GA Nostr. I wonder what the eventual implications of this are for folks running personal relays like HAVEN.
I mean, I run a pretty clean and heavily moderated set of relays myself… No porn, self-harm content or anything of the sort.
One good thing about Nostr is that nobody has ever tagged me in any such content on Nostr (For those who say I’m unfair to Nostr: this has happened to me on the Fediverse… once… but still, it didn). If I were ever tagged by someone posting that kind of material, they'd be booted from my WoT pronto, and their content would of course be deleted from my relays.
Still, the question remains: do I need to implement any form of age checking right now? And even if not, if the UK government (or any other) decides that personal relays need to enforce age verification, what should we actually do?
Only the owner of the relay can write to the Outbox relay, so that should be fine (I think? Right?). Just don’t post stupid stuff. But what about the Inbox? How do we “age check” a bunch of bots and maybe a couple dozen people, most of whom are using pseudonyms and, let’s be honest, are unlikely to cooperate? Should I just give users a flag to disable the Inbox relay?
I have absolutely no idea what to do, or even whether this affects personal relays at all.
nostr:nevent1qqsd94dtg2tfjev3pfjg2q9h5e9ty7p5ta4yuur3htwgjwjd3lnk9cspzpmhxue69uhkummnw3ezumt0d5hsyg8ayz8w3j8jsduq492j39hysg7vnhrtl4zzqcugj4m3q62qlkf8cypsgqqqqqqst5dtuv
#GM #UKOnlineSafetyAct #haven #relay #personalRelay #ageVerification
In terms of what would hold up in court, I really can't say. I don’t want to sound too relaxed, nor do I want to paint too much of a dystopian picture… so I’ll focus more on the technical feasibility of deanonymising someone.
Yes, DNS is a major one that projects like pkarr, Onion Services, etc., try to address (pkarr is still pretty new, and Tor is no silver bullet). But for personal users, there are a gazillion other layers that can expose them, from software running on their mobile or desktop (starting with keyboard apps, AI tools users have "authorised" to learn from their behaviour, to shady background daemons like Meta was using to the OSes themselves …), them there's your ISP if you're self-hosting, CAs if you are using HTTPS, CDNs, the VPS or Cloud provider provider you're renting hardware from all owning bits and pieces of personal information and metadata that can be pierced together to paint a picture. Then there are all sorts of fingerprinting techniques… and about a gazillion other possible deanonymisation vectors.
Again, I can’t say what would hold up in court, but I’d work with the assumption that, for the vast majority of people exposed to Nostr, the authorities can figure out who’s behind an npub or operating a relay fairly easily.
Agreed. Morals are what emerge beyond fear of repression… Either when you're genuinely beyond repression (which is rare), or when you're fully aware of the consequences and still act according to your beliefs.
I don't think I need to state where I stand morally, or I wouldn’t be maintaining Haven as my most expensive hobby, nor encouraging people to self-host in the first place. If we had 20,000 people self-hosting relays (be it Haven or any other relay software), the picture would look very different compared to just a few hundred. And if Nostr blows up like torrents did back in the day, that would again be a very different scenario.
I strongly believe is that the default path on Nostr will be one of non-compliance (again, assuming there’s even anything to comply with).
Still, my take is that healing happens when, given the choice, people voluntarily choose correctly (which, as you're suggesting, might be doing nothing). I don't believe in imposing compliance, but I also don't believe in imposing non-compliance. That doesn’t mean I can’t hold strong opinions about it, of course.
Agreed... Client devs, especially mobile client devs, may be low-hanging fruit. And I guess that “My client just provides a WebSocket between the client and the relay” will work about as well as the old “Demonoid is just an indexer and search engine” excuse.
Still, as someone almost strictly on the relay side of things, I don’t think pushing all responsibility to clients with a "I’m just running some JSON backend thing" stance is going to hold up either. At a bare minimum, relay software should offer proper tools to manage Kind 0, Kind 1, and NIP-23 content. And folks running additional things like Blossom, NIP-96, etc., need solid ways to moderate media.
At the moment, Haven has neither. Well... the moderation tools are basically the file system and a database client 😅. I haven’t played with relay.tools myself, but given the scale of some relays running on it, I assume you already have some moderation tooling in place. I think that both client and relay software devs have to work with operators (and you and I are both people playing both roles at the moment).
Lol, got it. To be honest, I don’t have much access to client devs (and for the most part, I don’t even know where they hang out to begin with). I started this thread mostly with relays in mind, since the “Other things” folks seem to know what they’re doing. I really can’t say what they’re discussing at the moment—but I do wonder if there’s a plan.
nostr:nprofile1qqsf03c2gsmx5ef4c9zmxvlew04gdh7u94afnknp33qvv3c94kvwxgspr9mhxue69uhkscnj9e3k7unpvdkx2tnnda3kjctv9uq32amnwvaz7tmjv4kxz7fwv3sk6atn9e5k7tcppemhxue69uhkummn9ekx7mp0g4rts7, nostr:nprofile1qqszv6q4uryjzr06xfxxew34wwc5hmjfmfpqn229d72gfegsdn2q3fgpzfmhxue69uhkummnw3e82efwvdhk6tcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszythwden5te0dehhxarj9emkjmn99urf278z, nostr:nprofile1qqs8lft0t45k92c78n2zfe6ccvqzhpn977cd3h8wnl579zxhw5dvr9qpzamhxue69uhkvun9deejumn0wd68yvfwvdhk6tcprpmhxue69uhkv6tvw3jhytnwdaehgu3wwa5kuef0qyd8wumn8ghj7urewfsk66ty9enxjct5dfskvtnrdakj7eeth6c, nostr:nprofile1qqsvvcpmpuwvlmrztkwq3d6nunmhf6hh688jw6fzxyjmtl2d5u5qr8spz3mhxue69uhhyetvv9ujuerpd46hxtnfduqs6amnwvaz7tmwdaejumr0dsqs7amnwvaz7tmwdaehgu3wd4hk6xe6hvp, nostr:nprofile1qqsgzfdez8ksa9xmuvqg5zly3nl9e5xqkpvj8nllj9aw06ra4pqq3qcpz3mhxue69uhhyetvv9ujuerpd46hxtnfduqs6amnwvaz7tmwdaejumr0dsq3qamnwvaz7tmwdaehgu3wvfskueq5eg09w, nostr:nprofile1qqsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqpz9mhxue69uhkummnw3ezuamfdejj7qgswaehxw309ahx7um5wghx6mmd9uq3wamnwvaz7tmkd96x7u3wdehhxarjxyhxxmmd9ukfdvuv, you’re some of the cool client devs I’ve had the chance to interact with. Some of you even reply to me occasionally 🤣.
Are you planning any changes to your respective clients in terms of moderation and compliance with the whole age verification thing?
Showing page 1 of
1 pages
