XSF Discussion - 2019-04-30

Subscribe to this channel and share it with your friends! https://www.youtube.com/channel/UCJMr4LzZvisWnfK1Ilk2RnQ?view_as=subscriber

Can anyone ban this jerk

Ops!

!summon MattJ

I would if I knew the JID

heh

/affiliation outcast atomicbutter

My magic powers don't work ;)

Ah, they do now. He's banned.

Or she. Who knows.

anyone on who's familiar with prosody?

Is there some more fornal method of finding out who have power and reporting a distruption in a MUC to them or does it need digging the user list or weird magic?

Arc: yes? :)

mikaela: your client should typically show this info

arc: you should trust this MattJ person, he seems to know the authors of Prosody.

I'm not trusting MattJ, he knows those Prosody authors

It's something of an obsession. I know what one of them had for breakfast.

You're not keeping them in your basement, feeding them breakfast, are you?

MattJ those people are doing Lua things I heard, you should be cautious

uh-o. i let my server certs expire again

Arc, fwiw, I'm seeing two of you.

Arc and arc.

Let me guess, conversation using localpart and not conversation :p

Nicknames are HARD.

Hello.

Ge0rG, yes, everything is hard :/

Hi Mill

I live in a very cencored country, I started using Tor recently. Any tips?

https://doc.poez.io/configuration.html

FWIW we're looking at adding more restrictions to nicks in MUC in Prosody (so case differences only would be disallowed, as well as nicks that could be confused due to unicode, etc.)

I am connecting through port 9150 which is on tor I think.

Any good xmpp servers that don't log?

There is a huge spam problem in Jabber, and servers that don't log typically can't or won't prevent outgoing spam. Trying to be anonymous is hard.

There is wallstreetjabber.biz

I am not sure if they really don't log

you can never be sure

Run your own server if you want to be sure!

Well, how can i do that without revealing my location?

Let's break this down - what are you worried about the server logging?

If it's your IP/location, this is already anonymized by tor

So I don't have to worry about the logging?

If it's message contents you worry about, use OMEMO or OTR (and make sure you verify your contacts' fingerprints)

I added OTR to my client but how to add OMEMO?

And which is better to use?

What you can't prevent is the XMPP server may log your JID (address) and the JIDs you communicate, so just make sure that address can't be linked to your offline identity

depends on which client you use

Both are considered secure, OMEMO tends to work better with XMPP because it supports things like multiple devices

Alright, I am using pidgin, how do I add OMEMO to it?

Running on a Tor/Socks5 proxy Localhost port 9150

Mill, there are a few crappy plugins to choose from. from my experience, none of them work good.

I have OTR installed. If you think pidgin isn't good, what client should I use?

Mill: try gajim or dino

And is using localhost and port 9150 safe?

Yes if all your traffic goes through it. I'm no tor user, I think leaking DNS may be a common issue

I just shut tor and It's still working, did I do something wrong?

do we have protocol to mark a message as "not worthy to create a notification or mark conversation as unread"?

thinking of annotational bot replies to links

type=headline :>

jonas’, I'd love that

Ge0rG, in a MUC?

Sure, just implement special handling in the MUC

Ge0rG, what about MUC->clients?

MattJ: interesting things will happen when a MUC sends type=headline to a client

I'm sure

pidgin will probably show a focus-stealing window \o/

Message Hints got killed for formal reasons, more or less.

“23:29:29 flow> Is there an easy to type character that is not valid in any JID part?”, non-breakable space is both easy to type and invalid in a JID, but gets converted into a space by stringprep.

Ge0rG, how hard are Nicknames, NP or worse?

Worse. That needs people discussing and agreeing on things

Link Mauve, thanks, but am I am really looking for an invalid char, not one that gets mapped into another one

flow, invalid in *all* parts && easy to type is not going to happen I’m afraid

resourcepart allows pretty much all easy to type things

hmm depends on the definition of easy to type ;)

what’s your use-case?

jonas’, saving a cropus of JIDs together with their normalized forms of local- domain- and resourcepart

*corpus

and I am looking for a chracter which acts as separator of the parts

Right now ASCII's unit separator is the best thing I came up with

newline should work too

pretty sure that’s invalid in all JID parts

or tab maybe?

that might be allowed as input in resourcepart (before normalisation) though

hm, the same might hold for newline

jonas’, newline gets also mapped to space

in some parts at least

pity

your best bet is probably using a structured file format with escaping

such as XML or JSON

jonas’, I tried to avoid that

although I’d suggest to NOT use JSON because its unicode support is terrible

flow, you could base64 all the parts

or do it like ldif, base64 only those parts which contain meta-characters used in your file format and prefix those with a colon or something ;)

jonas’, my goal was that the corpus file is directly editable and viewable

I suggest going with ASCII Record Separators.

> your best bet is probably using a structured file format with escaping > such as XML or JSON This is what I said.

Ok, I just installed Monal as suggested yesterday but I still can't see any history for one-to-one messages that took place on other clients. Again, Slack does this very well.

is <thread> still used in <message> ?

jubalh, not really

pdurbin, were you using OMEMO?

And/or does your server support archiving / MAM?

I don't know. Maybe. I'm new to using XMPP again after 10 years off. I do think that perhaps Conversations especially likes to use OMEMO.

yeah, it’s enabled by default by default I think

How can I tell if my server (FSF's server) supports MAM?

conversations tells you that, check the account settings, three-dot-menu -> show server details or something like that

jonas’, what was it ever used for? i dont quite get how it woul be presented visually in a client

jubalh, other chat systems do have the notion of threads

For the FSF server it says "XEP-0313: MAM unavailable." :(

jonas’, emails yeah, but was there any xmpp client having this? what did it look like?

I’m not saying XMPP

I read what you say

i'm not blind dude

but did you read my question?

no, there was no XMPP client

as far as I know

Process One's allowed concurrent discussion threads.

I see, thanks. So it was more like in the original spec <thread> was described but this was actually never used/implemented

zulip is a chat system (which is not XMPP) which does have threads ✏

I remember them making a big deal about it at the time.

I see, I'll have to look that up

XMPP/Jabber was supposed to bridge all the various chat systems together, and thus needed a way to transport thread info from those.

ok, makes sense. i just read about it in "practical xmpp" and it sounded like it was a thing in XMPP IM. but now I understand what was meant

IIRC (Google|Apache) Wave was also using <thread/>

> This server could not prove that it is mail.jabber.org; its security certificate expired 2 days ago. Is that an iteam thing or a jabber.org thing?

MattJ: maybe you know? ^

iteam, and I'm looking at it.

intosi: thanks

Speaking of iteam. Are we using Docker / Docker Hub for our website builds?

I believe so?

yes

https://thenewstack.io/docker-hub-compromised-users-urged-to-reset/

ah yes, I meant to look into that when I got the email

looks as if everything is still linked up correctly

does that mean we were not compromised because our infra wasn't reset?

didn’t they only lose some user data?

https://twitter.com/kennwhite/status/1122247298438844416

I don't know, I didn't look into it

The cert of mail.jabber.org has been renewed.

Ta.

Thanks, intosi. I looked at that last night but ran into Python issues.

Yeah, so did I. I used our mutual friend eos to help out.

aha :-)

Well, this is fun. I'm now unemployed.

is that a good thing?

?

Fashion wasn't agreeing with you?

You solved all the problems in fashion and they didn't need you anymore?

I didn't agree with fashion. :-)

Zash, Actually, yes, that. We'll go along with that.

> I didn't agree with fashion. :-) I'm no longer allowed to make that statement.

Unemployment was unexpected?

Well, I initiated the departure, but it's all happened mighty quick. Which is a good thing, all things considered.

Anyway, I must go cook dinner, I just thought I'd share my Affiliation Change.

Good luck!

Tomorrow I get to find out who this "Jeremy Kyle" person is that everyone keeps telling me I should watch.

dwd, well, good luck to you :)

dwd: good luck with daytime TV :)

I for one welcome back our project leading overlord. 😁

So we are going to see more agendas published in time for Meetings, then? Congratulations and/or sympathies, in the appropriate mix, to dwd

Mix. Pun intended?

No, I'm an evil sarcastic bastard, but sometimes I pretend to feign human emotion. And in this case I just didn't see the opportunity...