Damus
Open in Damus
mike profile picture
mike
@mike

Unregulated crypto anarchist.
Chief Shitpost Officer - NOSTR Inc.
Foreign Correspondent - bridging legacy social media
Email, NIP-05, LN address: [email protected]

Run 3 imperfect Bitcoin + Lightning nodes.
BitAxe Miner - former S19 miner
Novice Author

Businessman - Electronics
Entrepreneur - Data centres
Investor - Technology

Foodie & Cook
Food Producer

My articles : https://habla.news/u/[email protected]
My public relay: https://nortis.nostr1.com/
My photos: https://mike.npub.pro/
My book: https://www.amazon.co.uk/dp/B0CLJP6R3F/

nprofile1qqswswmx4rkj6d7q05dtafhpkqq2z42fc62s37jvtp642m2jkpfxc2cpzamhxue69uhkv6tvw3jhytnwdaehgu3wwa5kuegpz4mhxue69uhks6tnwshxummnw3ezumrpdejqpuwr42npub
[email protected]nip05
https://mikehardcastle.comwebsite
[email protected]lnurl
Relays (4)
  • wss://hist.nostr.land โ€“ read & write
  • wss://nortis.nostr1.com โ€“ read & write
  • wss://relay.damus.io โ€“ read & write
  • wss://filter.nostr.wine โ€“ read & write

Recent Notes

mike profile picture
A central issued certificate is using trusted private keys from an organisation like:
https://letsencrypt.org/

A self signed certificate is like your NOSTR set of keys, completely secure encryption, but you're trusting an unknown signer.
N.B. On NOSTR, you are using your keys to sign your posts. But nobody knows who you are on a website SSL certificate.

As for DNS, apart from the idea of using DNS servers NOT supplied (and therefore monitored) by your ISP. There are two security layers available:

1. Encrypted DNS, just under 50% of DNS traffic is encrypted

2. DNSSEC, or signed DNS, meaning the information provided has been signed by the DNS authority to be valid, meaning it can't be spoofed by a man in the middle attack.
This has a very low adoption rate, as you can see below at less than 5%, as reported by my NextDNS control panel.


mike profile picture
He's still working and flying out of Heathrow, I don't think Paraguay is an option ๐Ÿ˜‚
mike profile picture
Normally browsers only warn if a site doesn't employ HTTPS.

Most browsers, however, actively block access if the site has an expired or self signed certificate.

You can normally bypass this on the advanced tab shown on the browsers window.

It is common for self hosted sites to use self signed certificates.
mike profile picture
As a driver, it's better to understand the mechanics of how an engine works than not. But if you don't it doesn't really matter.
mike profile picture
This is report-ably happening:

By my position, do you mean leaving the UK?
If so, then yes, I'm still planning to leave, but the panic is abated by the non arrival of the rumoured exit tax in last Octobers budget.

Funnily enough my Brother-in-Law is, a Captain for British Airways, is leaving the UK. He has a Spanish wife, so they are moving to Spain. He is doing it in part to reduce his tax burden, but I did a tax analysis for him and explained that while the headline of 24% income tax for "Beckham" ex-pats is appealing, the overall tax of Spain will make his financial position worse.

He's not happy with me right now, I don't think I'll get F&F upgrades on my future BA flights for a while ๐Ÿ˜‚

@nevent1qvz...
mike profile picture
Also, this AI summary of TLS / SSL usage is broadly true, meaning that even on regular Internet traffic only meta data is analysable: