your identity.

Nostr

  • Relays cannot read the content of your DMs as they are encrypted. They can only see that user A is DMing user B and approximate DM size. (This upgrade reduces that visibility further)
  • Relays cannot manipulate DMs as they are encrypted and will fail a signature check
  • No relay can prevent you from DMing another user as your client will automatically route the DM through another relay (unless that user has blocked you, which they can do).
  • You can receive DMs from anybody as long as one relay lets your DM through (and you are usually connected to several)
  • Your DMs and other content is replicated across multiple relays. Downed relay? No problem. You don’t lose your content or your identity as your identity is a private/public keypair not “user @ instance dot com”

Bluesky

Idk anybody care to fill this section in?

Image source: nostr post

  • Zagorath@aussie.zone
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    2
    ·
    7 months ago

    Lemmy is absolute garbage on privacy

    I mean, yeah, it is. But that’s because privacy is not what it’s trying to do. If anything, privacy is fundamentally antithetical to what it does. Saying “Lemmy is garbage on privacy” is a bit like saying “Microsoft Word is a terrible IDE”.

    • DavidGarcia@feddit.nl
      link
      fedilink
      arrow-up
      2
      arrow-down
      6
      ·
      7 months ago

      It doesn’t have to be.

      You could keep the general structure and functioning while improving privacy.

      For example, by obfuscating post history, anonymous posting or assigning a user pseudonym per instance/community, auto-deleting old posts/comments. All optional features of course. Let instances/communites decide which of these features they want.

      Keep the structure of Lemmy with it’s Reddit-like-ness and instances, but give users, instances and communities more control over data privacy.

      Sure it’s harder to implement, you need some minimal-knowledge reputation system, but there is nothing fundamental preventing that from being possible.

      The nice thing about federation is that one instance/community can stay the same data-leaking privacy mess, if they so prefer. While others could operate analogous to 4-chan (or anything in between).

      • SorteKanin@feddit.dk
        link
        fedilink
        arrow-up
        4
        arrow-down
        2
        ·
        edit-2
        7 months ago

        obfuscating post history, anonymous posting or assigning a user pseudonym per instance/community

        These suggestions sound like a moderation nightmare. This is definitely not desirable.

        • DavidGarcia@feddit.nl
          link
          fedilink
          arrow-up
          2
          arrow-down
          1
          ·
          7 months ago

          That’s the point of the repuation system.

          It’s a very hard problem, I’ll give you that.

          What you need is, each instance and community collects reputation in the federation. then users posting on those instances can collect reputation on those. basically by not being banned or massively downvoted. Your reputation is weighted by the reputation of each you collected it from instance.

          Each users identity is tied to some key that collects reputation, that you generate new identities from from for each instance/community/post. Like how some credit card services give you a new credit card number for each new website.

          Admins don’t know who you are, but they can see and verify your reputation.

          Then instance/community admins can decide if they want a different weighting. For example, to completely disregard the reputation by some instance or make one you like 10x more important.

          You could get an ordered list of posts or pseudonymous users based on the reputation. Untrustworthy users will glow like a christmas tree.

          That would be one way to do it. It’s hard to make it water tight, but any improvements would be better than the current fediworse.