The answer isn't binary. NOSTR is above made for resilience, that is the main goal. This means that NOSTR texts can even be printed on paper and you can verify they are texts from a specific author.
Privacy inside NOSTR is assured with the techniques that already exist today for specific usage cases like private messages:
A wants to write B, so the message is encrypted with the public key of B. This has been common for PGP emails. This isn't terrible for privacy, it is your private keys and you need to know where you are storing them.
If you are storing them on protonmail then that is a bad security practice because you can't prove they aren't copying/sharing them.
In NOSTR you can use a myriad of clients, including command line where you can trust that your private key isn't being shared.
Public keys in NOSTR define a public identity. They certify everyone that a specific key person is writing those messages. If you want to keep identities private, then use specific identities for that purpose.
Here the goal is that a well-known public person can continue to publish texts that anyone can verify as being from that person.
The second part is diversity of servers. There are today +400 NOSTR servers around the world. You can drop your message at a random server and the recipient will eventually download it. In some cases you can use I2P to talk with specific servers that then synchronize between themselves in I2P. It is very difficult for a gov-level actor to pinpoint these IP addresses and map them to specific content (messages) they sent.
In my opinion NOSTR is delivering the security level that OpenGPG has been building to achieve since 30 years ago.
brito
npub1hf…p7yfm
2024-09-26 08:11:51
in reply to nevent1q…s9qq
Author Public Key
npub1hfg3tsmmp7g3u5cw6mzg0n9andehmgel6jug486eppsr0rqx4a3qlp7yfmPublished at
2024-09-26 08:11:51Event JSON
{
"id": "3b0f88ae74b2ba8b8434ff8e6a3f7d0096bd913077b2a74d293a215aa05e7c0e",
"pubkey": "ba5115c37b0f911e530ed6c487ccbd9b737da33fd4b88a9f590860378c06af62",
"created_at": 1727338311,
"kind": 1,
"tags": [
[
"e",
"bed5d86f723598c1f61d4864861998cc71a892572a95d4616921f2a569a1a10a",
"",
"root"
],
[
"e",
"f673098967fd0721b681f30de3eeabd6c1300418c944700ec852194e041c2397",
"",
"reply"
],
[
"p",
"ba5115c37b0f911e530ed6c487ccbd9b737da33fd4b88a9f590860378c06af62"
],
[
"p",
"e1c7a2e617a0fd25a8b391789d8aa4671c1d61dfa1801ae62dae99f3bbfda437"
]
],
"content": "The answer isn't binary. NOSTR is above made for resilience, that is the main goal. This means that NOSTR texts can even be printed on paper and you can verify they are texts from a specific author.\n\nPrivacy inside NOSTR is assured with the techniques that already exist today for specific usage cases like private messages:\n\nA wants to write B, so the message is encrypted with the public key of B. This has been common for PGP emails. This isn't terrible for privacy, it is your private keys and you need to know where you are storing them.\n\nIf you are storing them on protonmail then that is a bad security practice because you can't prove they aren't copying/sharing them.\n\nIn NOSTR you can use a myriad of clients, including command line where you can trust that your private key isn't being shared.\n\nPublic keys in NOSTR define a public identity. They certify everyone that a specific key person is writing those messages. If you want to keep identities private, then use specific identities for that purpose.\n\nHere the goal is that a well-known public person can continue to publish texts that anyone can verify as being from that person.\n\n\nThe second part is diversity of servers. There are today +400 NOSTR servers around the world. You can drop your message at a random server and the recipient will eventually download it. In some cases you can use I2P to talk with specific servers that then synchronize between themselves in I2P. It is very difficult for a gov-level actor to pinpoint these IP addresses and map them to specific content (messages) they sent.\n\nIn my opinion NOSTR is delivering the security level that OpenGPG has been building to achieve since 30 years ago.\n\n\n\n\n\n\n\n\n\n",
"sig": "7ee9922006b52dba571bdeda8eb2b27801ecc9315fd788c6cb7ad74bbe96d842eb13b323dfaa6c339d8b72e9360a3f3929ddb22be0f31fa29f588009ce3539bd"
}