ArchLizzard on Nostr: Hey Snowden, as a big privacy advocate, I have huge respect for you. Did you know ...

Hey Snowden (npub1sn0…jdv9), as a big privacy advocate, I have huge respect for you. Did you know people can see who you message with in #Nostr? Am I the only one who thinks this is a big design flaw?

Also would love to hear the opinion of the #Monero people I know:
Seth For Privacy (npub1tr4…2y5g)
vik (npub16jh…w5l3)
I guess leave it to Bitcoin maxis to develop a new social media protocol, right? NGL, this is kind of a deal breaker for me, I just think it's stupid and there is zero benefit in that. But according to them it's good that everything is out in the open because... reasons?
I also don't know to what extent other metadata is public, like ip address and such.
#asknostr #privacy

Also more context:

quoting
nevent1q…7gw6

All nostr data is public, instead of using closed doors to give a company special access to your information, nostr levels the playing field by making everything publicly accessible to all.

Regarding private messages, this has also always been known, it was a proof of concept feature that most clients adopted to show off what we could do. Messages are private but metadata is public.

When you make a DM on Amethyst, you have a choice to use the old DM system, or a more private one by clicking the incognito icon. This is a new spec that is not yet widely adopted by all clients as far as I know, I think there may be competing ideas that nostr needs to settle between.

Using this version of chat, the metadata is hidden, or at least more of the metadata is hidden, so who you are talking to is no longer public.

This means logging in with your npub does not reveal who you are talking to using this chat type.

Logging in with npub is still useful for some people. You may want to give employees read only access to your account for a company, but the most commonly used scenario is using the app with a remote signer.

You log in with no permissions with Amethyst, but when you want to publish a note, Amethyst sends the note to another app which shows you what it wants to publish and you have to approve it. It separates your identity from your application to ensure the app cannot do anything on your behalf behind your back.

This was inspired by watch only wallets in bitcoin which let you delegate the signing of transactions to a secure signing device so you can monitor your account, see your balance, give people new addresses to send money to, but you can't send money out without the secure signer.