@ c3b2802b:4850599c

Kann ich etwas bewirken im Geschehen, in das ich hineingeboren wurde? Psychologen ist bekannt, dass Menschen bezüglich dieser für jeden Menschen entscheidenden Frage während ihrer Kindheit und Jugend in der einen oder anderen Richtung konditioniert werden. Heraus kommen dann Erwachsene mit geringer oder hoher Einschätzung der eigenen Selbstwirksamkeit. Viele Menschen wachsen heran mit der Botschaft der Eltern und älteren Zeitgenossen: Du kannst die Welt nicht ändern. Das schaffst Du nicht. Füge Dich ein in die Gesellschaft, die Du vorfindest. Nur dann hast die Chance, ein gutes Leben zu führen. Andere haben das Glück, von Eltern oder anderen Zeitgenossen ermuntert zu werden: Folge Deinem Herzen, tu die Dinge, die die Welt braucht und die Dir Freude machen. Du kannst und wirst das schaffen. Du kannst beitragen, die Welt nach Deinem Bilde zu formen. Dann wirst Du ein erfülltes Leben führen. Welches Muster dominiert in den Industrieländern unserer Zeit? Spätestens mit Einführung der Schulpflicht wird die überwiegende Zahl der Heranwachsenden mehr oder weniger erfolgreich auf Gehorsam gegenüber den gerade vorherrschenden Macht-Strukturen getrimmt. Die gängige Schulbildung führt dazu, dass viele Kinder vorgegebene Denk- und Handlungsmuster von Lehrern kritiklos übernehmen. Das hat der deutsche Psychologe Wolfgang Köhler bereits vor über 100 Jahren bei Hospitationen in deutschen Schulklassen festgestellt. Die Kinder lernen, dass sie mit einer Wiederholung der vom Lehrer vorgegebenen Lösungswege besser fahren als wenn sie selbst denken. Die Absolventen solcher Bildungssysteme sind zum Großteil Duckmäuser, welche dann im Studium, bei weiteren Ausbildungen oder im Militärdienst gehorsam alles tun, was von ihnen verlangt wird. Sie folgen abstrusesten Anweisungen und Anordnungen, wie wir alle in den vergangenen 5 Jahren live mitverfolgen durften. Diese Menschen schwingen nicht den Taktstock der Geschichte. Sie bilden die Masse der Untertanen, moderne Mann´sche Heßlings, die leichte Beute von Werbung, öffentlich restlicher Propaganda und Parteiversprechen vor Wahlen werden. Die auch gern mal kriegslüsterne Parteien wählen, wenn diese die Impf-Leichen der Pharmaindustrie im Keller lassen.  Wer führt aktuell den Taktstock der Geschichte? Kleine selbsternannte "Eliten" von Psychopathen haben den Taktstock in Besitz genommen. Das sind Wesen, die man als ethische Analphabeten, denen Mitfühlen mit anderen Wesen fremd ist, charakterisieren könnte. und die vor diesem Hintergrund einen Krieg nach dem anderen vom Zaun brechen. Sie werden von einer Schar gekaufter Lakaien aus der Medien- und Werbebranche sowie von "Young Global Leaders" dabei unterstützt, ihre Vorstellungen von einer Sklavenhalter-Gesellschaft in die Welt zu bringen, in der eine winzige Minorität die große Mehrheit der Menschheit sowie der Schöpfung als moderne Sklaven unter ihre Kontrolle zu bringen sucht. "Ihr werdet nichts besitzen, aber Ihr werdet glücklich sein", "wir impfen Euch mit (nicht Langzeit-geprüften) mRna Substanzen und Ihr werdet gesund bleiben", "wir impfen die Wolken (s. Titelbild) und das wird dem Wetter gut tun", "wir bestrahlen Euch (mit nicht auf Gesundheitsfolgen geprüftem) 5G Mobilfunk und das wird Euch zufrieden machen" (s. Titelbild), "wir schaffen das Bargeld ab und das wird Euer Leben vereinfachen" - wie lange noch wollen wir solche Ansagen hinnehmen und ihnen gehorsam folgen? Sobald eine hinreichende Zahl an Menschen der Völker unseres Planeten erkennt, dass wir selbst den Taktstock der Geschichte übernehmen können, wird sich unsere Gesellschaft in unserem Sinne zu wandeln beginnen: Wenn wir erkennen, dass in jedem von uns ein göttlicher Funke schlummert, mit dem wir unsere Welt selber bauen können, geht die Ära der Kriegstreiber und Giftmischer, die Zeit der Fake-Demokratie und Meldestellen für Regime-kritische Meinungen ihrem Ende entgegen. Was kann jeder von uns hier und jetzt tun, um zu starten mit diesem neuen Kapitel der Menschheitsgeschichte? Es scheint mir nicht so schwer zu sein: Wenn wir aufhören, die Propaganda zu verfolgen; wenn wir aufhören, mit vermeintlichen Rettern vor Krieg und Lüge mitzufiebern, welche als Milliardäre Teile des gewachsenen Systems sind, dann gewinnen wir viel Zeit. Die können wir nutzen, uns zu öffnen für die endlos vielen Initiativen der gerade entstehenden Regionalgesellschaft. Dort können wir mitwirken oder eigene Initiativen gründen.  In meinen ca. 1.000 Blogs der vergangenen Jahre (bei den [Zukunftskommunen](https://zukunftskommunen.de/blog/), der [Genossenschaft Menschlich Wirtschaften](https://menschlichwirtschaften.de/kategorie/peter-schmuck/) und bei [Pareto](https://pareto.space/u/peter@pareto.town)) sind zahlreiche Erfolgsgeschichten dieser Graswurzelbewegung portraitiert. Und einige meiner psychologischen Studien dieser Jahre stützen die These: Wer sich für eine faire und saubere Welt engagiert, fühlt sich wohler als andere. Die von meinen Teams befragten Pioniere berichten, dass wir infolge solchen Engagements in Balance kommen mit unseren Mitgeschöpfen, dass wir zunehmend mit Menschen in Kontakt kommen, mit denen wir Freude und Begeisterung teilen können. Weil wir den göttlichen Funken in uns zum Motor einer Entwicklung machen, welche wir wirklich haben wollen, also im Einklang mit unserem Gewissen leben können. Weil uns dann der Taktstock von Psychopathen nicht länger interessiert. Wenn Sie diese Überlegungen anregend finden und neugierig auf Details sind: Im Handbuch für Lichtbotschafter (open source, [hier abrufbar](https://zukunftskommunen.de/blog/soeben-erschienen-handbook-for-light-ambassadors-handbuch-fuer-lichtbotschafter/)) finden Sie eine Fülle von Inspirationen für den Einstieg in die faire, vertrauensvolle Regionalgesellschaft, welche durchaus ohne psychopathische Dirigenten auskommt. Und selber den Taktstock zu schwingen - bringt Lebensfreude. Probieren Sie es aus! *Titelbild: Blick in den Abendhimmel von Bad Frankenhausen am Kyffhäuser nach Westen am 3.3.2025 mit Hinterlassenschaften von Flugzeugen und einem 5G Mast mit nicht sichtbarer Mobilfunkstrahlung (sorry, das Bild steht auf dem Kopf, so wie die Realität unserem ethischen Empfinden diametral entgegensteht)* 

@ 5a261a61:2ebd4480

Tom stopped and nodded to Jiro with a smile. "Just wanted to see how it's going," he said as he approached the counter. "People need to eat and I have food. Can't complain," replied the ever-smiling Jiro. "Are you heading out to make some money, or should I put it on your tab again?" he continued without pausing his stirring. Tom might have been short on cash, but his pride (and caution) never allowed him to leave debts with friends. And Jiro was about the closest thing to a friend among all his acquaintances. "I can still afford it today," Tom smiled tiredly, "but if you know of something that might bring in some metal, I could stop by tomorrow too." "There might be something, but nothing that would pay the bills today. You might have better luck across the street. They're having another party today, and as a good neighbor and main supplier of coconut oil, I have a magic piece of paper that will get you on the guest list." "And here comes the 'but'?" "If you're this impatient with women too, I'm not surprised you don't have one to make a home out of those four walls... Have I told you about my niece Noi?" Juri asked with his typical mischievous smile. Tom raised an eyebrow. "Maybe. But I have a feeling you're going to tell me again anyway." Juri laughed. "See, that's why I like you. You always know what's coming." He leaned closer across the counter. "Noi is a smart girl, studying journalism. But she needs a bit of... how to put it... social training." "And by that, you mean exactly what?" Tom asked cautiously. "Nothing bad, don't worry," Juri waved his hand dismissively. "She just needs someone to take her into better society. You know, to see how things work. And, as it happens, she has tickets to tonight's party at The Beach." Tom sighed. He already suspected where this was heading. "Juri, I'm not exactly—" "The perfect gentleman who could show my niece how to behave in higher circles?" Juri cut him off. "Come on, Tom. You're a detective. You know how to adapt to wherever the wind blows. And she has those tickets. You want to go to the party, she needs a guide. Everyone will be happy." Tom remained silent for a moment, considering his options. On one hand, he wasn't in the mood to babysit some naive student. On the other hand, those tickets would really come in handy... especially since he had nothing better going on. **Where to next?** - accept offer to get out of the stale water - find another way other than babysitting

@ 407529d6:83e93205

For this content creation wahala wey don dey happen, e don clear say central platforms no really send creators. Dem go control wetin you fit post, chop most of your money, and if dem vex, dem fit delete your content anyhow. 🚫 Censorship & Control Wahala – If dem no like wetin you talk, dem fit hide am or even delete am. 💰 Money No Dey Reach Creators – Na small change dem go give you, while dem pocket the bigger cut. 🔒 You No Own Your Content – If dem ban you, everything wey you don build fit vanish just like that. But e get solution—decentralization go put power back for creators hand! Why YakiHonne & Bitcoin Dey Important YakiHonne na decentralized media platform wey dey use Nostr protocol, and e don come change the way wey creators go take make money. No middleman, no wahala! ✔ Dem No Fit Ban You – Your content go dey permanent, nobody fit delete am. ✔ You Go Make Better Money – People go fit send you Bitcoin directly, no need to depend on ads. ✔ You Be Oga for Your Content – Nobody fit carry your page block or remove your post just because dem no like am. How You Go Take Make Money for YakiHonne If you be content creator, here be ways wey you fit cash out: 1. People Go Fit Dash You Bitcoin – Make better content, and your fans fit send you Bitcoin as support. 2. Subscription Package – You fit do premium content wey only people wey subscribe fit see. 3. Crowdfunding – If you get project, your audience fit contribute Bitcoin make you take run am. No allow big platforms use you do mugu again. Decentralization na the way forward. You go get freedom, better money, and peace of mind. Time don reach to take control of your content and your money! #YakiHonne #NOSTR #Bitcoin #ContentCreation #NaWeDeyRunAm

@ 88b8f4a8:0b652722

Las motivaciones para configurar un segundo router pueden ser: * Como repetidor wifi en una zona apartada de la casa donde no llega de habitual. * Configurar el segundo router con VPN (probándolo, la configuración en el principal funciona pero aplicándola en un segundo router conectado al principal no usa la VPN, intentaré resolverlo). * Usar el segundo para experimentación. * Si se te ocurren más motivos coméntalos. Para empezar, debes desactivar sus funciones de router (como DHCP y NAT) y configurarlo para que simplemente extienda la red de tu router principal. Aquí te explico cómo hacerlo paso a paso: **1. Conectar los Routers Físicamente** * Conecta un cable Ethernet desde un puerto LAN del router principal a un puerto LAN del router OpenWrt. * No uses el puerto WAN del router OpenWrt, ya que no lo necesitarás en esta configuración. **2. Acceder al Router OpenWrt** * Conéctate al router OpenWrt mediante SSH o accede a la interfaz web (LuCI). En mi caso lo intenté por interfaz gráfica y no lo conseguí, así que continúo explicando solo mediante SSH. **3. Desactivar la Interfaz WAN** * Como no usarás la interfaz WAN, puedes desactivarla. * Edita el archivo /etc/config/network: ``` vi /etc/config/network ``` * Comenta o elimina la sección de la interfaz WAN, comentar es añadir un # delante. Por ejemplo: ``` # config interface 'wan' # option proto 'dhcp' # option ifname 'eth1' ``` **4. Configurar la Interfaz LAN** * Configura la interfaz LAN para que obtenga una dirección IP del router principal. * Edita el archivo ```/etc/config/network``` y modifica la sección de la interfaz LAN: ``` config interface 'lan' option proto 'static' option ifname 'br-lan' option ipaddr '192.168.1.2' # Dirección IP dentro del rango del router principal option netmask '255.255.255.0' option gateway '192.168.1.1' # IP del router principal option dns '1.1.1.1' # Servidores DNS ``` Asegúrate de que: * ```ipaddr``` sea una dirección IP dentro del rango del router principal (por ejemplo, si el router principal usa `192.168.1.x`, elige una IP como `192.168.1.2`). * `gateway` sea la IP del router principal (por ejemplo, `192.168.1.1`). * `dns` sean servidores DNS válidos. **5. Desactivar el Servidor DHCP en OpenWrt** * Como el router principal ya proporciona direcciones IP, debes desactivar el servidor DHCP en OpenWrt. * Edita el archivo /etc/config/dhcp: ``` vi /etc/config/dhcp ``` * Desactiva el servidor DHCP en la sección lan: * Con añadir al final "option ignore '1'" basta. No borres el resto de la sección. ``` config dhcp 'lan' option interface 'lan' option ignore '1' # Desactiva el servidor DHCP ``` **6. Configurar el Firewall** Como el router OpenWrt actuará como un AP, no necesita funciones de firewall. * Edita el archivo /etc/config/firewall y desactiva las reglas de firewall: ``` config zone option name 'lan' option input 'ACCEPT' option output 'ACCEPT' option forward 'ACCEPT' option network 'lan' ``` **7. Reiniciar el Router OpenWrt** Después de realizar los cambios, reinicia el router OpenWrt para aplicar la configuración: ``` reboot ``` **8. Probar la Configuración** Conecta un dispositivo a la red LAN o Wi-Fi del router OpenWrt y verifica si tiene acceso a Internet. * Prueba la conectividad con: ``` ping 8.8.8.8 ``` Espero que sirva de ayuda. Si tienes cualquier problema descríbemelo para aprender juntos.

@ e968e50b:db2a803a

Just leaving this summary picture up top as that's all I really want to share with this post...  I'm on a long journey of trying to heat every aspect of my life with bitcoin mining. I started just running s9 antminers in the garage, moved to using a number of Nano 3[^1] as extremely ineffective space heaters, but finally was generously given some beefcake miners for free last month. I'm going to shove those bad boys right into my HVAC's air return, so I experimented first with a single s9 while figuring out how to power the big ones.  However, I'm using an electrician who is a friend[^2] to put in the circuit and he's not as motivated as me. In the meantime, he had me drill these holes for the conduit, which was quite fun.      Now, I'm chomping at the bit to finish this and had a big passage to run some ethernet through in the meantime. ...so....I popped another s9 on the air return just to do SOMETHING.    Anywho, thought I'd share for other aspiring low-level [heat punks](https://www.tylerstevens.me/blog/a-heatpunks-manifesto/) like myself or anybody that wants to tell me I'm killing the resale value of my house by turning the HVAC into swiss cheese. [^1]: check out @siggy47's great post today on the next variant of that model [^2]: who was successfully orange pilled in this process, woot! originally posted at https://stacker.news/items/902849

@ 1c19eb1a:e22fb0bc

After my first major review of [Primal on Android](https://www.nostr-reviews.com/post/1733635103705/), we're going to go a very different direction for this next review. Primal is your standard "Twitter clone" type of kind 1 note client, now branching into long-form. They also have a team of developers working on making it one of the best clients to fill that use-case. By contrast, this review will not be focusing on any client at all. Not even an "other stuff" client. Instead, we will be reviewing a very useful tool created and maintained by nostr:npub1w4uswmv6lu9yel005l3qgheysmr7tk9uvwluddznju3nuxalevvs2d0jr5 called #Amber. For those unfamiliar with Amber, it is an #Android application dedicated to managing your signing keys, and allowing you to log into various #Nostr applications without having to paste in your private key, better known as your #nsec. It is not recommended to paste your nsec into various applications because they each represent another means by which it could be compromised, and anyone who has your nsec can post as you. On Nostr, your #npub is your identity, and your signature using your private key is considered absolute proof that any given note, reaction, follow update, or profile change was authorized by the rightful owner of that identity. It happens less often these days, but early on, when the only way to try out a new client was by inputting your nsec, users had their nsec compromised from time to time, or they would suspect that their key may have been compromised. When this occurs, there is no way to recover your account, or set a new private key, deprecating the previous one. The only thing you can do is start over from scratch, letting everyone know that your key has been compromised and to follow you on your new npub. If you use Amber to log into other Nostr apps, you significantly reduce the likelihood that your private key will be compromised, because only one application has access to it, and all other applications reach out to Amber to sign any events. This isn't quite as secure as storing your private key on a separate device that isn't connected to the internet whatsoever, like many of us have grown accustomed to with securing our #Bitcoin, but then again, an online persona isn't nearly as important to secure for most of us as our entire life savings. Amber is the first application of its kind for managing your Nostr keys on a mobile device. nostr:npub1w4uswmv6lu9yel005l3qgheysmr7tk9uvwluddznju3nuxalevvs2d0jr5 didn't merely develop the application, but literally created the specification for accomplishing external signing on Android which can be found in [NIP-55](https://github.com/nostr-protocol/nips/blob/master/55.md). Unfortunately, Amber is only available for Android. A signer application for iOS is in the works from nostr:npub1yaul8k059377u9lsu67de7y637w4jtgeuwcmh5n7788l6xnlnrgs3tvjmf, but is not ready for use at this time. There is also a new mobile signer app for Android and iOS called Nowser, but I have not yet had a chance to try this app out. From a cursory look at the Android version, it is indeed in the very early stages of development and cannot be compared with Amber. This review of Amber is current as of version 3.2.5.  ## Overall Impression Score: **4.5** / 5 I cannot speak highly enough about Amber as a tool that every Nostr user on Android should start using if they are not already. When the day comes that we have more options for well-developed signer apps on mobile, my opinion may very well change, but until then Amber is what we have available to us. Even so, it is an incredibly well thought-out and reliable tool for securing your nsec. Despite being the only well-established Android signer available for Android, Amber ***can*** be compared with other external signing methods available on other platforms. Even with more competition in this arena, though, Amber still holds up incredibly well. If you are signing into web applications on a desktop, I still would recommend using a browser extension like #Alby or #Nos2x, as the experience is usually faster, more seamless, and far more web apps support this signing method ([NIP-07](https://github.com/nostr-protocol/nips/blob/master/07.md)) than currently support the two methods employed by Amber. Nevertheless that gap is definitely narrowing. A running list I created of applications that support login and signing with Amber can be found here: [Nostr Clients with External Signer Support](nostr:naddr1qvzqqqrcvgpzpde8f55w86vrhaeqmd955y4rraw8aunzxgxstsj7eyzgntyev2xtqydhwumn8ghj7un9d3shjtnzwf5kw6r5vfhkcapwdejhgtcpr4mhxue69uhkg6ttv95k7ue3x5cnwtnwdaehgu339e3k7mf0qq4xummnw3ez6cmvd9jkuarn94mkjarg94jhsar9wfhxzmpdwd5kwmn9wgkhxatswphhyaqrcy76t) I have run into relatively few bugs in my extensive use of Amber for all of my mobile signing needs. Occasionally the application crashes when trying to send it a signing request from a couple of applications, but I would not be surprised if this is no fault of Amber at all, and rather the fault of those specific apps, since it works flawlessly with the vast majority of apps that support either [NIP-55](https://github.com/nostr-protocol/nips/blob/master/55.md) or [NIP-46](https://github.com/nostr-protocol/nips/blob/master/46.md) login. I also believe that mobile is the ideal platform to use for this type of application. First, because most people use Nostr clients on their phone more than on a desktop. There are, of course, exceptions to that, but in general we spend more time on our phones when interacting online. New users are also more likely to be introduced to Nostr by a friend having them download a Nostr client on their phone than on a PC, and that can be a prime opportunity to introduce the new user to protecting their private key. Finally, I agree with the following assessment from nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn. nostr:nevent1qqsw0r6gzn05xg67h5q2xkplwsuzedjxw9lf7ntrxjl8ajm350fcyugprfmhxue69uhhyetvv9ujumn0wd68yurvv438xtnrdaksyg9hyaxj3clfswlhyrd5kjsj5v04clhjvgeq6pwztmysfzdvn93gev7awu9v The one downside to Amber is that it will be quite foreign for new users. That is partially unavoidable with Nostr, since folks are not accustomed to public/private key cryptography in general, let alone using a private key to log into websites or social media apps. However, the initial signup process is a bit cumbersome if Amber is being used as the means of initially generating a key pair. I think some of this could be foregone at start-up in favor of streamlining onboarding, and then encourage the user to back-up their private key at a later time. ## Features Amber has some features that may surprise you, outside of just storing your private key and signing requests from your favorite Nostr clients. It is a full key management application, supporting multiple accounts, various backup methods, and even the ability to authorize other users to access a Nostr profile you control. ### Android Signing This is the signing method where Amber really shines in both speed and ease of use. Any Android application that supports this standard, and even some progressive web-apps that can be installed to your Android's home-screen, can very quickly and seamlessly connect with Amber to authorize anything that you need signed with your nsec. All you have to do is select "Login with Amber" in clients like #Amethyst or #0xChat and the app will reach out to Amber for all signing requests from there on out. If you had previously signed into the app with your nsec, you will first need to log out, then choose the option to use Amber when you log back in.  This is a massive deal, because everything you do on Nostr requires a signature from your private key. Log in? Needs a signature. Post a "GM" note? Needs a signature. Follow someone who zapped your note? Needs a signature. Zap them back? You guessed it; needs a signature. When you paste your private key into an application, it will automatically sign a lot of these actions without you ever being asked for approval, but you will quickly realize just how many things the client is doing on your behalf when Amber is asking you to approve them each time. Now, this can also get quite annoying after a while. I recommend using the setting that allows Amber to automatically sign for basic functions, which will cut down on some of the authorization spam. Once you have been asked to authorize the same type of action a few times, you can also toggle the option to automatically authorize that action in the future. Don't worry, though, you have full control to require Amber to ask you for permission again if you want to be alerted each time, and this toggle is specific to each application, so it's not a blanket approval for all Nostr clients you connect with.  This method of signing is just as fast as signing via browser extension on web clients, which users may be more accustomed to. Everything is happening locally on the device, so it can be very snappy and secure. ### Nostr Connect/Bunker Signing This next method of signing has a bit of a delay, because it is using a Nostr relay to send encrypted information back and forth between the app the user is interacting with and Amber to obtain signatures remotely. It isn't a significant delay most of the time, but it is just enough to be noticeable. Also, unlike the previous signing method that would automatically switch to Amber as the active application when a signing request is sent, this method only sends you a notification that you must be watching for. This can lead to situations where you are wondering why something isn't working in a client you signed into remotely, because it is waiting on you to authorize the action and you didn't notice the notification from Amber. As you use the application, you get used to the need to check for such authorization requests from time to time, or when something isn't working as expected.  By default, Amber will use relay.nsec.app to communicate with whichever Nostr app you are connecting to. You can set a different relay for this purpose, if you like, though not just any relay will support the event kinds that Amber uses for remote signing. You can even run your own relay just for your own signing purposes. In fact, the creator of Amber has a relay application you can run on your phone, called Citrine, that can be used for signing with any web app you are using locally on your phone. This is definitely more of an advanced option, but it is there for you if you want it. For most users, sticking with relay.nsec.app will be just fine, especially since the contents of the events sent back and forth for signing are all encrypted. Something many users may not realize is that this remote signing feature allows for issuing signing permissions to team members. For instance, if anyone ever joined me in writing reviews, I could issue them a connection string from Amber, and limit their permissions to just posting long-form draft events. Anything else they tried to do would require my explicit approval each time. Moreover, I could revoke those permissions if I ever felt they were being abused, without the need to start over with a whole new npub. Of course, this requires that your phone is online whenever a team member is trying to sign using the connection string you issued, and it requires you pay attention to your notifications so you can approve or reject requests you have not set to auto-approve. However, this is probably only useful for small teams, and larger businesses will want to find a more robust solution for managing access to their npub, such as Keycast from nostr:npub1zuuajd7u3sx8xu92yav9jwxpr839cs0kc3q6t56vd5u9q033xmhsk6c2uc. The method for establishing a connection between Amber and a Nostr app for remote signing can vary for each app. Most, at minimum, will support obtaining a connection string from Amber that starts with "bunker://" and pasting it in at the time of login. Then you just need to approve the connection request from Amber and the client will log you in and send any subsequent signing requests to Amber using the same connection string.  Some clients will also offer the option to scan a QR code to connect the client to Amber. This is quite convenient, but just remember that this also means the client is setting which relay will be used for communication between the two. Clients with this option will also have a connection string you can copy and paste into Amber to achieve the same purpose. For instance, you may need this option if you are trying to connect to an app on your phone and therefore can't scan the QR code using Amber on the same phone.  ### Multiple Accounts Amber does not lock you into using it with only a single set of keys. You can add all of your Nostr "accounts" to Amber and use it for signing events for each independently. Of course, Nostr doesn't actually have "accounts" in the traditional sense. Your identity is simply your key-pair, and Amber stores and accesses each private key as needed.  When first signing in using native Android signing as described above, Amber will default to whichever account was most recently selected, but you can switch to the account that is needed before approving the request. After initial login, Amber will automatically detect the account that the signing request is for. ### Key Backup & Restore Amber allows multiple ways to back up your private key. As most users would expect, you can get your standard nsec and copy/paste it to a password manager, but you can also obtain your private key as a list of mnemonic seed words, an encrypted version of your key called an ncryptsec, or even a QR code of your nsec or ncryptsec.  Additionally, in order to gain access to this information, Amber requires you to enter your device's PIN or use biometric authentication. This isn't cold-storage level protection for your private key by any means, especially since your phone is an internet connected device and does not store your key within a secure element, but it is about as secure as you can ask for while having your key accessible for signing Nostr events. ### Tor Support While Amber does not have Tor support within the app itself, it does support connecting to Tor through Orbot. This would be used with remote signing so that Amber would not connect directly over clearnet to the relay used for communication with the Nostr app requesting the signature. Instead, Amber would connect through Tor, so the relay would not see your IP address. This means you can utilize the remote signing option without compromising your anonymity.  ### Additional Security Amber allows the user the option to require either biometric or PIN authentication before approving signing requests. This can provide that extra bit of assurance that no one will be able to sign events using your private key if they happen to gain access to your phone. The PIN you set in Amber is also independent from the PIN to unlock your device, allowing for separation of access. ## Can My Grandma Use It? Score: **4.0** / 5 At the end of the day, Amber is a tool for those who have some concept of the importance of protecting their private key by not pasting it into every Nostr client that comes along. This concept in itself is not terribly approachable to an average person. They are used to just plugging their password into every service they use, and even worse, they usually have the ***same password*** for everything so they can more readily remember it. The idea that they should never enter their "Nostr password" into any Nostr application would never occur to them unless someone first explained how cryptography works related to public/private key pairs. That said, I think there can be some improvements made to how users are introduced to these concepts, and that a signer application like Amber might be ideal for the job. Considering Amber as a new user's first touchpoint with Nostr, I think it holds up well, but could be somewhat streamlined. Upon opening the app, the user is prompted to either use their existing private key or "Create a new Nostr account." This is straightforward enough. "Account" is not a technically correct term with Nostr, but it is a term that new users would be familiar with and understand the basic concept.  The next screen announces that the account is ready, and presents the user with their public key, explaining that it is "a sort of username" that will allow others to find them on Nostr. While it is good to explain this to the user, it is unnecessary information at this point. This screen also prompts the user to set a nickname and set a password to encrypt their private key. Since the backup options also allow the user to set this password, I think this step could be pushed to a later time. This screen would better serve the new user if it simply prompted them to set a nickname and short bio that could be saved to a few default relays.  Of course, Amber is currently prompting for a password to be set up-front because the next screen requires the new user to download a "backup kit" in order to continue. While I do believe it is a good idea to encourage the creation of a backup, it is not crucial to do so immediately upon creation of a new npub that has nothing at stake if the private key is lost. This is something the UI could remind the user to do at a later time, reducing the friction of profile creation, and expediting getting them into the action.  Outside of these minor onboarding friction points, I think Amber does a great job of explaining to the user the purpose of each of its features, all within the app and without any need to reference external documentation. As long as the user understands the basic concept that their private key is being stored by Amber in order to sign requests from other Nostr apps, so they don't have to be given the private key, Amber is very good about explaining the rest without getting too far into the technical weeds. The most glaring usability issue with Amber is that it isn't available in the Play Store. Average users expect to be able to find applications they can trust in their mobile device's default app store. There is a valid argument to be made that they are incorrect in this assumption, but that doesn't change the fact that this is the assumption most people make. They believe that applications in the Play Store are "safe" and that anything they can't install through the Play Store is suspect. The prompts that the Android operating system requires the user to approve when installing "unknown apps" certainly doesn't help with this impression. Now, I absolutely ***love*** the Zapstore from nostr:npub1wf4pufsucer5va8g9p0rj5dnhvfeh6d8w0g6eayaep5dhps6rsgs43dgh9, but it doesn't do much to alleviate this issue. Users will still need to be convinced that it is safe to install the Zapstore from the GitHub repo, and then install Amber from there. Furthermore, this adds yet another step to the onboarding process. Instead of: - Install Amber - Set up your keys - Install the client you want to use - Log in with Amber The process becomes: - Go to the Zapstore GitHub and download the latest version from the releases page. - Install the APK you downloaded, allowing any prompt to install unknown apps. - Open Zapstore and install Amber, allowing any prompt to install unknown apps again. - Open Amber and set up your keys. - Install the client you want to use - Log in with Amber An application as important as Amber for protecting users' private keys should be as readily available to the new user as possible. New users are the ones most prone to making mistakes that could compromise their private keys. Amber should be available to them in the Play Store. ## How do UI Look? Score: **4.5** / 5 Amber's UI can be described as clean but utilitarian. But then, Amber is a tool, so this is somewhat expected. It is not an app you will be spending a lot of time in, so the UI just needs to be serviceable. I would say it accomplishes this and then some. UI elements are generally easy to understand what they do, and page headings fill in the gaps where that is not the case.  I am not the biggest fan of the color-scheme, particularly in light-mode, but it is not bad in dark-mode at all, and Amber follows whatever theme you have set for your device in that respect. Additionally, the color choice does make sense given the application's name.  It must also be taken into consideration that Amber is almost entirely the product of a single developer's work. He has done a great job producing an app that is not only useful, but pleasant to interact with. The same cannot be said for most utility apps I have previously used, with interfaces that clearly made good design the lowest priority. While Amber's UI may not be the most beautiful Nostr app I have seen, design was clearly not an afterthought, either, and it is appreciated. ## Relay Management Score: **4.9** / 5 Even though Amber is not a Nostr client, where users can browse notes from their favorite npubs, it still relies heavily on relays for some of its features. Primarily, it uses relays for communicating with other Nostr apps for remote signing requests. However, it also uses relays to fetch profile data, so that each private key you add to Amber will automatically load your chosen username and profile picture. In the relay settings, users can choose which relays are being used to fetch profile data, and which relays will be used by default when creating new remote signing connection strings.  The user can also see which relays are currently connected to Amber and even look at the information that has been passed back and forth on each of those active relays. This information about actively connected relays is not only available within the application, but also in the notification that Amber has to keep in your device's notification tray in order to continue to operate in the background while you are using other apps.  Optionality is the name of the game when it comes to how Amber handles relay selection. The user can just stick with the default signing relay, use their own relay as the default, or even use a different relay for each Nostr application that they connect to for remote signing. Amber gives the user an incredible amount of flexibility in this regard. In addition to all of this, because not all relays accept the event types needed for remote signing, when you add a relay address to Amber, it automatically tests that relay to see if it will work. This alone can be a massive time saver, so users aren't trying to use relays that don't support remote signing and wondering why they can't log into noStrudel with the connection string they got from Amber.  The only way I could see relay management being improved would be some means of giving the user relay recommendations, in case they want to use a relay other than relay.nsec.app, but they aren't sure which other relays will accept remote signing events. That said, most users who want to use a different relay for signing remote events will likely be using their own, in which case recommendations aren't needed. ## Current Users' Questions The AskNostr hashtag can be a good indication of the pain points that other users are currently having with any Nostr application. Here are some of the most common questions submitted about Amber in the last two months. nostr:nevent1qqsfrdr68fafgcvl8dgnhm9hxpsjxuks78afxhu8yewhtyf3d7mkg9gpzemhxue69uhhyetvv9ujumn0wd68ytnzv9hxgq3qkgh77xxt7hhtt4u528hecnx69rhagla8jj3tclgyf9wvkxa6dc0sxp0e6m This is a good example of Amber working correctly, but the app the user is trying to log into not working. In my experience with #Olas in particular, it sometimes allows remote signer login, and sometimes doesn't. Amber will receive the signing request and I will approve it, but Olas remains on the login screen. If Amber is receiving the signing requests, and you are approving them, the fault is likely with the application you are trying to log into. That's it. That's all the repeated questions I could find. Oh, there were a few one-off questions where relay.nsec.app wouldn't connect, or where the user's out-of-date web browser was the issue. Outside of that, though, there were no common questions about ***how*** to use Amber, and that is a testament to Amber's ease of use all on its own. ## Wrap Up If you are on Android and you are not already using Amber to protect your nsec, please do yourself a favor and get it installed. It's not at all complicated to set up, and it will make trying out all the latest Nostr clients a safe and pleasant experience. If you are a client developer and you have not added support for NIP-55 or NIP-46, do your users the courtesy of respecting the sanctity of their private keys. Even developers who have no intention of compromising their users' keys can inadvertently do so. Make that eventuality impossible by adding support for NIP-55 and NIP-46 signing. Finally, I apologize for the extended time it took me to get this review finished. The time I have available is scarce, Nostr is distracting, and nostr:npub1w4uswmv6lu9yel005l3qgheysmr7tk9uvwluddznju3nuxalevvs2d0jr5 kept improving Amber even as I was putting it through its paces over the last two months. Keep shipping, my friend! You have made one of the most useful tools we have seen for Nostr to date! Now... What should I review next?

@ 6e0ea5d6:0327f353

Ascolta bene! Allow me to sit by your side, amico mio, and—just like a son—I will tell you a harsh truth: no matter the circumstances, the blame lies with you for everything that happens within your realm of responsibility. Your family, your business, your ventures—whatever it may be—it doesn’t matter if it was by action or omission, if something went wrong, take the blame and resolve it however you need to! Men like us, who live in hard battles, do not have the luxury of handing over the burdens of our responsibilities to others! We live in a time where everyone is encouraged to place the blame for their failures on others or on abstractions. To hell with all that nonsense, damn it! Never feel comfortable or relieved when you hear stories of people who have made the same mistakes or have the same flaws as you. Knowing that others have failed in the same goals should only serve as a simple acknowledgment that nothing is easy. However, don’t allow yourself to lessen your effort or blame when you see others’ difficulties. On the other hand, don’t deceive yourself into trying to become a productivity machine. Learn to be rational, but always strive for the best from yourself, without pushing your limits beyond what your mind and body can endure. Thank you for reading, my friend! If this message resonated with you, consider leaving your "🥃" as a token of appreciation. A toast to our family!