Comment by globalnode
3 days ago
i admit i havent looked at the app, but i assume is centrally run.
firstly: i think the only way secure p2p messaging can work is if its decentralised. no 3rd parties to communication, how this would be done i have no idea. maybe like email but without the server?
secondly: you'd need to ensure a secure os on each end that you can trust to not take screenshots and send to hq before transmission or after reception.
since its not possible to use the internet without a source ip. its almost provably insecure (in terms of privacy), no matter what protocols are dreamed up. a 3rd party will have to be trusted to distribute packets. and thats the weak point. (unless you force the source IP to be 0.0.0.0 or something before it goes out)
couldnt we just use dns to point to recipients, force zero the source ip and send udp packets directly?
what about pgp through a tor relay?
As I understand it, it's just a nostr client, so it uses nostr's decentralized network of relays.
> i admit i havent looked at the app, but i assume is centrally run.
I don't mean to be rude, but why comment then? Your core premise was incorrect, which could have been resolved within 5 seconds of reading the headings on the page linked.
It's not centrally run, that's the whole point.
This is decentralised as it runs on Nostr.
Nostr can run over TOR.