-
@ 378562cd:a6fc6773
2025-02-23 20:41:59
Social media platforms like Facebook and X (formerly Twitter) have long dominated online communication. However, many people are looking for alternatives due to increasing censorship, algorithmic manipulation, and corporate control over user data. One of the most promising new protocols I have found is Nostr, a decentralized and open-source alternative to traditional social media. But how does Nostr compare, and why should you consider making the switch? If you're reading this, presumably, you already have made the switch, but share this with friends if you like. Let’s dive in.
The Fundamental Differences Between Nostr and Traditional Social Media
1. Decentralization vs. Centralization
Facebook and X are owned and operated by massive corporations that control everything from content moderation to algorithmic visibility. Your posts, followers, and interactions are at the mercy of the company's policies and changes.
Nostr: No single entity owns Nostr. It operates as a protocol where anyone can run a relay (a server that transmits messages). Users are not tied to a single company or platform, ensuring freedom from corporate control.
2. Censorship Resistance
Facebook & X: Heavily moderate content, often removing posts or banning accounts based on internal policies, government pressure, or **advertiser** demands.
Nostr: Built to resist censorship. Since users publish to multiple relays, blocking content on one relay does not remove it from others. You control where your messages are sent, not a centralized authority.
3. User Ownership and Privacy
Facebook & X: Your data is stored on corporate servers and often sold to advertisers. You don’t truly own your content or connections.
Nostr: Users control their private keys, which function like cryptographic signatures. Your identity is yours alone, and no company can take it away.
4. Algorithm-Free Experience
Facebook & X: Content is curated by algorithms that determine what you see based on engagement metrics, often promoting divisive or viral content over meaningful conversations.
Nostr: No forced algorithms. You decide which relays to use and what content to follow. Your feed remains chronological and free from corporate influence.
Pros and Cons of Nostr
✅ Pros:
True freedom of speech: No corporate moderation, allowing open discussion.
User-owned identity: You control your account with a cryptographic key.
No ads or tracking: Your data isn’t harvested or sold to advertisers.
Resilient against shutdowns: Multiple relays ensure content persists even if one relay goes offline.
Customizable experience: Choose the relays and clients that best suit your needs.
❌ Cons (If Any):
Early-stage adoption: Not as many users as Facebook or X (yet!).
Technical learning curve: Requires setting up keys and understanding relays, though improving rapidly.
Lack of centralized moderation: While this is a pro for free speech, it can also mean exposure to spam or undesirable content if it is not filtered properly. However, they are developing hidden or block features to help control your feeds. I don't have a lot of worries here. To be perfectly honest, it seems like a better class of people come here.
Why Should You Leave Facebook and Join Nostr?
If you’re tired of algorithmic manipulation, invasive tracking, and corporate censorship, Nostr offers a fresh start. It’s a place where your voice truly belongs to you, and a centralized authority cannot control your connections.
Yes, it may take some time to adjust to using Nostr, but the benefits far outweigh the minor learning curve. If you value digital freedom, privacy, and resistance to censorship, now is the perfect time to explore the future of social networking.
How to Get Your Friends to Leave Corporate Social Media and Join Nostr
Switching to Nostr is one thing, but convincing your friends to make the leap can be challenging. Here are some practical ways to help them transition:
Explain the benefits: Many people don’t realize how much control corporations have over their online experience. Share this article and highlight the key points.
Make it easy: Walk them through setting up a Nostr account, generating a private key, and connecting to relays.
Show them the community: Introduce them to active Nostr users, groups, and discussions to make the transition feel worthwhile.
Lead by example: Use Nostr consistently and post compelling content that makes it appealing to your friends.
Keep the conversation going. As more people join, Nostr will become even more engaging, making it a true alternative to corporate-controlled platforms.
-
@ d34e832d:383f78d0
2025-02-23 19:53:32
Hockeypuck is an **OpenPGP keyserver** that allows users to publish, search, and retrieve **PGP public keys** for secure communication. It is designed for **federation** with other keyservers and supports a **high-performance, scalable** architecture.
---
## **🛠️ Usage**
### **1. Public PGP Key Directory**
- Organizations, security researchers, and privacy-focused users can **publish and retrieve PGP keys** for encrypted email and document verification.
- Similar to **SKS Keyserver**, but actively maintained and more scalable.
### **2. Enterprise PGP Key Management**
- Companies can **host a private keyserver** for internal teams to share PGP keys securely.
- Prevents reliance on external keyservers like keys.openpgp.org.
### **3. Decentralized Identity and Key Distribution**
- Used in federated **PGP keyserver networks** like **Hockeypuck & SKS pools** to distribute OpenPGP keys across multiple servers.
- Useful for **distributed trust models** where multiple organizations manage keys collaboratively.
### **4. Bitcoin & Nostr Applications**
- Can be used alongside **Nostr** for key verification, ensuring public keys are retrievable for cryptographic signatures.
- Useful in **Bitcoin** applications where PGP-signed messages confirm identity.
### **5. Software Package Signing**
- Developers and package maintainers can **sign software updates** using OpenPGP, and end users can fetch public keys from Hockeypuck to verify authenticity.
- Example: **Debian and Arch Linux package signing**.
### **6. Secure Messaging**
- Supports secure email systems using **PGP-encrypted mail (e.g., ProtonMail, Thunderbird + Enigmail, Mailpile, etc.)**.
---
## **📌 Key Benefits**
✅ **Docker-Based Deployment** → Easily installable with **Docker** and **docker-compose**.
✅ **Federated Keyserver** → Can join existing **PGP keyserver networks**.
✅ **High-Performance Storage** → Uses PostgreSQL for better performance than older SKS keyservers.
✅ **Supports HTTP & HTTPS** → Can be hosted publicly with **TLS encryption**.
✅ **Fully Open Source** → Maintained as a modern alternative to SKS.
## **🔑 Signing a Nostr Event Using PGP & Verifying It on a Relay**
If Alice wants to **prove she controls `npub1xyz...`** using **PGP**, she can sign a Nostr event and publish both the event and signature.
---
### **🔹 Step 1: Create a Nostr Event (Kind 0)**
Alice generates a **Nostr profile metadata event**:
```json
{
"id": "xxxxxxxxxxxxxxxxxx",
"pubkey": "npub1xyz...",
"created_at": 1700000000,
"kind": 0,
"tags": [],
"content": "{ \"name\": \"Alice\", \"about\": \"PGP Verified Nostr User\" }"
}
```
She saves this as **`nostr_event.json`**.
---
### **🔹 Step 2: Sign the Event with PGP**
Alice uses GnuPG to sign the event:
```bash
gpg --clearsign --armor nostr_event.json
```
This creates **`nostr_event.json.asc`**, which contains the event with a **PGP signature**.
🔹 **Example of the signed event:**
```
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
{
"id": "xxxxxxxxxxxxxxxxxx",
"pubkey": "npub1xyz...",
"created_at": 1700000000,
"kind": 0,
"tags": [],
"content": "{ \"name\": \"Alice\", \"about\": \"PGP Verified Nostr User\" }"
}
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEbGSk4HTlMz5tG0tF0Y8fO3HTQYYFAmS8mOkACgkQ0Y8fO3HT
QYYX4w/+JwzbfM1EZ2F7H3yqbdGBJ2cGd...
-----END PGP SIGNATURE-----
```
---
### **🔹 Step 3: Upload the Signature to a Public Keyserver**
Alice submits her signed Nostr event to the **Hockeypuck keyserver**:
```bash
curl --data-binary @nostr_event.json.asc https://keyserver.example.com/pks/add
```
---
### **🔹 Step 4: Publish the Event to a Nostr Relay**
Alice **publishes the original event** to a Nostr relay:
```bash
curl -X POST https://nostr-relay.example.com/ -d @nostr_event.json
```
---
### **🔹 Step 5: Verification**
Anyone can **fetch Alice’s PGP-signed event** and verify it:
```bash
curl "https://keyserver.example.com/pks/lookup?op=get&search=alice@nostr.example.com" | gpg --verify
```
If successful, it will show:
```
gpg: Good signature from "Alice <alice@nostr.example.com>"
```
---
### **✅ Use Cases**
1. **Proving Ownership of a Nostr Public Key** with PGP.
2. **Bitcoin Applications**: PGP-signed messages can confirm identities for multisig coordination.
3. **Decentralized Web of Trust**: Verifying Nostr users via signed events.
---
Additionally a simple JS or python script could automate signing process.
-
@ f7d424b5:618c51e8
2025-02-23 18:01:38
(This was originally posted on melonmancy.net which is a blog on write.as, an ActivityPub based blogging instance)
Listeners rejoice as we are joined today by [ironee212 @ shitposter.world](https://shitposter.world/ironee212)
Another major videogame release happened since we last recorded and it looks like a big stinker, or is it? All that and more in today's episode.
We mentioned a few things in the show you might want to pull up while listening, they are the following:
- [Avowed steam chart](https://steamdb.info/app/2457220/charts/)
- [TF2 SDK news](https://www.teamfortress.com/post.php?id=238809)
Obligatory:
- [Listen to the new episode here!](https://melonmancy.net/listen)
- [Discuss this episode on OUR NEW FORUM](https://melonmancy.cafe/d/103-mp101-my-favorite-body-type-b)
- [Get the RSS and Subscribe](https://feeds.rssblue.com/melonmancy-podcast) (this is a new feed URL, but the old one redirects here too!)
- Get a modern podcast app to use that RSS feed on at [newpodcastapps.com](http://newpodcastapps.com/)
- Or listen to the show on [the forum](https://melonmancy.cafe) using the embedded [Podverse](https://podverse.fm) player!
- [Send your complaints here](https://melonmancy.net/contact-us)
Reminder that this is a [Value4Value](https://value4value.info/) podcast so any support you can give us via a modern podcasting app is greatly appreciated and we will never bow to corporate sponsors!
Our podcast is created entirely with free software and is proudly hosted on [RSSBlue!](https://rssblue.com)