HackerTrans
TopNewTrendsCommentsPastAskShowJobs

scsibug

no profile record

comments

scsibug
·năm ngoái·discuss
It is extremely disingenuous to suggest a public PoC was not available. It was part of the patch as a test case, and GPT/Cursor merely consumed it and rewrote it to Python. There is even a screenshot that points it out as a "smoking gun".

The patch for the vulnerable code itself contained an extremely clear description of what is going on. Even without the test case, there was zero effort made to hide anything, so the vuln, commented explanation, and PoC were all handed in-context on a silver platter.
scsibug
·3 năm trước·discuss
Practically all relays will store your data if they are going to act as a relay for you at all. Very few things on Nostr work with ephemeral events alone.
scsibug
·3 năm trước·discuss
It is a tool for communication. We can build a twitter clone on it, a chess match server, IoT messaging, etc. Nostr-the-protocol is a proper tool. Agreed that the social aspects built on top of it should be built with human wellbeing in mind - not ad revenue.

Hopefully having the nostr protocol in place lets people iterate faster to build good social technology, and accelerates moving past the ad/engagement focused platforms we live with today.
scsibug
·3 năm trước·discuss
Lightning already exists; so it is nice that a simple protocol can integrate with it. I view them as complementary - it is good that Nostr does not need crypto, but it is still cool that they can harmonize without changing the core protocol.

It does solve a fundamental incentive problem of "who runs big relays".
scsibug
·3 năm trước·discuss
Nice (blog author here); just heard this showed up on the frontpage from someone on Nostr.

If I was writing an update to this, I'd probably point out how much better the clients (especially mobile) have gotten, in such a short span of time. As well as how lightning integration (zaps) are letting us build new capabilities (instead of just cloning twitter) that don't exist anywhere else.
scsibug
·3 năm trước·discuss
Another good tip; when randomly generating passwords (especially for other users), filter out anything starting with a tilde to prevent strange behavior.