Just thinking aloud about how I'd attack Nostr blogs and clients if I were an ...

Why Nostr? What is Njump?

npub1ql…gjxck

2023-07-20 07:41:38

Just thinking aloud about how I’d attack Nostr blogs and clients if I were an authoritarian government. I’d appreciate comments from people with technical experience on how states like China and Russia would do it!

Fear

As a dictator, the danger I’m afraid of is a popular platform to

spread criticism freely to the masses of normal people (non-IT folk)
organise protest, civil resistance, non-compliance
interact freely which creates a feeling of community

Crackdown

So how would I stop Nostr blogs and clients?

1️⃣ Make Nostr mobile apps illegal & ban them from app stores 2️⃣ Block URLs of popular blog webapps like Yakihonne or Habla 3️⃣ Block relays 4️⃣ Spam relays with disinfo 5️⃣ Arrest popular opposition figures, confiscate their computers, steal private key if possible to then spread disinfo

Are there ways to make those more resilient? 🤔

Counter 2️⃣ (my only new idea so far)

I’ve heard of the idea of Nostr-based DNS here: a Nostr Name System (NNS). With this in mind, clients like Yakihonne and Primal could implement a cached functionality to resolve their own URL via NNS rather than DNS. If that worked, as long as you have the cache, I think you’d be fine. And you can wipe your cache pretty quickly if you need to hand over your device.

But what if you don’t have the cached functionality because it was wiped or you’re new user? Thinking about this problem I came up with the following: What about a single HTML file with vanilla JS, no dependencies, that does the following:

tries to connect to many Nostr relays & gets relay recommendations of even more relays
pulls a note from Nostr with updated list of most popular Nostr clients
resolves their IPs via NNS
displays them in a list with links

The functionality should be kept basic so that the file needs little to no updating. That way the file could be spread by any means, over multiple channels and provide a fairly censorship-resistent entry-point to popular Nostr clients.

Anyway, just a few thoughts. Tell me what you think! ❤️

Author Public Key

npub1ql5rx6pqga5xa9a90edml8hv0w5utxmt5nqz3nr8hruxe9v8hhkqvgjxck

Show more details

Published at

2023-07-20 07:41:38

Kind type

30023 Long-form Content

Event JSON

{ "id": "6f0e1d5d1fabb5c0793adec38ddacf25aaffbc7087e7cf4c9ed5f98bfef3d0d4", "pubkey": "07e833682047686e97a57e5bbf9eec7ba9c59b6ba4c028cc67b8f86c9587bdec", "created_at": 1689838898, "kind": 30023, "tags": [ [ "client", "yakihonne.com" ], [ "d", "ut_VMI1IQd-vHBSdhwUFH" ], [ "image", "https://yakihonne.s3.ap-east-1.amazonaws.com/07e833682047686e97a57e5bbf9eec7ba9c59b6ba4c028cc67b8f86c9587bdec/files/1689838897834-YAKIHONNES3.png" ], [ "title", "How would I attack Nostr if I were a dictator?" ], [ "summary", "A few thoughts on possible attacks and one idea how to counter them." ], [ "t", "nostr" ], [ "t", "censorship" ], [ "t", "nostr name system" ], [ "t", "nns" ] ], "content": "Just thinking aloud about how I'd attack Nostr blogs and clients if I were an authoritarian government. *I'd appreciate comments from people with technical experience on how states like China and Russia would do it!* \n\n## Fear\n\nAs a dictator, the danger I'm afraid of is a *popular* platform to \n- spread criticism freely to the masses of normal people (non-IT folk) \n- organise protest, civil resistance, non-compliance\n- interact freely which creates a feeling of community\n\n## Crackdown\nSo how would I stop Nostr blogs and clients?\n\n1️⃣ Make Nostr mobile apps illegal \u0026 ban them from app stores\n2️⃣ Block URLs of popular blog webapps like Yakihonne or Habla\n3️⃣ Block relays\n4️⃣ Spam relays with disinfo\n5️⃣ Arrest popular opposition figures, confiscate their computers, steal private key if possible to then spread disinfo\n\nAre there ways to make those more resilient? 🤔 \n\n## Counter 2️⃣ (my only new idea so far)\n\nI've heard of the idea of Nostr-based DNS [here](https://primal.net/e/note1sgrat20xpnqddjhlh08arhwwwu4au3zzevlqwhhlh6046hptt9csmuql6v): a Nostr Name System (NNS). With this in mind, clients like Yakihonne and Primal could implement a **cached** functionality to resolve their own URL via NNS rather than DNS. If that worked, as long as you have the cache, I think you'd be fine. And you can wipe your cache pretty quickly if you need to hand over your device.\n\nBut what if you don't have the cached functionality because it was wiped or you're new user? Thinking about this problem I came up with the following: What about a single HTML file with vanilla JS, no dependencies, that does the following:\n- tries to connect to many Nostr relays \u0026 gets relay recommendations of even more relays\n- pulls a note from Nostr with updated list of most popular Nostr clients\n- resolves their IPs via NNS \n- displays them in a list with links\n\nThe functionality should be kept basic so that the file needs little to no updating. That way the file could be spread by any means, over multiple channels and provide a fairly censorship-resistent entry-point to popular Nostr clients.\n\nAnyway, just a few thoughts. Tell me what you think! ❤️", "sig": "93589eee1719b7633a5e3d8468dbe7ffe4e8a34e07b326043ce5aa3e6d53c34657ac839483f10704060b5e77a45705d8aef0c2c8ca26e4f82508afbd3769edf9" }