Let’s Encrypt is a free and open Certificate Authority that offers SSL/TLS certificates to secure web traffic. In addition to standard domain validation, Let’s Encrypt also supports wildcard domain validation, which allows you to secure all subdomains of a domain with a single certificate. In this tutorial, we’ll walk through the steps of obtaining a wildcard domain DNS TLS certificate from Let’s Encrypt.
Step 1: Prerequisites Before we start, make sure you have the following prerequisites installed on your system:
NIP-39 External Identities in Profiles draft optional author:pseudozach author:Semisol
Abstract Nostr protocol users may have other online identities such as usernames, profile pages, keypairs etc. they control and they may want to include this data in their profile metadata so clients can parse, validate and display this information.
i tag on a metadata event A new optional i tag is introduced for kind 0 metadata event contents in addition to name, about, picture fields as included in NIP-01 :
NIP-51 Lists draft optional author:fiatjaf author:arcbtc author:monlovesmango author:eskema depends:33
A “list” event is defined as having a list of public and/or private tags. Public tags will be listed in the event tags. Private tags will be encrypted in the event content. Encryption for private tags will use NIP-04 - Encrypted Direct Message encryption, using the list author’s private and public key for the shared secret. A distinct event kind should be used for each list type created.
Application preparation for account First open Google sign in page, log in to your Google account, then go to Google Cloud Platform and create a new Google Cloud Project (if required).
Open the application form while staying logged in, fill it out and wait for Google to send you an email.
Get a Google Cloud Project ID Open https://console.cloud.google.com/apis/dashboard ,
click on your project name in the top left corner, and you will see your Project ID in the pop-up list.
NIP-78 Arbitrary custom app data draft optional author:sandwich author:fiatjaf
The goal of this NIP is to enable remoteStorage -like capabilities for custom applications that do not care about interoperability.
Even though interoperability is great, some apps do not want or do not need interoperability, and it that wouldn’t make sense for them. Yet Nostr can still serve as a generalized data storage for these apps in a “bring your own database” way, for example: a user would open an app and somehow input their preferred relay for storage, which would then enable these apps to store application-specific data there.
NIP-58 Badges draft optional author:cameri
Three special events are used to define, award and display badges in user profiles:
A “Badge Definition” event is defined as a parameterized replaceable event with kind 30009 having a d tag with a value that uniquely identifies the badge (e.g. bravery) published by the badge issuer. Badge definitions can be updated.
A “Badge Award” event is a kind 8 event with a single a tag referencing a “Define Badge” event and one or more p tags, one for each pubkey the badge issuer wishes to award.
NIP-46 Nostr Connect draft optional author:tiero author:giowe author:vforvalerio87
Rationale Private keys should be exposed to as few systems - apps, operating systems, devices - as possible as each system adds to the attack surface.
Entering private keys can also be annoying and requires exposing them to even more systems such as the operating system’s clipboard that might be monitored by malicious apps.
Terms App: Nostr app on any platform that requires to act on behalf of a nostr account.
NIP-57 Lightning Zaps draft optional author:jb55 author:kieran
This NIP defines a new note type called a lightning zap of kind 9735. These represent paid lightning invoice receipts sent by a lightning node called the zapper. We also define another note type of kind 9734 which are zap request notes, which will be described in this document.
Having lightning receipts on nostr allows clients to display lightning payments from entities on the network.
NIP-56 Reporting draft optional author:jb55
A report is a kind 1984 note that is used to report other notes for spam, illegal and explicit content.
The content MAY contain additional information submitted by the entity reporting the content.
Tags The report event MUST include a p tag referencing the pubkey of the user you are reporting.
If reporting a note, an e tag MUST also be included referencing the note id.
OpenSSL is an open-source software library that provides secure communications over computer networks and is widely used for implementing encryption and decryption for various purposes. In this tutorial, you will learn how to encrypt and decrypt files using OpenSSL on the command line.
Step 1: Install OpenSSL OpenSSL is typically installed on most Unix-based systems, including Linux and macOS. To verify if OpenSSL is installed on your system, run the following command in the terminal:
NIP-23 Long-form Content draft optional author:fiatjaf
This NIP defines kind:30023 (a parameterized replaceable event according to NIP-33 ) for long-form text content, generally referred to as “articles” or “blog posts”.
“Social” clients that deal primarily with kind:1 notes should not be expected to implement this NIP.
Format The .content of these events should be a string text in Markdown syntax.
Metadata For the date of the last update the .created_at field should be used, for “tags”/“hashtags” (i.
NIP-65 Relay List Metadata draft optional author:mikedilger
A special replaceable event meaning “Relay List Metadata” is defined as an event with kind 10002 having a list of r tags, one for each relay the author uses to either read or write to.
The primary purpose of this relay list is to advertise to others, not for configuring one’s client.
The content is not used and SHOULD be an empty string.
7zip is a popular open-source file archiving software that supports a wide range of compression formats, including its own .7z format. It also offers strong encryption features, which can be accessed via the command line. In this tutorial, you will learn how to encrypt not only the contents of a file but also the file names using 7zip from the command line.
Step 1: Download and Install 7zip To use 7zip from the command line, you first need to download and install the software.
In today’s digital world, privacy and security are more important than ever. As the amount of sensitive information being stored and transmitted electronically continues to grow, it’s essential to have tools that can protect this information from being intercepted and misused. One such tool is GPG, an encryption program that has been at the forefront of secure communication for over 25 years. In this article, we’ll take a look at the history of GPG, from its early days as PGP to its current form as GnuPG.
Introduction Jailbreaking an iOS device involves removing the restrictions imposed by Apple and gaining root access to the underlying operating system. While jailbreaking can provide users with more freedom and customization options, it also comes with significant security risks. In this article, we will discuss the security implications of jailbreaking an iOS device and provide some recommendations for keeping your device secure.
Jailbreaking iOS Device Risks One of the main security risks associated with jailbreaking is that it exposes the device to malware and other malicious software.
In today’s digital age, the internet has become an integral part of our lives. From online shopping and banking to social media and messaging, we rely on the internet for almost every aspect of our personal and professional lives. With this increased reliance on the internet comes the need for better protection of our sensitive information. This is where end-to-end encryption comes in.
End-to-end encryption (E2EE) is a method of secure communication that protects the privacy of the message being sent.
In January 2021, a massive data leak of Twitter user information was discovered. The leak affected over 330 million Twitter users, and included sensitive information such as email addresses, phone numbers, and locations. The source of the leak was a hacker group that claimed to have gained access to Twitter’s internal systems.
The Twitter data leak is a stark reminder of the vulnerability of personal information in the digital age. With the increasing use of social media and other online platforms, our personal data is being stored in vast quantities by companies and organizations.
In recent years, Facebook has been at the center of several high-profile data breaches, which have resulted in the personal information of millions of users being exposed. These breaches have raised serious concerns about the security of personal information in the digital age and the potential dangers of sharing sensitive data on social media.
The most notable of these breaches was the Cambridge Analytica scandal in 2018, where the personal data of 87 million Facebook users was harvested and used for political advertising purposes.
In recent years, there have been several high-profile data breaches involving Google, one of the largest tech companies in the world. These breaches have raised serious concerns about the security of personal information and the potential dangers of using online services.
One of the most notable data breaches involving Google was the exposure of personal data of hundreds of thousands of Google+ users in 2018. The breach was caused by a software vulnerability, which allowed third-party developers to access sensitive information such as name, email address, occupation, and gender.
Cryptocurrency has taken the world by storm and Bitcoin is one of the most widely used virtual currencies. Despite its growing popularity, Bitcoin and other cryptocurrencies have faced several data breaches, which have raised concerns about the security of digital currencies. In this article, we’ll take a look at some of the most significant Bitcoin data breaches and the impact they have had on the cryptocurrency market.
Mt. Gox Mt. Gox was one of the largest Bitcoin exchanges in the world, handling over 70% of all Bitcoin transactions at its peak.
NIP-21 nostr: URL scheme draft optional author:fiatjaf
This NIP standardizes the usage of a common URL scheme for maximum interoperability and openness in the network.
The scheme is nostr:.
The identifiers that come after are expected to be the same as those defined in NIP-19 (except nsec).
Examples nostr:npub1sn0wdenkukak0d9dfczzeacvhkrgz92ak56egt7vdgzn8pv2wfqqhrjdv9 nostr:nprofile1qqsrhuxx8l9ex335q7he0f09aej04zpazpl0ne2cgukyawd24mayt8gpp4mhxue69uhhytnc9e3k7mgpz4mhxue69uhkg6nzv9ejuumpv34kytnrdaksjlyr9p nostr:note1fntxtkcy9pjwucqwa9mddn7v03wwwsu9j330jj350nvhpky2tuaspk6nqc nostr:nevent1qqstna2yrezu5wghjvswqqculvvwxsrcvu7uc0f78gan4xqhvz49d9spr3mhxue69uhkummnw3ez6un9d3shjtn4de6x2argwghx6egpr4mhxue69uhkummnw3ez6ur4vgh8wetvd3hhyer9wghxuet5nxnepm Source: nostr-protocol/nips/21.md version: 45649d7 2023-01-24T10:23:00-03:00
In 2013, Yahoo experienced one of the largest data breaches in history, resulting in the personal information of over 3 billion users being exposed. This breach was a major wake-up call for users about the dangers of sharing personal information online and the importance of online privacy.
The Yahoo data breach was caused by a state-sponsored hacker who gained access to the company’s systems and stole sensitive information such as names, email addresses, phone numbers, dates of birth, and security questions and answers.
In the world of technology, data breaches are becoming more and more common. From large corporations to small businesses, no one is safe from the prying eyes of cybercriminals. In this article, we’ll take a wild ride through some of the most famous data breaches of all time and see just how much information was stolen. Buckle up and let’s get started!
Yahoo (2013) - This massive breach affected all 3 billion of Yahoo’s user accounts.
OpenSSL and BoringSSL are two of the most widely used cryptography libraries in the world, both providing essential encryption and secure communication services to millions of websites, applications, and devices. While both libraries are widely trusted, they differ in important ways when it comes to security and performance. In this article, we’ll take a closer look at the two libraries and compare them in terms of vulnerabilities, performance, and source code.
OpenSSL is a widely used open-source cryptography library that provides secure communication for many websites and applications. Despite its widespread use, OpenSSL has suffered from a number of critical vulnerabilities over the years, exposing sensitive information and putting the security of millions of users at risk. In this article, we’ll take a look at some of the most famous OpenSSL vulnerabilities.
Heartbleed (2014) - One of the most famous OpenSSL vulnerabilities of all time, Heartbleed allowed attackers to steal sensitive information, including passwords and encryption keys, from memory.
BoringSSL is a fork of OpenSSL, created by Google, that aims to provide a more secure and performant cryptography library. Despite its focus on security, BoringSSL has suffered from a number of critical vulnerabilities over the years, exposing sensitive information and putting the security of millions of users at risk. In this article, we’ll take a look at some of the most famous BoringSSL vulnerabilities.
Cloudbleed (2017) - This vulnerability allowed attackers to steal sensitive information, such as passwords and encryption keys, from memory.
WhatsApp is a popular cross-platform instant messaging app that has over two billion monthly active users. It is known for its end-to-end encryption, which promises to protect the privacy of users' messages and calls. However, the security of WhatsApp has been called into question after several data breaches have been reported in recent years.
One of the most significant data breaches involving WhatsApp occurred in May 2019, when it was revealed that spyware was used to infiltrate the phones of human rights activists and journalists.
NIP-50 Search Capability draft optional author:brugeman author:mikedilger author:fiatjaf
Abstract Many Nostr use cases require some form of general search feature, in addition to structured queries by tags or ids. Specifics of the search algorithms will differ between event kinds, this NIP only describes a general extensible framework for performing such queries.
search filter field A new search field is introduced for REQ messages from clients:
{ ... "search": <string> } search field is a string describing a query in a human-readable form, i.
Apple is known for its strong commitment to privacy and security, with the company often highlighting these features as a selling point for its products. Despite this reputation, there have been several high-profile data breaches involving Apple over the years. In this article, we’ll take a look at some of the most well-known data breaches affecting Apple, what information was leaked, and what you can do to protect your privacy.
NIP-33 Parameterized Replaceable Events draft optional author:Semisol author:Kukks author:Cameri author:Giszmo
This NIP adds a new event range that allows for replacement of events that have the same d tag and kind unlike NIP-16 which only replaced by kind.
Implementation The value of a tag is defined as the first parameter of a tag after the tag name.
A parameterized replaceable event is defined as an event with a kind 30000 <= n < 40000.