What is Nostr?
SimplifiedPrivacy.com
npub14sl…t5d6
2024-06-16 03:04:44
in reply to nevent1q…ttrp

SimplifiedPrivacy.com on Nostr: If you're looking for a fancy academic whitepaper, here is one example: An Analysis ...

If you're looking for a fancy academic whitepaper, here is one example:

An Analysis of the ProtonMail
Cryptographic Architecture
Nadim Kobeissi
September 6, 2021
https://eprint.iacr.org/2018/1121.pdf

and the part me & you are talking about is:
Pg 7 of 14.
Section 4.1.1

If you're looking for me to say it to you in raw shit, here it is:

When you use Nostr you have the private key on your device, browser extension or client.

When you use Protonmail, their web app is unlocking/signing/or generating for you the private key stored via encryption on their server. So there are many ways they can screw with you. Including SOME:

a) serving you bogus code to phish the password
b) telling you the other proton guy's public PGP key is something else
c) brute forcing you, they have unlimited attempts with no time lock. And your password is weaker than a PGP Key.
d) messing with you during registration to begin with
Author Public Key
npub14slk4lshtylkrqg9z0dvng09gn58h88frvnax7uga3v0h25szj4qzjt5d6