XSF logo XSF Discussion - 2017-02-27


  1. Mancho has left
  2. jere has joined
  3. kaboom has left
  4. Zash has joined
  5. blipp has left
  6. blipp has joined
  7. efrit has joined
  8. Mancho has joined
  9. Mancho has left
  10. Tobias has left
  11. Tobias has joined
  12. jere has left
  13. jere has joined
  14. nicolas.verite has left
  15. Zash has left
  16. vurpo has left
  17. vurpo has joined
  18. Yagiza has joined
  19. uc has joined
  20. uc has left
  21. uc has joined
  22. jere has joined
  23. uc has left
  24. uc has joined
  25. uc has left
  26. vurpo has left
  27. uc has joined
  28. vurpo has joined
  29. uc has left
  30. uc has joined
  31. uc has left
  32. uc has joined
  33. Mancho has joined
  34. Tobias has left
  35. Tobias has joined
  36. vurpo has left
  37. vurpo has joined
  38. Guus has left
  39. vurpo has left
  40. vurpo has joined
  41. SamWhited has left
  42. Guus has left
  43. Guus has left
  44. Guus has left
  45. Zash has joined
  46. Guus has left
  47. jonasw will there be anything interesting going on XSF-wise on the Chemitzer Linux Tage?
  48. Guus has left
  49. jonasw has left
  50. Zash has left
  51. Valerian has joined
  52. Guus has left
  53. Tobias has joined
  54. xnyhps has left
  55. efrit has joined
  56. xnyhps has left
  57. goffi has joined
  58. waqas has left
  59. bra has left
  60. Valerian has left
  61. xnyhps has left
  62. xnyhps has left
  63. Guus has left
  64. efrit has joined
  65. nicolas.verite has joined
  66. suzyo has joined
  67. uc has left
  68. uc has joined
  69. Guus has left
  70. Guus has joined
  71. vurpo has left
  72. vurpo has joined
  73. moparisthebest has left
  74. moparisthebest has joined
  75. Ge0rG Oh, it's that time again. I don't think there are any plans, but I'm going there
  76. Tobias has joined
  77. jonasw I’ll be there too, I think. Not sure which day(s) yet, gotta check the schedule of the event and my own :)
  78. vurpo has left
  79. vurpo has joined
  80. suzyo has left
  81. tobias has joined
  82. jubalh has joined
  83. blipp has left
  84. blipp has joined
  85. dwd has joined
  86. Guus has left
  87. Guus has joined
  88. SouL has joined
  89. SouL has joined
  90. Steve Kille has left
  91. Steve Kille has left
  92. Steve Kille has joined
  93. uc has left
  94. uc has joined
  95. jubalh has left
  96. mhterres has joined
  97. intosi has joined
  98. Valerian has joined
  99. suzyo has joined
  100. Kev has joined
  101. mhterres has left
  102. mhterres has joined
  103. jcbrand has joined
  104. winfried has left
  105. suzyo has left
  106. Yagiza has joined
  107. Flow has joined
  108. Valerian has left
  109. Valerian has joined
  110. Martin has joined
  111. vurpo has left
  112. vurpo has joined
  113. blipp has left
  114. Alex has joined
  115. daniel has left
  116. daniel has joined
  117. jubalh has joined
  118. uc has joined
  119. uc has joined
  120. uc has left
  121. uc has joined
  122. uc has left
  123. uc has joined
  124. Alex has left
  125. uc has joined
  126. uc has joined
  127. winfried has left
  128. Yagiza has joined
  129. Guus has left
  130. Guus has joined
  131. jubalh has joined
  132. Zash has joined
  133. Flow Any BOSH experts in here who can/want comment on https://github.com/igniterealtime/jbosh/pull/4 ?
  134. Zash jonasw: What where when?
  135. Flow zash: CLT in Karl-Marx-Stadt, err, chemnitz: https://chemnitzer.linux-tage.de/2017/de
  136. Flow Ge0rG, daniel and I where there last year
  137. mathieui §W 5
  138. Mancho has left
  139. MattJ Flow, the logic failure is that the client doesn't need to wait for an acknowledgement before it can send more requests (putting aside the normal BOSH rules about multiple open requests)
  140. dwd Flow, What PR#4 is saying doesn't immediately seem wrong - that one could use HTTP responses as acks - but the code doesn't appear to do this, and also what MattJ says.
  141. jere has joined
  142. Yagiza has left
  143. Flow Thanks MattJ, dwd. I think OPs main problem is using BOSH with only one (processing) thread. That will always cause a delay in one of the directions (if I'm not mistaken).
  144. jere has left
  145. jere has joined
  146. Guus has left
  147. Guus has joined
  148. SouL has joined
  149. vurpo has left
  150. vurpo has joined
  151. Zash Blocking HTTP requests?
  152. Valerian has left
  153. uc has left
  154. tobias has left
  155. uc has left
  156. uc has joined
  157. Valerian has joined
  158. Zash has left
  159. Mancho has left
  160. Zash has joined
  161. sonny has left
  162. vurpo has left
  163. vurpo has joined
  164. uc has left
  165. uc has joined
  166. uc has left
  167. uc has joined
  168. suzyo has joined
  169. uc has left
  170. uc has joined
  171. Alex has joined
  172. uc has left
  173. uc has joined
  174. vurpo has left
  175. uc has left
  176. uc has joined
  177. uc has left
  178. uc has joined
  179. daniel Guus: re that openfire connection issue. Is there a chance that the the upgrade somehow caused sasl mechanisms to vanish
  180. daniel Let's say sha1 disappearing for example
  181. uc has left
  182. uc has joined
  183. uc has left
  184. uc has joined
  185. uc has left
  186. uc has joined
  187. jere has joined
  188. Yagiza has joined
  189. Zash http://download.igniterealtime.org/openfire/docs/latest/changelog.html
  190. Flow Zash: blocking http requests?
  191. Zash daniel: some SCRAM changes there, maybe
  192. Zash Flow: Send HTTP request, wait for response before continuing with processing, have a bad time.
  193. Flow well that's what I think is happening in case only one thread is used with jbosh
  194. Zash Oh it's a client side library?
  195. Zash The coffee, it does nothing :|
  196. Zash Hey, Guus or dwd, does Openfire still do DIGEST-MD5?
  197. Zash Given the recent rush to hate on SHA-1, I'm impressed that nobody cares that DIGEST-MD5 is still around.
  198. sonny has left
  199. daniel Zash: well the 24 hours news cycle and the general alarmism applies to it security news as well
  200. Holger My university's server offers only PLAIN so I'm on the safe side.
  201. Link Mauve <3
  202. Flow PSA: Google announces today the accepted GSOC orgs
  203. vurpo has left
  204. vurpo has joined
  205. nyconyco has joined
  206. Flow In 2 h 45 minutes
  207. dwd Zash, DIGEST-MD5's security state hasn't really changed; the biggest weakness remains that you can churn through a lot of MD5's each second, and DIGEST-MD5 only uses three per cycle.
  208. waqas has joined
  209. dwd Zash, The fact it uses MD5 is *almost* irrelevant.
  210. jonasw isn’t it with DIGEST-MD5 that, like with PLAIN, it is enough to listen in on the connection to be able to authenticate as that user later?
  211. jonasw (I haven’t looked into it; it has been deprecated so I didn’t bother implementing it)
  212. Zash glares at daniel
  213. Tobias not to forget the interop issues with digest-md5
  214. vurpo has left
  215. vurpo has joined
  216. Zash dwd: I'm sure we'll receive bug reports about SCRAM-SHA-1 being terrible because SHA-1 is broken soon.
  217. dwd Tobias, Oh, there are lots of problems. But using MD5 isn't really one of them.
  218. dwd jonasw, No, it's not subject to replay.
  219. Tobias dwd, reply with "Patches welcome!" :)
  220. Zash What about active MITM?
  221. dwd Zash, No channel binding, so yeah, an active MITM can work.
  222. dwd Zash, But couldn't replay, still.
  223. uc has left
  224. uc has joined
  225. Zash dwd: I remember there being issues with SCRAM if you could get a client to try to auth with you.
  226. dwd Zash, Only in as much as you can potentially brute-force the SHA-1 and extract the plaintext equiv in a reasonable timeframe these days.
  227. vurpo has left
  228. vurpo has joined
  229. nicolas.verite has left
  230. kalkin has joined
  231. suzyo has left
  232. jonasw has left
  233. Valerian has left
  234. Valerian has joined
  235. kaboom has joined
  236. suzyo has joined
  237. Alex has left
  238. uc has left
  239. Guus has left
  240. uc has joined
  241. Guus has joined
  242. uc has left
  243. uc has joined
  244. winfried has joined
  245. uc has left
  246. tobias has left
  247. kaboom has left
  248. kaboom has joined
  249. SouL has left
  250. SouL has left
  251. sonny has joined
  252. suzyo has left
  253. uc has joined
  254. kaboom has left
  255. suzyo has joined
  256. nicolas.verite has joined
  257. vurpo has left
  258. vurpo has joined
  259. nicolas.verite has left
  260. Alex has joined
  261. Yagiza has joined
  262. vurpo has left
  263. vurpo has joined
  264. xnyhps has left
  265. vurpo has left
  266. vurpo has joined
  267. SouL has joined
  268. xnyhps has left
  269. SouL has left
  270. SouL has joined
  271. kaboom has joined
  272. vurpo has left
  273. vurpo has joined
  274. winfried has left
  275. sezuan has left
  276. sonny has joined
  277. Zash has left
  278. Zash has joined
  279. nyco has left
  280. sonny has left
  281. Valerian has left
  282. Flow narf, google doesn't mention 17:00 UTC any more
  283. vurpo has left
  284. vurpo has joined
  285. daniel has left
  286. sonny has joined
  287. daniel has joined
  288. jere has joined
  289. daniel Flow: the time line still says 1600Z
  290. Flow daniel: here → https://summerofcode.withgoogle.com/how-it-works/ ?
  291. xnyhps has left
  292. jonasw How it works: 1. we freeze your browser because you’re not using chromium (jk)
  293. daniel Flow, https://developers.google.com/open-source/gsoc/timeline
  294. Link Mauve jonasw, loaded quite fast here on Firefox nightly.
  295. jonasw Link Mauve: it behaves oddly when XHR is forbidden :)
  296. jonasw (it blocks instead of reacting on the error O_o)
  297. Link Mauve Weird.
  298. jonasw yes.
  299. suzyo has left
  300. suzyo has joined
  301. vurpo has left
  302. Zash has joined
  303. Steve Kille has left
  304. Steve Kille has joined
  305. Steve Kille has left
  306. Steve Kille has joined
  307. daniel has left
  308. daniel has left
  309. jubalh has joined
  310. uc has left
  311. uc has joined
  312. nicolas.verite has joined
  313. uc has left
  314. uc has joined
  315. sonny has joined
  316. jubalh has left
  317. uc has left
  318. uc has joined
  319. uc has left
  320. uc has joined
  321. nicolas.verite has left
  322. Yagiza has joined
  323. Flow has joined
  324. uc has left
  325. uc has joined
  326. Kev https://summerofcode.withgoogle.com/organizations/6327289865306112/
  327. intosi \o/
  328. dwd \o/
  329. sonny has joined
  330. Zash has joined
  331. daniel Awesome
  332. dwd Tobias, Want to tweet something from @xmpp?
  333. Valerian has joined
  334. dwd (Assuming Tobias is an Approved Tweeter)
  335. Kev I believe he is, yes. I need to get those credentials from Bear at some point.
  336. Tobias sure
  337. Tobias although i don't have any cerdentials
  338. Valerian has left
  339. Valerian has joined
  340. intosi We won't hold it against you.
  341. nicolas.verite has joined
  342. arc Kev: did you get the email yet?
  343. Kev arc: Nope.
  344. Kev I just went straight to the source :)
  345. Steve Kille has left
  346. arc and?
  347. Kev Kev 17:01 https://summerofcode.withgoogle.com/organizations/6327289865306112/
  348. arc nice
  349. Steve Kille has left
  350. tobias has joined
  351. Steve Kille has joined
  352. nyconyco has left
  353. uc has joined
  354. suzyo has left
  355. xnyhps has left
  356. Yagiza has left
  357. arc copyleft games is in too
  358. nicolas.verite has left
  359. arc i'll cross-link xsf on our ideas page for related organizations
  360. dwd I got the email, came here, and Kev had already posted.
  361. arc Kev: you should link xmpp related orgs on the ideas page. it helps steer students in the right direction while they're looking ;-)
  362. tim@boese-ban.de has joined
  363. kaboom are there any restrictions which project/persons can become a gsoc mentor for xsf?
  364. Lance has joined
  365. Valerian has left
  366. Valerian has joined
  367. Steve Kille has left
  368. mhterres has left
  369. Zash has joined
  370. nicolas.verite has joined
  371. Kev arc: If there's stuff you think I should do, can yo umail please?
  372. Kev I'm in the office until Wed night, so my mind is highly lossy at the moment.
  373. intosi has left
  374. Kev And now to dinner...
  375. Kev has left
  376. Tobias has joined
  377. Zash has joined
  378. kaboom has left
  379. Valerian has left
  380. Valerian has joined
  381. Valerian has left
  382. Valerian has joined
  383. Valerian has left
  384. Valerian has joined
  385. Valerian has left
  386. Guus has left
  387. Guus has joined
  388. SamWhited has left
  389. goffi has left
  390. jubalh has joined
  391. jcbrand has left
  392. jonasw has left
  393. jere has joined
  394. jubalh has left
  395. pep. has left
  396. winfried has joined
  397. vurpo has left
  398. Ge0rG Wow, the white house forbids staff to use Signal. http://www.politico.com/story/2017/02/sean-spicer-targets-own-staff-in-leak-crackdown-235413
  399. efrit has joined
  400. xnyhps has left
  401. Martin has left
  402. daniel has left
  403. daniel has joined
  404. SamWhited has left
  405. Valerian has joined
  406. daniel has left
  407. Zash has joined
  408. Valerian has left
  409. daniel has joined
  410. jere has joined
  411. Lance has left
  412. Lance has joined
  413. blipp has left
  414. jere has joined
  415. jere has joined
  416. tobias has left
  417. jubalh has joined
  418. Zash has joined
  419. pep. has left
  420. pep. has left
  421. blipp has joined
  422. Kev has joined
  423. daniel has left
  424. daniel has joined
  425. jubalh has left
  426. jubalh has left
  427. jubalh has joined
  428. jubalh has left
  429. vurpo has left
  430. jubalh has joined
  431. jubalh has left
  432. daniel has left
  433. daniel has joined
  434. daniel has left
  435. daniel has joined
  436. pep. has left
  437. Alex has left
  438. Alex has joined
  439. Guus has left
  440. jonasw has left
  441. Guus has joined
  442. daniel has left
  443. daniel has joined
  444. daniel has left
  445. daniel has joined
  446. winfried has left
  447. Guus has left
  448. daniel has left
  449. daniel has joined
  450. Guus has joined
  451. pep. has left
  452. moparisthebest Ge0rG, as usual the media gets it wrong, the headline anyway, isn't it they were forbidden from leaking private info, meh
  453. moparisthebest that's how I read it anyhow, either way no mention of xmpp/conversations/omemo in there and I don't know whether to be happy or sad about it lol
  454. Guus has left
  455. Guus has joined
  456. Valerian has joined
  457. daniel has left
  458. daniel has joined
  459. pep. has left
  460. pep. has left
  461. kalkin has left
  462. Valerian has left
  463. Valerian has joined
  464. Kev has left
  465. Zash has joined
  466. daniel has left
  467. daniel has joined
  468. Valerian has left
  469. moparisthebest has joined
  470. vurpo has left
  471. Kev has joined
  472. Kev has left
  473. pep. has joined
  474. andrey.utkin|dev has joined
  475. andrey.utkin|dev has left
  476. mimi89999 I heart "fake news" more often in the last several months/year than during my entire life until the election crisis.
  477. moparisthebest has joined
  478. SamWhited has left
  479. sezuan has left
  480. mathieui because "fake news" were just called "lies" before then
  481. nicolas.verite has left
  482. Link Mauve Or conspiracy theories.
  483. Link Mauve Or “conspiracy theories”.
  484. SamWhited has left
  485. mimi89999 has joined
  486. Mancho has left
  487. vurpo has left
  488. vurpo has joined
  489. Mancho has left
  490. Guus has left
  491. Guus has joined
  492. Alex has left