top | item 44925209

(no title)

paride5745 | 6 months ago

I’m confused.

What’s the point of the article?

How’s the author compromised by the Mossad?

What would the attack be?

discuss

Agreed it’s not a great article because it expects the reader to have context and a little imagination, but last I checked what the nostrilfolk were up to it was typical for a web app to ask for your private key (Nsec) and you’re just supposed to trust that app to take actions on your behalf (why nostr isn’t a browser extension that simply signs transactions clientside I don’t know)

So the attack vector is you change what you do once you get a nostridumbass to enter their nsec, Mossad is just mentioned as a catchall for potential attackers.

beefnugs|6 months ago

Seems like the age old ease of using a website, vs running your own copy of open source software after reading and understanding it in its entirety (unsolvable mess)

hackernudes|6 months ago

The article is about accessing a service (nostr) through a hosted web app. The domain or server that is hosting the app could be compromised and serve a bad app.

Posts on nostr use a key pair so when you see a post from foo you know it's the same foo you knew from last week. Also, posts are shared to and stored on multiple independent servers (called relays).

A compromised app could serve you fake posts or censor stuff.

unknown|6 months ago

[deleted]