reply on: SN release: hash emails, detail on nym hover, CLN over tor, bottom nav, and more \ stacker news ~meta

pull down to refresh

10 sats \ 6 replies \ @kepford 6 May \ on: SN release: hash emails, detail on nym hover, CLN over tor, bottom nav, and more meta

Here's an idea. Every web site should hash not only passwords but also email addresses....

This seems like an obvious move with our daily reports of data breaches. The best way to secure data is to not have it. The second best is to hash it.

105 sats \ 5 replies \ @k00b OP 6 May

I know. I had been thinking about doing this since the beginning of SN. There's really no reason not to other than not being able to contact people non-transactionally.

0 sats \ 4 replies \ @kepford 6 May

I should have added the tradeoffs. Honestly, it hadn't occurred to me before reading your post...

But it seems obvious now. Many of us use junk email addresses or email aliasing services but man if this became more standardized as a practice it could do a LOT of info security of the masses.

I haven't thought through the tradeoffs but one that jumps to mind are email marketing services.

225 sats \ 3 replies \ @k00b OP 6 May

The biggest downside for customers is not getting important updates/info because the site has no way of contacting you out of band.

The biggest downside for companies is the above + marketing.

I ran into this with https://gitern.com/ ... we used ssh pubkeys for login so I couldn't contact the customers! It sucked when I wanted to get feedback ... but it was also part of the appeal.

334 sats \ 2 replies \ @kepford 6 May

If there were only a pub key encrypted form of communication we could use to replace email comms.

I know Nostr isn't ready to fill this role but email really is a weakness in this whole digital world we've created.

10 sats \ 1 reply \ @kepford 6 May

I'd love to hear people smarter than me talk about the tradeoffs of using public key encryption as a replacement for email. But I wonder if we end up in the same spot with a pile of pubkeys instead of email addresses...

55 sats \ 0 replies \ @k00b OP 6 May

With something like nostr, native contact lists might make it a little more manageable relative to email. With email there’s also the assumption that it’s a private inbox, which you can’t assume with nostr because you blast your pubkey everywhere.