XSF Discussion - 2020-02-18


  1. moparisthebest has joined
  2. Shell has left
  3. greenhive-jp has joined
  4. debacle has left
  5. greenhive-jp has left
  6. karoshi has left
  7. Ellenor Malik has left
  8. ellenor has left
  9. ellenor has joined
  10. Ellenor Malik has joined
  11. Ellenor Malik XMPP over XMPP
  12. pdurbin has joined
  13. greenhive-jp has joined
  14. greenhive-jp has left
  15. SubPub has joined
  16. krauq has left
  17. arc has joined
  18. mtavares has left
  19. mtavares has joined
  20. pdurbin has left
  21. SubPub has left
  22. moparisthebest has left
  23. krauq has joined
  24. pdurbin has joined
  25. arc has left
  26. arc has joined
  27. pdurbin has left
  28. arc has left
  29. arc has joined
  30. mukt2 has joined
  31. lskdjf has left
  32. zukzuk has joined
  33. mukt2 has left
  34. Yagiza has joined
  35. mukt2 has joined
  36. waqas has joined
  37. pdurbin has joined
  38. SubPub has joined
  39. arc has left
  40. arc has joined
  41. Nekit has joined
  42. zukzuk has left
  43. adiaholic has left
  44. adiaholic has joined
  45. mukt2 has left
  46. arc has left
  47. mtavares has left
  48. mtavares has joined
  49. andy has joined
  50. andy has left
  51. andy has joined
  52. lorddavidiii has joined
  53. Stefan has joined
  54. Stefan has left
  55. debxwoody has joined
  56. mimi89999 has left
  57. mimi89999 has joined
  58. Tobias has joined
  59. SubPub has left
  60. paul has joined
  61. Nekit has left
  62. Nekit has joined
  63. emus has joined
  64. mukt2 has joined
  65. SubPub has joined
  66. andy has left
  67. mukt2 has left
  68. vanitasvitae has left
  69. vanitasvitae has joined
  70. wurstsalat has joined
  71. j.r has left
  72. emus has left
  73. emus has joined
  74. Max has left
  75. Max has joined
  76. andy has joined
  77. mukt2 has joined
  78. karoshi has joined
  79. jonas’ Ge0rG, in-band
  80. jonas’ Ge0rG, out-of-band
  81. Ge0rG jonas’: you still have three weeks to reapply!
  82. Daniel jonas’: if you come to the meetup on Thursday I can remind you oob
  83. Marc has left
  84. andrey.g has left
  85. mukt2 has left
  86. Marc has joined
  87. emus has left
  88. emus has joined
  89. j.r has joined
  90. j.r has left
  91. j.r has joined
  92. j.r has left
  93. mathijs has left
  94. mathijs has joined
  95. j.r has joined
  96. Steve Kille has left
  97. j.r has left
  98. j.r has joined
  99. j.r has left
  100. j.r has joined
  101. LNJ has joined
  102. mukt2 has joined
  103. Steve Kille has joined
  104. mukt2 has left
  105. jonas’ Ge0rG, no? reapplications close on Feb 23rd
  106. jonas’ Daniel, that’d mean leaving the house
  107. jonas’ I suppose
  108. andrey.g has joined
  109. mathijs has left
  110. mathijs has joined
  111. krauq has left
  112. debacle has joined
  113. lorddavidiii has left
  114. mukt2 has joined
  115. lorddavidiii has joined
  116. Ge0rG jonas’: I'm sorry, you are right
  117. jonas’ nice try to get me kicked out of council! ;)
  118. MattJ Heh
  119. Ge0rG jonas’: not just you! :P
  120. serge90 has left
  121. serge90 has joined
  122. debxwoody has left
  123. mukt2 has left
  124. waqas has left
  125. LNJ has left
  126. LNJ has joined
  127. goffi has joined
  128. Marc has left
  129. Marc has joined
  130. krauq has joined
  131. mukt2 has joined
  132. DebXWoody has left
  133. DebXWoody has joined
  134. krauq has left
  135. nyco has joined
  136. Dele Olajide has joined
  137. debacle has left
  138. lorddavidiii has left
  139. lorddavidiii has joined
  140. Alex has joined
  141. pep. https://github.com/xsf/xmpp.org/pull/679 Anybody with superpowers to review plz? :)
  142. Ge0rG > The next Summit will happen next year. 😁
  143. emus Have you hear that the BND is financing open source projects with 5000€ similar to GSoC?
  144. Ge0rG Yes.
  145. dwd That's the German Foreign Intel agency?
  146. vanitasvitae emus: yeah
  147. Ge0rG dwd: yes
  148. pep. Ge0rG, I'm very hopeful!
  149. dwd I suppose it's possible that XMPP projects would be favoured there.
  150. mukt2 has left
  151. Ge0rG dwd: the ones that were "recently" uncovered to have backdoored Crypto AG
  152. mukt2 has joined
  153. Ge0rG (the involvement was known since 1997, but apparently it's big news in 2020)
  154. dwd Ge0rG, Hah. That's such an old story, and moreover a repeated pattern that's been occurring since after WW2.
  155. Ge0rG dwd: indeed
  156. edhelas > BND financing open source projects > OMEMO:2 incoming > 🤔
  157. dwd Ge0rG, First case I'm aware of is the UK selling Enigma systems post-war. However, I have a suspicion that there's a similar case after the Napoleonic wars.
  158. pep. edhelas, conspiracy!
  159. dwd edhelas, I'm not sure that wold be relevant. It's unclear to me if that would fit the threat model.
  160. pep. Daniel is an undercover agent
  161. dwd edhelas, I'm not sure that would be relevant. It's unclear to me if that would fit the threat model.
  162. pep. oops
  163. krauq has joined
  164. dwd edhelas, In particular, BND presumably do trust their server, and probably more than the mobile devices used in the field.
  165. vanitasvitae edhelas: shhhh
  166. pep. Curious to know if there's anything you can do to prevent messages leaking once a terminal is compromised :x (as long as it's not known to be)
  167. dwd pep., It's more that if you think a device might be compromised, with OMEMO/Signal/etc the device has a cleartext archive, whereas without it won't and you can cut access to the server-side archive.
  168. mathijs has left
  169. pep. without what e2ee it won't have a cleartext archive?
  170. pep. I'm not sure I understand
  171. pep. You mean the client won't explicitely store locally?
  172. lskdjf has joined
  173. dwd pep., For example, with WhatsApp, the device stores a database of all the message history.
  174. dwd pep., Whereas with Pando (for example) we explicitly don't, and instead pull that from the server.
  175. pep. That doesn't mean it doesn't see the cleartext messages
  176. dwd pep., Sure. But there's a matter of the effect of a compromise post-discovery.
  177. mathijs has joined
  178. pep. (you kinda have to, I don't have bionic e2ee-capable eyes)
  179. dwd pep., The question isn't who and what device can see the messages. The question is where the archive is kept at rest.
  180. pep. Well this assumes you have any doubts
  181. dwd pep., Well, only in as much as if someone compromises a device without your knowing all bets are off no matter what you do.
  182. pep. what I said above :)
  183. dwd pep., So not much point in considering that case. Instead, consider the cases where endpoint compromise is known.
  184. dwd pep., And decide which you think is the greater risk - for some, that'll be the server being compromised, for others, the client. Which you feel is the bigger risk means you might want OMEMO-style encryption or not.
  185. pep. Sure there's a point in considering it as well. It's certainly a lot easier to get a hold of a user terminal when that user is targetted. When the user is not targetted directly and people are just interested in data, it's probably faster to try and compromise the server and I bet there's lots of servers not that good security-wise
  186. dwd pep., Right, but for a foreign intel agency, I would suspect the risk of a compromised client is probably higher.
  187. dwd pep., Same for us, actually. I believe the risk of a community nurse leaving their phone in a patient's house is higher than someone breaking into our servers.
  188. dwd pep., But that won't be the same for everyone, of course.
  189. pep. Who knows.. One would hope they employ capable people and they give us the freedom to act
  190. pep. Who knows.. One would hope they employ capable people and they give them the freedom to act
  191. nyco-2 has joined
  192. adiaholic has left
  193. larma has joined
  194. adiaholic has joined
  195. Zash Myeah, forgetting my phone somewhere does seem more likely than someone breaking into my server room and/or server.
  196. dwd Zash, But if you ran your server for thousands on people, the risk profile might change.
  197. dwd Zash, But if you ran your server for thousands of people, the risk profile might change.
  198. dwd Zash, For you, if not for your users.
  199. Zash I don't, so my users == { me }
  200. lorddavidiii has left
  201. dwd My best understanding of why WhatsApp have encryption is to protect themselves from subpoena activity, not for security for their users as such.
  202. Zash Makes sense.
  203. lorddavidiii has joined
  204. lorddavidiii has left
  205. eevvoor has joined
  206. lorddavidiii has joined
  207. adiaholic has left
  208. adiaholic has joined
  209. lorddavidiii has left
  210. lorddavidiii has joined
  211. lorddavidiii has left
  212. eevvoor has left
  213. lorddavidiii has joined
  214. emus vanitasvitae, Ge0rG: I mean lets take away their money - modern problems need modern solutions :)
  215. mukt2 has left
  216. mukt2 has joined
  217. Ge0rG dwd: it has helped very much, hasn't it? https://www.reuters.com/article/us-facebook-brazil/facebook-executive-jailed-in-brazil-as-court-seeks-whatsapp-data-idUSKCN0W34WF
  218. pep. Open reuters > Get visually agressed by cookies' consent bs > Manage consent > JS error..
  219. Ge0rG has the "I don't care about cookies" extension and didn't notice anything
  220. pep. I have a similar extension but I still get their annoying popup
  221. Dele Olajide has left
  222. nyco-2 has left
  223. nyco-2 has joined
  224. Dele Olajide has joined
  225. lorddavidiii has left
  226. lorddavidiii has joined
  227. lorddavidiii has left
  228. lorddavidiii has joined
  229. mukt2 has left
  230. Alex has left
  231. Douglas Terabyte has left
  232. paul has left
  233. eevvoor has joined
  234. mukt2 has joined
  235. pdurbin has left
  236. rion has left
  237. rion has joined
  238. mukt2 has left
  239. mukt2 has joined
  240. moparisthebest has joined
  241. Douglas Terabyte has joined
  242. eevvoor has left
  243. mukt2 has left
  244. mukt2 has joined
  245. Alex has joined
  246. mukt2 has left
  247. Neustradamus I have a little request, can you open: https://nl.movim.eu/?feed/pubsub.movim.eu/Movim When you click on the publication titles, have you the publication or other?
  248. eevvoor has joined
  249. MattJ I get prompted to download the atom feed
  250. pep. Firefox?
  251. MattJ Yes
  252. pep. I'm not sure browsers parse this correctly anymore.. curl tells me "content-type: application/atom+xml; charset=UTF-8" so that's correct right?
  253. Neustradamus Thanks guys, you have confirmed the problem to edhelas, I am not alone ;)
  254. pep. Neustradamus, I'd say your client is the issue. Use a proper feed reader
  255. edhelas the problem is that the feed reader is not taking the alternate + text/html
  256. edhelas but only the first alternate, that is kinda an issue; so i'll fix that one
  257. Neustradamus The problem is linked to (for example): </content> <link rel="enclosure" type="image/png" href="https://upload.movim.eu/files/9d94237298995552fa13436420195fbca436dce7/jDBsJ9BW7g66gCZ3G3ARICSq5T3dsAg9j75CnNOr/image.png"/> <link rel="alternate" href="https://upload.movim.eu/files/9d94237298995552fa13436420195fbca436dce7/jDBsJ9BW7g66gCZ3G3ARICSq5T3dsAg9j75CnNOr/image.png"/> <link rel="alternate" type="text/html" href="https://nl.movim.eu/?node/pubsub.movim.eu/Movim/87633da7-3963-4923-aabc-54ac5f6ad1d8"/> </entry>
  258. pep. edhelas, if that's a problem to you then then I think it's before that.
  259. pep. HTTP Headers
  260. edhelas Neustradamus I actually told you 2min ago that I will fix the issue, why bothering the people here about that ?
  261. Neustradamus edhelas: I sent here before you understand the problem
  262. edhelas also, Atom implementation in Movim is definitly not a topic related to this chatroom
  263. mukt2 has joined
  264. Neustradamus edhelas: I can not join the main mucroom ;)
  265. pep. yes you've been banned, for reasons one can understand
  266. paul has joined
  267. Neustradamus I know that some people do not like when we inform about problems, we can see a new time today. If no people inform, no solution ;)
  268. MattJ Sometimes it's not about the information, but about the delivery
  269. eevvoor has left
  270. mukt2 has left
  271. mathijs has left
  272. mathijs has joined
  273. mathijs has left
  274. mathijs has joined
  275. Dele Olajide has left
  276. Dele Olajide has joined
  277. nyco-2 has left
  278. nyco-2 has joined
  279. mukt2 has joined
  280. pdurbin has joined
  281. nyco-2 has left
  282. nyco-2 has joined
  283. Alex Reminder that the current application period ends by the end of this week. In case you want to appy, recruit someone to apply, or need to reapply: https://wiki.xmpp.org/web/Membership_Applications_Q1_2020 Thanks
  284. Daniel jonas’: ^
  285. mukt2 has left
  286. mukt2 has joined
  287. mukt2 has left
  288. mukt2 has joined
  289. mukt2 has left
  290. mukt2 has joined
  291. LNJ has left
  292. LNJ has joined
  293. pdurbin has left
  294. mukt2 has left
  295. Guus Daniel is yours a haiku? 🙂
  296. Wojtek has joined
  297. Zash has left
  298. jonas’ application done, thanks
  299. Zash has joined
  300. dwd jonas’, Any chance we can last call XEP-0345 again? I have no idea what happened to it last time. Board, BTW, not Council.
  301. serge90 has left
  302. pep. It's be voted in by board
  303. pep. Last board
  304. dwd pep., Has it? Showing as Proposed, currently.
  305. pep. I was the only one to answer the LC and board didn't take that into account anyway
  306. jonas’ I must’ve missed that one, can you dig up records?
  307. dwd pep., And LC ending over two years ago.
  308. pep. hmm when was that again..
  309. moparisthebest again, many people aren't getting all mailing list posting because xsf's mailmain still breaks DKIM and SPF and therefore DMARC
  310. moparisthebest I get maybe half of the emails sent to the list, it depends on the email settings of the sender
  311. moparisthebest (please fix mailmain)
  312. jonas’ I love how those "anti spam" technologies break valid usecases while not preventing spam.
  313. jonas’ but yeah, we should probably get that fixed
  314. serge90 has joined
  315. moparisthebest why do I keep typing mailmain instead of mailman...
  316. Zash Those aren't anti-spam
  317. jonas’ AFAIK it involves: - Turn off the footer - Turn off the subject prefix - Enable the masquerading of From for DMARC-protected domains
  318. moparisthebest so dmarc allows a pass if *either* SPF or DKIM passes, you can't not break SPF, so if you simply stop breaking DKIM that should fix everything
  319. nyco-2 has left
  320. moparisthebest which yes, turn off footer and subject prefix
  321. jonas’ it will fix everything related to DMARC, but break the UX
  322. moparisthebest make sure the List-Unsubscribe header is set, and you'll be golden
  323. jonas’ can we get a mailman admin, please?
  324. pep. What are the cons again of validating dkim at the mailing list level and having the mailing list then do dkim itself? Not being able to validate end-to-end?
  325. jonas’ cc @ MattJ
  326. jonas’ pep., the cons are that it doesn’t help
  327. pep. how so
  328. jonas’ (also, operational cost)
  329. jonas’ pep., you still break the DKIM signature of the original sender
  330. Zash Just masquerade the Sender and be done with it
  331. pep. You remove it even. The list signs itself
  332. moparisthebest you can do that too ^
  333. moparisthebest I mean, instead
  334. jonas’ pep., and then the receiver looks up the DMARC record and sees that there should be a signature for that sender
  335. pep. jonas’, the sender being the list?
  336. jonas’ depends
  337. jonas’ I always get confused with Sender vs. MAIL-FROM vs. From:
  338. jonas’ and also Return-Path
  339. mukt2 has joined
  340. Zash From is purely metadata, you can put whatever you want there
  341. pep. Well Return-Path is the list here, and I'd put both enveloppe and the other as the list anyway and sign with the list.
  342. Zash != routing data
  343. jonas’ pep., requires setting up and maintaining a DKIM thing though
  344. pep. If I want to validate who sent what I'd use normal gpg signing
  345. jonas’ pep., yeah, tell that please to the DKIM idiots
  346. pep. not what I'm saying
  347. Zash pep.: Footers can break gpg tho
  348. jonas’ Zash, they’re attached as separate text/plain part
  349. Zash Right. Not on every list tho.
  350. pep. I always assume DKIM allows us to validate point-to-point. I'd expect the list to do the validation always, not a host at the other end of the chain
  351. Zash *mumble* Google Groups
  352. pep. assumed*
  353. moparisthebest I get people have opinions re: DKIM/SPF/DMARC but that's not really relevant, they are a thing most email providers implement, and if we want most people to be able to recieve mail to the list, it has to be fixed
  354. jonas’ moparisthebest, yeah, help me get hands on a mailman admin
  355. pep. moparisthebest, yeah I'm proposing a practical solution :p
  356. jonas’ pep., setting up and maintaining OpenDKIM is *not* practical
  357. jonas’ (on the XSF resource budget either way)
  358. pep. semantics
  359. pep. Meaning I'm not just talking about protocols because I like to talk about protocols
  360. moparisthebest (I run rspamd which does DKIM+SPF+DMARC+spam stuff automatically, and is easier to set up than opendkim+spf+spamassassin+amavisd+everything else)
  361. jonas’ I love especially how rspamd depends on redis, but doesn’t support redis clusters.
  362. moparisthebest but beside the point, there are basically 2 ways it can be fixed: 1. stop breaking DKIM signatures (don't add footer or mangle subject) 2. send from xmpp domain instead
  363. moparisthebest the XSF mail server *should* already be validating dmarc/dkim/spf or it can be used to forward unauthorized mail/spam
  364. moparisthebest does anything actually stop me from sending mail as a board member to a board-only mailing list?
  365. jonas’ moparisthebest, this is a question I’ve been asking myself for quite some time and which I wanted to pen-test after having asked board, but I never got around to actually do that.
  366. moparisthebest what's the official way to get that on the board's agenda as a question?
  367. jonas’ send a message to board@
  368. jonas’ someone will hopefully fish it out of the moderation queue
  369. pep. moparisthebest, "as a board member"?
  370. jonas’ aside from that I may still have +w on the board trello, or you can ask pep. who’s on board, too.
  371. pep. I don't think you can send stuff to board@ if you're not subscribed can you?
  372. moparisthebest pep., like, impersonating your email for instance
  373. jonas’ pep., but the subscription only checks From
  374. jonas’ (or maybe Sender)
  375. pep. ah I see
  376. pep. We're not using board@ anyway, and I don't like it
  377. moparisthebest and if it doesn't do dkim/dmarc/spf or something, then I can happily send "official board emails" from ralphm or pep. or whoever
  378. pep. So you can send what you want. Plus I always sign my emails :P
  379. jonas’ email from is not to be trusted. news at 11.
  380. mathijs has left
  381. mathijs has joined
  382. pep. yeah
  383. moparisthebest right, and all those are terrible hacks to add authentication to it :/
  384. pep. yes
  385. moparisthebest it's getting better, but hacking that on after the fact is rough
  386. moparisthebest also ARC incoming...
  387. moparisthebest http://arc-spec.org/ ^
  388. pep. dwd, MR 20190307T15:16:48Z 000 <ralphm>  motion carries. Let the Editors go through to the mechanics to move XEP-0345 to Active.
  389. mukt2 has left
  390. MattJ http://logs.xmpp.org/xsf/2019-03-07#2019-03-07-e58b19e060a046e8
  391. pep. I was looking for that
  392. jonas’ ah, that’s clearly my fault
  393. jonas’ fixing that now
  394. pep. It's indeed not been processed by editors, but I wouldn't go as far as saying it's your fault. There are many other editors :x
  395. jonas’ were there back then though?
  396. pep. No, but there are others
  397. jonas’ reminds me to ask board to clean up editor membership
  398. pep. yeah
  399. mukt2 has joined
  400. jonas’ I abused my privileges to create https://trello.com/c/8Q5XQWks/388-clean-up-editor-team-memberships
  401. pep. how dare you
  402. pep. Thanks, looks good
  403. adiaholic has left
  404. adiaholic has joined
  405. eevvoor has joined
  406. dwd I always sign my emails too - I put "Dave." at the bottom.
  407. Alex has left
  408. SubPub has left
  409. pep. Indeed. Just like signatures we use on legally binding documents, it's been proven it works very well
  410. Alex has joined
  411. pep. (I had a hard time making it less sarcastic)
  412. lovetox has joined
  413. wojtek has joined
  414. jonas’ Subject: [Standards] ACTIVE: XEP-0345 (Form of Membership Applications)
  415. wojtek has left
  416. jonas’ there we go
  417. pep. Thanks :)
  418. jonas’ ah, I need to re-last-call '402
  419. mukt2 has left
  420. serge90 has left
  421. serge90 has joined
  422. calvin has joined
  423. lovetox dwd, the example in 402 for publish options is not the best
  424. lovetox you use max_items = 10000
  425. lovetox if you are a new client and there are existing bookmarks, this results 99% in a failed publish
  426. dwd lovetox, PRs welcome. I didn't actually write that one, I think Link Mauve did (he actually wrote most of that spec at this point, we should make him an author).
  427. Daniel Yeah I think that probably predates the max thing in pubsub
  428. lovetox ah k, yeah we should change that, there is a new max-items=max in pbusub
  429. lovetox though this probably also will fail, because no server supports that yet
  430. Daniel And having a 'magic' number was the best we good do before
  431. Zash Ugh
  432. Daniel Yes 'atomic bookmarks in pep' probably just depends on max being supported
  433. Daniel Which should be mentioned somewhere
  434. Ge0rG has the "max" bike shedding settled yet?
  435. dwd Daniel, "PEP Native Bookmarks". I bikeshedded the name a bit further.
  436. Ge0rG IIRC there was a revamp by server developers who objected because "max" is not a valid integer
  437. jonas’ dwd, though I consider that name slightly confusing
  438. jonas’ I plan to bikeshed on that one
  439. Daniel Yes you can name it whatever you want as long as it's called atomic bookmarks in pep
  440. dwd Daniel, NUCLEAR BOOKMARKS
  441. Zash QUANTUM BOOKMARKS
  442. Daniel That's a compromise I can live with
  443. Ge0rG http://www.quickmeme.com/img/ab/ab32ca63f3cf210c253a92780beda430d37b32bc0cc9e8a9856d1c2f72d8b56a.jpg
  444. Ge0rG Did we have "Schrödinger's Bookmarks" yet?
  445. dwd Ge0rG, Heisenberg's Bookmarks? You know how to store them or what they are, but not both?
  446. Ge0rG dwd: I appreciate that. +1
  447. Ge0rG Also what's the dance I need to perform to determine whether PEP on my server is persistent?
  448. Ge0rG (as in: stored to disk, not to RAM)
  449. krauq has left
  450. Daniel I think there is a feature
  451. mukt2 has joined
  452. Ellenor Malik > dwd has written: > edhelas, In particular, BND presumably do trust their server, and probably more than the mobile devices used in the field. Trusting the server does not seem like a viable threat model ever
  453. Zash Ge0rG, `#persistent-items` maybe?
  454. pep. I'd like the max_items=max thing to be settled so that we can actually use the feature :x
  455. Zash But muh validation code :(
  456. Ge0rG I wouldn't be opposed to make `-1` the new max.
  457. pep. I'll let you bikeshed the thing, I just need the feature
  458. Ge0rG because max_items=0 can obviously mean "you shall not pass", but -1 is actually something like "unlimited" in computerese
  459. Ge0rG But I suppose the author is already fed up with the unicode discussion
  460. dwd Ellenor Malik, At all? Ever? I trust my server because it's in the same room as me right now, and only I have access.
  461. Ellenor Malik Never ever.
  462. dwd Ellenor Malik, For anything?
  463. Ge0rG dwd: but you are not always in that room, are you?
  464. dwd Ge0rG, Pretty much. :-)
  465. Ge0rG dwd: I've heard rumors of you being in Brussels and not having your server room around you
  466. dwd Ge0rG, Lies.
  467. dwd Ge0rG, And/or a clone.
  468. Ge0rG maybe your server is an evil twin now.
  469. Ellenor Malik "Only I have access." Only true if you built the processor, hard disk, and everything yourself.
  470. Ge0rG or maybe the evil twin was in Brussels indeed, and told people embarassing stories about the origins of your na,e
  471. Ge0rG or maybe the evil twin was in Brussels indeed, and told people embarassing stories about the origins of your name
  472. jonas’ Ellenor Malik, so you can’t trust the client either. Your argument is invalid.
  473. dwd Ellenor Malik, OK, but the same goes for your client device, so you're saying nobody can trust anything, and we may as well all go home.
  474. jonas’ ^5, dwd
  475. Ellenor Malik > jonas’ has written: > Ellenor Malik, so you can’t trust the client either. Your argument is invalid. to be clear, the first part does not imply the second part
  476. Ellenor Malik it's best to trust as few links as possible
  477. dwd Ellenor Malik, Yes, I agree, keep the attack surface low etc. I just suggested that there were cases where the risk to the client device was higher than the risk to the server.
  478. dwd Ellenor Malik, Certainly not true in all cases.
  479. Ellenor Malik encrypt everything to the best of your ability
  480. dwd Ellenor Malik, Encryption doesn't solve any problems, though, it just moves problems around.
  481. Daniel If the BND can't trust their servers they probably have bigger issues
  482. dwd Daniel, Right, that.
  483. dwd Daniel, Well. Actually it's not that simple. But they probably trust the server more than the clients at least.
  484. Ellenor Malik assuming you can partially trust the endpoints, encryption makes problems smaller
  485. pep. Ellenor Malik, "it depends"
  486. pep. on the making problems smaller part
  487. Daniel Also something something accountability
  488. dwd Ellenor Malik, No, I disagree. The BND might not even trust its *users* as much as its server.
  489. mukt2 has left
  490. Maranda has left
  491. lovetox what is the idea behind
  492. Maranda has joined
  493. lovetox <conference xmlns='urn:xmpp:bookmarks:1'/> is a valid bookmark?
  494. lovetox why would someone publish this, and what should i do with that if i receive it
  495. dwd lovetox, The pubsub item id gives you the jid, remember.
  496. lovetox ahh
  497. lovetox kk thanks
  498. dwd lovetox, So probably quite obvious if you actually see it in the wild.
  499. edhelas has left
  500. edhelas has joined
  501. LNJ has left
  502. mukt2 has joined
  503. LNJ has joined
  504. mathijs has left
  505. mathijs has joined
  506. Dele Olajide has left
  507. Dele Olajide has joined
  508. mathijs has left
  509. mathijs has joined
  510. krauq has joined
  511. calvin has left
  512. lovetox has left
  513. LNJ has left
  514. LNJ has joined
  515. mathijs has left
  516. mathijs has joined
  517. calvin has joined
  518. mathijs has left
  519. calvin has left
  520. calvin has joined
  521. lovetox has joined
  522. Nekit has left
  523. calvin has left
  524. mukt2 has left
  525. Steve Kille has left
  526. Max has left
  527. goffi has left
  528. mukt2 has joined
  529. debacle has joined
  530. lovetox has left
  531. lovetox has joined
  532. Max has joined
  533. pdurbin has joined
  534. eevvoor has left
  535. Steve Kille has joined
  536. LNJ has left
  537. nyco-2 has joined
  538. LNJ has joined
  539. mathijs has joined
  540. Dele Olajide has left
  541. pdurbin has left
  542. Dele Olajide has joined
  543. mukt2 has left
  544. mukt2 has joined
  545. Tobias has left
  546. Tobias has joined
  547. rion has left
  548. rion has joined
  549. calvin has joined
  550. Dele Olajide has left
  551. Dele Olajide has joined
  552. Dele Olajide has left
  553. Dele Olajide has joined
  554. Dele Olajide has left
  555. Dele Olajide has joined
  556. mathijs has left
  557. larma has left
  558. mukt2 has left
  559. mukt2 has joined
  560. mathijs has joined
  561. waqas has joined
  562. Nekit has joined
  563. larma has joined
  564. Dele Olajide has left
  565. sonny has left
  566. mathijs has left
  567. lovetox has left
  568. Marc has left
  569. Marc has joined
  570. mukt2 has left
  571. mathijs has joined
  572. Yagiza has left
  573. paul has left
  574. Marc has left
  575. Marc has joined
  576. lovetox has joined
  577. lovetox has left
  578. lovetox has joined
  579. calvin has left
  580. calvin has joined
  581. wojtek has joined
  582. adiaholic has left
  583. wojtek has left
  584. Wojtek has left
  585. paul has joined
  586. Wojtek has joined
  587. calvin has left
  588. Nekit has left
  589. nyco-2 has left
  590. nyco-2 has joined
  591. nyco-2 has left
  592. sonny has joined
  593. Tobias has left
  594. karoshi has left
  595. karoshi has joined
  596. lovetox has left
  597. LNJ has left
  598. greenhive-jp has joined
  599. pdurbin has joined
  600. greenhive-jp has left
  601. pdurbin has left
  602. debacle has left
  603. Douglas Terabyte has left
  604. Wojtek has left
  605. paul has left
  606. moparisthebest vanitasvitae: (re: a/v) not even an Android phone or any laptop with internet and jitsi meet?
  607. vanitasvitae moparisthebest: we could try that, but I doubt it will be as good as Cisco's teleconferencing.
  608. moparisthebest WebEx is considered good???? Yikes
  609. vanitasvitae We'll see if we come up with something on site :)
  610. lorddavidiii has left
  611. mimi89999 has left
  612. mimi89999 has joined
  613. emus has left
  614. sonny has left